Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YSNL83NjGsCfEyqfL6EH3BCWmkM.roa
File: YSNL83NjGsCfEyqfL6EH3BCWmkM.roa (raw, json)
Hash identifier: unTacMn+c1pKWc/RH0rum4M0f2/xiMcsDC8ilabL8dw=
Subject key identifier: 61:23:4B:F3:73:63:1A:C0:9F:13:2A:9F:2F:A1:07:DC:10:96:9A:43
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE4A8DD66BE283A2750D8C91D73DF987E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YSNL83NjGsCfEyqfL6EH3BCWmkM.roa
Signing time: Mon 26 Feb 2024 09:04:48 +0000
ROA not before: Mon 26 Feb 2024 09:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e4a8:6336/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:a8:dd:66:be:28:3a:27:50:d8:c9:1d:73:df:98:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 26 09:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61234bf373631ac09f132a9f2fa107dc10969a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:04:4f:3b:34:2c:dd:30:21:7a:68:4d:02:
77:de:99:9c:87:9e:e3:14:0c:d1:f4:48:34:ed:cc:
f5:f1:11:83:1a:40:a1:24:e8:93:a7:b1:0f:5d:14:
a7:2a:47:dd:75:5f:e5:ae:e9:63:01:3a:d6:7a:db:
0f:2a:9f:91:6f:55:c6:4f:e8:03:7f:82:85:ed:34:
e8:1e:b2:a5:ff:01:10:e7:0e:1f:38:ca:1c:14:20:
12:4d:69:93:65:01:f9:75:87:4f:22:11:a5:91:41:
2a:35:bd:a3:0a:b0:35:ad:3b:c6:ed:06:24:df:2a:
74:d2:32:8d:2a:fb:cb:ef:f1:4f:83:a5:bb:1b:2c:
56:f7:a2:8f:9c:13:9e:d3:cc:49:fc:a5:96:61:e3:
16:d3:6a:3a:6c:32:92:e4:94:14:cc:71:d9:ea:57:
00:e8:05:ef:62:ff:68:0c:b6:e1:e0:af:3e:d5:fb:
90:cc:2f:7f:f0:7a:7b:d6:51:65:9e:35:ff:08:5f:
8b:8d:2f:fb:bf:e8:b9:98:bb:c7:7d:ae:5d:53:db:
97:f5:11:0e:73:fb:f4:ad:5b:c2:34:35:58:fc:90:
ba:13:d3:65:d5:64:e4:0b:ba:d8:9b:aa:b5:87:17:
af:ba:e7:15:1c:3c:e5:86:59:c8:db:9c:df:86:6d:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:23:4B:F3:73:63:1A:C0:9F:13:2A:9F:2F:A1:07:DC:10:96:9A:43
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YSNL83NjGsCfEyqfL6EH3BCWmkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:c6:7e:d9:5b:1d:d1:87:81:fa:4c:a4:07:88:1c:5c:de:4c:
75:41:b4:3f:e8:b5:43:5f:9a:c6:25:21:83:be:60:4d:b7:a1:
ff:46:b1:cc:73:0b:86:2e:b3:e9:86:e1:b2:20:36:dc:97:e5:
ec:66:39:db:c0:cc:74:22:1c:20:2e:25:50:dd:9b:14:7d:b4:
d2:e7:49:b9:55:13:5c:00:5a:56:80:3f:e8:03:ca:b1:fc:f6:
aa:f3:f6:80:16:5b:be:2c:9b:3c:d1:98:bd:87:64:df:4c:74:
74:4b:ff:e1:cf:a4:6e:12:2d:19:e9:7f:38:a0:9f:a2:7d:d7:
03:d7:3c:4c:ba:25:70:a3:d5:a8:47:3e:26:c8:22:5d:f4:b3:
2f:3c:8b:10:27:98:56:a8:75:19:3b:5a:d7:67:3b:33:73:ae:
37:6a:07:ef:8f:16:67:6c:06:b3:a1:f4:90:42:57:3a:40:04:
5e:88:cf:20:45:25:e7:a8:aa:64:e1:8e:2c:f0:0f:bd:6d:9b:
fe:75:73:b8:78:0f:36:7c:01:86:0c:1f:8f:fd:96:84:22:b4:
0a:a0:a9:24:15:23:6a:01:2b:bc:03:22:dc:3a:61:83:33:f7:
1e:ce:7b:28:6c:d5:8e:5b:73:8d:36:b5:f6:a0:24:e0:69:0d:
c8:29:3a:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3kqN1mvig6J1DYyR1z35h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI2MDkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIzNGJmMzczNjMxYWMwOWYxMzJhOWYyZmExMDdkYzEwOTY5YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkETzs0LN0wIXpoTQJ33pmch57j
FAzR9Eg07cz18RGDGkChJOiTp7EPXRSnKkfddV/lruljATrWetsPKp+Rb1XGT+gD
f4KF7TToHrKl/wEQ5w4fOMocFCASTWmTZQH5dYdPIhGlkUEqNb2jCrA1rTvG7QYk
3yp00jKNKvvL7/FPg6W7GyxW96KPnBOe08xJ/KWWYeMW02o6bDKS5JQUzHHZ6lcA
6AXvYv9oDLbh4K8+1fuQzC9/8Hp71lFlnjX/CF+LjS/7v+i5mLvHfa5dU9uX9REO
c/v0rVvCNDVY/JC6E9Nl1WTkC7rYm6q1hxevuucVHDzlhlnI25zfhm2YYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGEjS/NzYxrAnxMqny+hB9wQlppDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWVNOTDgzTmpHc0NmRXlxZkw2RUgzQkNXbWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbGftlbHdGHgfpMpAeI
HFzeTHVBtD/otUNfmsYlIYO+YE23of9GscxzC4Yus+mG4bIgNtyX5exmOdvAzHQi
HCAuJVDdmxR9tNLnSblVE1wAWlaAP+gDyrH89qrz9oAWW74smzzRmL2HZN9MdHRL
/+HPpG4SLRnpfzign6J91wPXPEy6JXCj1ahHPibIIl30sy88ixAnmFaodRk7Wtdn
OzNzrjdqB++PFmdsBrOh9JBCVzpABF6IzyBFJeeoqmThjizwD71tm/51c7h4DzZ8
AYYMH4/9loQitAqgqSQVI2oBK7wDItw6YYMz9x7Oeyhs1Y5bc402tfagJOBpDcgp
Otg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:24:13 2025 by rpki-client