Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YaCLrtnoshl9MRQPReQv8GPNrzM.roa
File: YaCLrtnoshl9MRQPReQv8GPNrzM.roa (raw, json)
Hash identifier: 5bjlMM6534i+gi++2LTNTZ084tqMfm+RHMlVM2ModD0=
Subject key identifier: 61:A0:8B:AE:D9:E8:B2:19:7D:31:14:0F:45:E4:2F:F0:63:CD:AF:33
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018FA0324FBBC6F45B8352F16FF3D89A35C2
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YaCLrtnoshl9MRQPReQv8GPNrzM.roa
Signing time: Wed 22 May 2024 12:06:42 +0000
ROA not before: Wed 22 May 2024 12:06:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
2001:67c:64:ffff:0:18f:a031:e269/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:32:4f:bb:c6:f4:5b:83:52:f1:6f:f3:d8:9a:35:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 22 12:06:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a08baed9e8b2197d31140f45e42ff063cdaf33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:84:61:8a:62:c9:c3:75:67:44:70:13:c6:ab:
fc:42:43:37:21:b9:c8:33:c0:44:9a:3f:ba:ce:16:
9f:41:6b:c0:9f:7b:68:57:10:75:e1:c1:15:0d:4f:
9e:a0:61:17:59:66:81:9c:b0:8b:fe:e4:af:e3:33:
a7:c4:de:6e:e8:85:7c:f2:df:46:a8:ac:0c:8c:c5:
a3:78:3c:75:4a:96:27:97:b0:e8:8c:b1:84:0f:bb:
90:9b:88:e9:b7:18:f2:ab:05:17:8f:20:a9:af:59:
4b:89:47:94:68:c4:cf:59:3c:9f:a6:5f:6a:95:9e:
2f:df:49:d1:a1:61:5d:df:1d:b0:4b:d5:05:56:2c:
b9:5d:48:ed:c4:43:8f:8e:dd:42:5f:b9:43:b2:08:
10:69:4b:1b:2d:fa:ec:ce:7c:a5:65:82:1b:55:7c:
3f:87:60:67:76:a3:53:02:10:25:fe:65:3e:7e:ef:
52:0f:e9:fc:dd:93:cf:53:68:d9:0f:ef:20:d9:bd:
09:11:b1:19:29:a6:74:3b:22:80:4a:ba:48:6a:c3:
bf:89:c1:99:ea:dd:13:8b:ec:95:15:9d:88:14:74:
74:a4:ee:e4:b3:9b:39:55:b3:82:8b:e8:06:74:ab:
c2:59:86:e8:47:0d:5b:8c:ec:13:0d:24:17:6a:84:
ce:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A0:8B:AE:D9:E8:B2:19:7D:31:14:0F:45:E4:2F:F0:63:CD:AF:33
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/YaCLrtnoshl9MRQPReQv8GPNrzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:32:0f:e5:3f:31:fa:6b:8c:0d:ac:b1:c2:e6:9a:28:32:df:
fd:eb:bf:e2:c1:5a:2c:ae:6e:3c:dc:88:d2:26:13:52:8e:b5:
ea:18:6e:d5:ad:e3:2e:b5:de:21:23:8a:44:3b:13:65:7c:5a:
f3:97:c0:6d:9b:51:25:ae:68:fb:df:4e:89:34:c2:e4:ca:18:
91:07:de:36:03:b2:b3:4a:5c:13:9d:11:f9:50:0e:2e:ab:ec:
0f:a5:75:6a:54:38:23:6e:3d:39:07:66:34:b2:08:01:c4:7c:
57:a7:42:79:2d:db:b3:b2:b9:93:a6:cf:30:d2:93:9d:43:54:
85:d8:d2:49:e3:9c:f2:2e:51:0f:3a:8b:b8:ed:ac:ad:da:df:
c9:93:14:eb:f1:af:29:b0:76:70:14:45:5e:94:12:22:f3:8e:
97:69:3d:97:62:ad:2d:95:96:b6:2f:b7:5f:2f:da:0d:72:e2:
75:5a:02:12:76:52:73:42:2e:ce:c8:10:e8:4c:b7:f1:6d:2c:
e6:3b:b5:24:46:a9:13:aa:2a:e7:f0:dd:cb:b3:36:77:ad:55:
5a:d4:a0:0b:94:d2:7a:55:40:49:9a:af:44:ab:87:c0:51:27:
09:86:93:40:cc:e8:57:70:d0:b5:80:90:65:fd:bb:13:db:2d:
f2:41:4b:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+gMk+7xvRbg1Lxb/PYmjXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIyMTIwNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWEwOGJhZWQ5ZThiMjE5N2QzMTE0MGY0NWU0MmZmMDYzY2RhZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoRhimLJw3VnRHATxqv8QkM3IbnI
M8BEmj+6zhafQWvAn3toVxB14cEVDU+eoGEXWWaBnLCL/uSv4zOnxN5u6IV88t9G
qKwMjMWjeDx1SpYnl7DojLGED7uQm4jptxjyqwUXjyCpr1lLiUeUaMTPWTyfpl9q
lZ4v30nRoWFd3x2wS9UFViy5XUjtxEOPjt1CX7lDsggQaUsbLfrsznylZYIbVXw/
h2BndqNTAhAl/mU+fu9SD+n83ZPPU2jZD+8g2b0JEbEZKaZ0OyKASrpIasO/icGZ
6t0Ti+yVFZ2IFHR0pO7ks5s5VbOCi+gGdKvCWYboRw1bjOwTDSQXaoTOQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGgi67Z6LIZfTEUD0XkL/Bjza8zMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvWWFDTHJ0bm9zaGw5TVJRUFJlUXY4R1BOcnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFcyD+U/MfprjA2sscLm
migy3/3rv+LBWiyubjzciNImE1KOteoYbtWt4y613iEjikQ7E2V8WvOXwG2bUSWu
aPvfTok0wuTKGJEH3jYDsrNKXBOdEflQDi6r7A+ldWpUOCNuPTkHZjSyCAHEfFen
Qnkt27OyuZOmzzDSk51DVIXY0knjnPIuUQ86i7jtrK3a38mTFOvxrymwdnAURV6U
EiLzjpdpPZdirS2VlrYvt18v2g1y4nVaAhJ2UnNCLs7IEOhMt/FtLOY7tSRGqROq
Kufw3cuzNnetVVrUoAuU0npVQEmar0Srh8BRJwmGk0DM6Fdw0LWAkGX9uxPbLfJB
S5k=
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:39:36 2025 by rpki-client