Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YFJMMHQeXMlNqV78j3BlNSNARAc.roa
File: YFJMMHQeXMlNqV78j3BlNSNARAc.roa (raw, json)
Hash identifier: blAigB0DiHEbeJuulXm0GloEjSACTdu5LzbjUdizgHs=
Subject key identifier: 60:52:4C:30:74:1E:5C:C9:4D:A9:5E:FC:8F:70:65:35:23:40:44:07
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0C63A7547471149C2D3CA2CE868FE912
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YFJMMHQeXMlNqV78j3BlNSNARAc.roa
Signing time: Tue 05 Mar 2024 02:14:01 +0000
ROA not before: Tue 05 Mar 2024 02:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0c:63:a7:54:74:71:14:9c:2d:3c:a2:ce:86:8f:e9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 02:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60524c30741e5cc94da95efc8f70653523404407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f4:4c:4c:a3:e1:45:6b:e5:09:d0:3f:d4:f0:
83:46:bd:ab:7f:19:19:aa:3d:47:9d:04:18:2d:b8:
9f:fe:53:6f:24:f0:d9:fb:df:25:78:dd:d5:d4:e5:
b8:87:d7:ae:8d:57:a2:e7:cf:67:17:e3:c2:80:ae:
fa:bb:ac:09:11:03:84:f0:11:cf:52:15:f2:91:07:
5d:35:b0:c9:27:fc:8d:32:32:ec:c4:1b:e5:78:fd:
ba:8a:e0:bc:cf:d7:bd:45:e5:75:d3:64:80:36:c7:
a2:80:12:4b:11:36:21:a9:28:34:36:50:0e:2c:6d:
6d:cc:7d:89:a0:67:ac:a7:18:82:03:5c:93:15:39:
f7:b1:3a:b0:56:fd:cd:f6:ee:6f:9e:83:ba:52:04:
5b:50:79:34:5c:49:35:6a:e5:39:01:b8:8c:55:c8:
5e:26:05:c6:d4:ee:d2:be:f8:87:e4:bc:f5:47:8d:
b1:63:34:2f:e9:cb:05:51:a0:74:32:d3:25:04:3d:
c6:0a:7e:f3:f5:33:ed:75:81:55:15:3d:30:cf:06:
34:78:a8:4d:f8:b2:ca:ca:fa:bb:59:97:1c:b7:db:
dc:61:4c:0b:2c:42:51:4e:3a:fd:ce:c8:8c:37:92:
d8:93:e7:a6:39:51:df:5d:69:5d:6b:a4:91:51:f4:
58:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:52:4C:30:74:1E:5C:C9:4D:A9:5E:FC:8F:70:65:35:23:40:44:07
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YFJMMHQeXMlNqV78j3BlNSNARAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:11:b4:ed:2d:b2:bc:64:e4:90:73:b4:7f:1d:13:f2:6e:7f:
f7:ba:0c:d9:57:34:ca:0a:b7:74:59:0b:05:5c:9e:8b:d3:6c:
90:cd:a7:40:bc:06:72:d8:b6:a6:ec:f4:81:d2:bd:f6:a6:12:
17:66:21:21:59:32:d3:5b:46:0d:d8:ab:13:3e:7d:c5:3e:fd:
01:be:b2:1b:45:ba:54:00:9e:24:b7:c8:42:cb:a5:51:75:00:
1b:84:e9:55:b0:48:66:6a:7c:cd:d5:ad:2c:85:62:6e:51:73:
d9:5c:46:75:0c:61:c5:c2:5f:42:93:a9:c2:73:60:47:fd:4e:
59:0a:dd:1f:c2:bf:68:8a:07:d4:a9:7d:95:82:28:99:ac:10:
aa:33:00:fc:e7:ae:ff:16:89:2b:f6:d2:d6:3d:87:f6:fb:2a:
8f:d2:45:bc:45:01:88:34:70:59:ae:de:12:79:20:1d:50:86:
2a:c2:a0:05:c4:0d:43:1c:d7:f1:02:00:73:44:d0:dc:d3:08:
b8:65:8a:d3:8c:60:bd:a5:83:cd:f3:31:c6:31:ba:a0:50:46:
46:d5:76:fc:eb:12:cd:5d:1c:3c:0f:be:cb:8a:54:17:5b:9d:
17:42:ac:48:63:a3:9e:ba:86:4b:3a:e4:78:c0:2e:4a:f2:64:
b6:e9:fa:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4MY6dUdHEUnC08os6Gj+kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MDIxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUyNGMzMDc0MWU1Y2M5NGRhOTVlZmM4ZjcwNjUzNTIzNDA0NDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvRMTKPhRWvlCdA/1PCDRr2rfxkZ
qj1HnQQYLbif/lNvJPDZ+98leN3V1OW4h9eujVei589nF+PCgK76u6wJEQOE8BHP
UhXykQddNbDJJ/yNMjLsxBvleP26iuC8z9e9ReV102SANseigBJLETYhqSg0NlAO
LG1tzH2JoGespxiCA1yTFTn3sTqwVv3N9u5vnoO6UgRbUHk0XEk1auU5AbiMVche
JgXG1O7SvviH5Lz1R42xYzQv6csFUaB0MtMlBD3GCn7z9TPtdYFVFT0wzwY0eKhN
+LLKyvq7WZcct9vcYUwLLEJRTjr9zsiMN5LYk+emOVHfXWlda6SRUfRYPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGBSTDB0HlzJTale/I9wZTUjQEQHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWUZKTU1IUWVYTWxOcVY3OGozQmxOU05BUkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEYRtO0tsrxk5JBztH8d
E/Juf/e6DNlXNMoKt3RZCwVcnovTbJDNp0C8BnLYtqbs9IHSvfamEhdmISFZMtNb
Rg3YqxM+fcU+/QG+shtFulQAniS3yELLpVF1ABuE6VWwSGZqfM3VrSyFYm5Rc9lc
RnUMYcXCX0KTqcJzYEf9TlkK3R/Cv2iKB9SpfZWCKJmsEKozAPznrv8WiSv20tY9
h/b7Ko/SRbxFAYg0cFmu3hJ5IB1QhirCoAXEDUMc1/ECAHNE0NzTCLhlitOMYL2l
g83zMcYxuqBQRkbVdvzrEs1dHDwPvsuKVBdbnRdCrEhjo566hks65HjALkryZLbp
+nY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:52:46 2025 by rpki-client