Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jy-Nc-ngIrXPYHAGJyhfPbZ9uQc.roa
File: jy-Nc-ngIrXPYHAGJyhfPbZ9uQc.roa (raw, json)
Hash identifier: yin+NZ7HvZv1ueFRXxGdj3dWddbiOK/Phl3O9sPy2Ng=
Subject key identifier: 8F:2F:8D:73:E9:E0:22:B5:CF:60:70:06:27:28:5F:3D:B6:7D:B9:07
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01909AD6000358555369382FD2BA4CD671DC
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jy-Nc-ngIrXPYHAGJyhfPbZ9uQc.roa
Signing time: Wed 10 Jul 2024 04:10:34 +0000
ROA not before: Wed 10 Jul 2024 04:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9a:d6:00:03:58:55:53:69:38:2f:d2:ba:4c:d6:71:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 10 04:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f2f8d73e9e022b5cf60700627285f3db67db907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e8:43:37:2f:a3:43:b0:c9:aa:de:93:cc:e8:
58:fc:5b:90:b8:5e:0d:2e:5f:30:f2:a6:b0:65:a0:
61:a1:b2:a0:06:0b:6c:0f:a1:85:eb:08:4a:33:9d:
7c:b4:fd:10:0a:35:7f:d9:06:d5:d3:58:ea:02:3a:
27:ba:fe:79:f3:aa:a2:e8:83:67:d3:38:4b:51:bf:
b5:7d:ee:6f:24:47:29:8b:25:ae:9c:3e:88:64:9c:
bb:9f:fd:80:60:2f:12:72:e7:e0:09:b8:59:86:eb:
fc:e5:2b:97:97:4f:fc:47:79:82:5b:93:b2:26:64:
fd:95:1d:09:2b:9c:cf:a4:21:df:61:53:06:78:88:
a3:55:9c:e9:86:81:3c:8e:a1:ff:92:8b:a1:e7:fb:
05:3d:5a:a9:79:29:90:6a:fe:c4:a8:6b:af:a5:29:
f8:58:3a:37:30:95:93:48:59:e6:4b:27:c2:fd:46:
57:8c:78:22:14:b1:ce:8d:1d:fc:e6:03:7d:d1:20:
b3:19:05:1e:e8:16:9a:ea:42:04:28:06:fc:e3:f8:
17:7b:7b:4e:ed:06:db:d1:2c:8a:b0:d9:73:1a:8d:
76:e4:96:9f:3a:9a:86:d0:a7:16:96:35:48:f5:0a:
fd:f0:45:08:a4:a8:ed:1d:bb:fb:a6:43:85:73:15:
04:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2F:8D:73:E9:E0:22:B5:CF:60:70:06:27:28:5F:3D:B6:7D:B9:07
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jy-Nc-ngIrXPYHAGJyhfPbZ9uQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:1b:c7:e1:fb:09:c7:5b:76:1b:84:c5:a9:ac:b9:b5:44:49:
59:7d:19:54:5a:37:b2:7a:7c:4b:58:76:93:d7:a6:21:8a:8d:
a9:26:81:b2:29:a9:0e:8c:c8:fc:55:9e:75:44:3c:5c:5b:dd:
f7:42:8e:54:de:e3:3b:6f:31:ba:3a:1b:14:f5:97:ae:56:fd:
ef:d7:0c:2a:db:0e:3f:f9:5d:6c:cf:eb:c3:db:81:81:03:9f:
67:61:98:2e:3a:7d:dd:9b:5f:99:23:aa:87:8a:fa:e3:cd:43:
01:8d:01:1b:1b:5a:e0:7c:1d:bd:59:56:b8:30:c6:de:15:5d:
23:e0:ab:15:18:6d:a3:03:e4:fe:22:d2:ea:14:87:72:95:d9:
b4:f5:34:26:14:ad:63:b1:29:c4:e7:5e:61:db:06:ee:79:27:
09:95:b0:a0:ff:e1:9b:85:ed:11:a2:10:03:b9:6c:50:6b:c3:
ec:58:64:66:8b:d6:82:31:89:90:f0:dc:74:83:d6:96:8e:5a:
03:0e:ba:01:ef:50:2c:80:08:98:ff:f8:1f:78:2f:20:2d:17:
ac:af:26:81:7f:41:9e:f4:80:66:63:38:9a:fe:5b:df:3a:a7:
15:91:c7:fe:5b:f7:5a:26:39:06:24:61:79:c8:8b:25:1e:f4:
c0:b0:3e:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCa1gADWFVTaTgv0rpM1nHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzEwMDQxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJmOGQ3M2U5ZTAyMmI1Y2Y2MDcwMDYyNzI4NWYzZGI2N2RiOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOhDNy+jQ7DJqt6TzOhY/FuQuF4N
Ll8w8qawZaBhobKgBgtsD6GF6whKM518tP0QCjV/2QbV01jqAjonuv5586qi6INn
0zhLUb+1fe5vJEcpiyWunD6IZJy7n/2AYC8ScufgCbhZhuv85SuXl0/8R3mCW5Oy
JmT9lR0JK5zPpCHfYVMGeIijVZzphoE8jqH/kouh5/sFPVqpeSmQav7EqGuvpSn4
WDo3MJWTSFnmSyfC/UZXjHgiFLHOjR385gN90SCzGQUe6Baa6kIEKAb84/gXe3tO
7Qbb0SyKsNlzGo125JafOpqG0KcWljVI9Qr98EUIpKjtHbv7pkOFcxUE1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI8vjXPp4CK1z2BwBicoXz22fbkHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvanktTmMtbmdJclhQWUhBR0p5aGZQYlo5dVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE4bx+H7CcdbdhuExams
ubVESVl9GVRaN7J6fEtYdpPXpiGKjakmgbIpqQ6MyPxVnnVEPFxb3fdCjlTe4ztv
Mbo6GxT1l65W/e/XDCrbDj/5XWzP68PbgYEDn2dhmC46fd2bX5kjqoeK+uPNQwGN
ARsbWuB8Hb1ZVrgwxt4VXSPgqxUYbaMD5P4i0uoUh3KV2bT1NCYUrWOxKcTnXmHb
Bu55JwmVsKD/4ZuF7RGiEAO5bFBrw+xYZGaL1oIxiZDw3HSD1paOWgMOugHvUCyA
CJj/+B94LyAtF6yvJoF/QZ70gGZjOJr+W986pxWRx/5b91omOQYkYXnIiyUe9MCw
Pio=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:26:15 2025 by rpki-client