Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YbU6RyIp915zPDsVDXX-pwYIVtA.roa
File: YbU6RyIp915zPDsVDXX-pwYIVtA.roa (raw, json)
Hash identifier: uII6thsO7rrPZYqjJ4qMVCjQflolPocx1G1ZS8Dw9YE=
Subject key identifier: 61:B5:3A:47:22:29:F7:5E:73:3C:3B:15:0D:75:FE:A7:06:08:56:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D25B84C58532A526521EAF028798912F8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YbU6RyIp915zPDsVDXX-pwYIVtA.roa
Signing time: Sat 20 Jan 2024 07:14:11 +0000
ROA not before: Sat 20 Jan 2024 07:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:25:b8:4c:58:53:2a:52:65:21:ea:f0:28:79:89:12:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 07:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b53a472229f75e733c3b150d75fea7060856d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:18:67:dc:64:ec:dc:e6:1a:d0:03:64:79:
a1:f0:ed:2e:8b:42:64:c2:b0:bb:3b:bf:cc:5b:6d:
14:89:99:67:a7:8a:a2:79:b8:1d:4c:6d:dc:d2:f6:
41:25:5e:99:d5:5e:35:44:cf:17:3a:8d:f0:5d:7b:
89:5a:93:76:19:71:2d:63:ae:f4:4d:a4:83:35:e0:
ff:fb:1a:d5:a2:ef:96:6d:1c:69:36:f5:22:12:58:
85:b9:b1:57:7f:44:ce:82:d3:36:15:da:02:2d:71:
15:62:22:3a:70:34:55:fa:68:df:ad:2a:d4:fb:59:
54:d8:60:87:66:8a:de:51:cb:34:22:0d:8d:d3:e6:
ba:e6:2f:6f:9a:e1:63:d2:cd:3a:29:b5:1f:bb:33:
ea:00:42:5b:aa:ba:73:a6:87:0e:77:ba:41:b1:48:
a8:1b:58:4b:bf:4f:2e:5c:a2:e2:a2:14:0c:64:7d:
5f:a8:e7:93:9d:f2:f2:7c:11:f1:29:62:21:e9:d7:
62:a2:8b:3b:c2:c3:b9:f7:63:73:67:c5:d9:5b:ba:
28:c6:ee:f5:cf:16:1c:06:fe:14:75:48:53:56:c2:
38:90:44:f2:5d:49:21:ad:07:11:f9:af:6e:29:2b:
b1:b7:8a:5d:c7:42:86:70:d5:cb:47:76:14:30:ed:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B5:3A:47:22:29:F7:5E:73:3C:3B:15:0D:75:FE:A7:06:08:56:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YbU6RyIp915zPDsVDXX-pwYIVtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:ab:1c:19:0d:50:fc:70:f6:e3:6e:93:19:2c:cc:a6:29:6a:
3f:6d:76:06:85:d2:73:de:ee:9d:0f:f4:f0:3d:d9:33:f6:bd:
a4:4f:48:7e:b1:c4:65:ea:53:6b:b8:29:d7:ed:a7:55:25:d5:
9e:f8:4e:5c:8b:24:ce:3d:bf:dd:d7:48:d8:5e:bc:3b:0e:3f:
eb:c7:07:8b:9d:46:88:e7:8e:49:a3:4e:00:3a:ad:b0:65:d8:
39:65:69:65:4c:76:30:1e:49:60:c6:2d:ed:59:99:49:a1:c5:
02:15:6c:ee:cb:2a:1b:f5:ad:40:ad:58:34:38:26:05:21:21:
bd:68:67:7f:58:e3:9e:58:b8:c5:07:77:6b:5c:c8:da:3e:be:
a0:0c:07:cb:5b:3f:61:da:f5:fe:f3:97:d6:ce:a7:31:63:de:
c9:d5:8a:99:8d:dd:a7:45:c1:d9:8c:8e:17:38:45:17:c6:ff:
ac:c1:1c:2f:89:20:3d:ba:21:ef:03:1b:69:21:b8:43:4f:74:
c5:31:56:8e:47:88:95:1c:ff:46:bf:29:27:e2:35:84:bb:62:
28:cc:38:35:5e:84:0a:02:13:0e:c2:c9:e2:ea:2f:70:3e:9e:
80:2f:bf:11:28:6e:56:4e:27:58:cc:76:62:3e:37:e8:f7:40:
f7:9b:8a:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0luExYUypSZSHq8Ch5iRL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMDcxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI1M2E0NzIyMjlmNzVlNzMzYzNiMTUwZDc1ZmVhNzA2MDg1NmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno4YZ9xk7NzmGtADZHmh8O0ui0Jk
wrC7O7/MW20UiZlnp4qiebgdTG3c0vZBJV6Z1V41RM8XOo3wXXuJWpN2GXEtY670
TaSDNeD/+xrVou+WbRxpNvUiEliFubFXf0TOgtM2FdoCLXEVYiI6cDRV+mjfrSrU
+1lU2GCHZoreUcs0Ig2N0+a65i9vmuFj0s06KbUfuzPqAEJbqrpzpocOd7pBsUio
G1hLv08uXKLiohQMZH1fqOeTnfLyfBHxKWIh6ddioos7wsO592NzZ8XZW7ooxu71
zxYcBv4UdUhTVsI4kETyXUkhrQcR+a9uKSuxt4pdx0KGcNXLR3YUMO0nPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGG1OkciKfdeczw7FQ11/qcGCFbQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWWJVNlJ5SXA5MTV6UERzVkRYWC1wd1lJVnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGarHBkNUPxw9uNukxks
zKYpaj9tdgaF0nPe7p0P9PA92TP2vaRPSH6xxGXqU2u4Kdftp1Ul1Z74TlyLJM49
v93XSNhevDsOP+vHB4udRojnjkmjTgA6rbBl2DllaWVMdjAeSWDGLe1ZmUmhxQIV
bO7LKhv1rUCtWDQ4JgUhIb1oZ39Y455YuMUHd2tcyNo+vqAMB8tbP2Ha9f7zl9bO
pzFj3snVipmN3adFwdmMjhc4RRfG/6zBHC+JID26Ie8DG2khuENPdMUxVo5HiJUc
/0a/KSfiNYS7YijMODVehAoCEw7CyeLqL3A+noAvvxEoblZOJ1jMdmI+N+j3QPeb
imU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:17:26 2025 by rpki-client