Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yblravzn9DZFfk7zYxKKPnAMoh8.roa
File: Yblravzn9DZFfk7zYxKKPnAMoh8.roa (raw, json)
Hash identifier: JP/XIY7BlE9RVU5BRoasyP9SU9ExavumissU1SFq858=
Subject key identifier: 61:B9:6B:6A:FC:E7:F4:36:45:7E:4E:F3:63:12:8A:3E:70:0C:A2:1F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4AD0DA86D4608E59E6AF787539A07D71
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yblravzn9DZFfk7zYxKKPnAMoh8.roa
Signing time: Sun 17 Mar 2024 05:09:45 +0000
ROA not before: Sun 17 Mar 2024 05:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4a:d0:da:86:d4:60:8e:59:e6:af:78:75:39:a0:7d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 05:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b96b6afce7f436457e4ef363128a3e700ca21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:22:8d:58:79:a9:50:b1:b6:08:f7:36:3a:80:
e0:93:46:43:6c:7d:bc:3c:99:85:67:85:dc:6f:61:
af:bc:3b:3b:98:db:ee:d7:11:aa:ec:dd:f8:e5:9a:
c1:d3:7f:c3:f6:f6:6a:40:0c:79:1b:1d:a2:0d:15:
1c:d6:71:03:8f:09:22:51:3a:af:cf:a5:7c:f1:1a:
e5:d0:c9:48:ba:ed:ff:02:5c:a7:97:f7:bb:8b:87:
e5:7b:43:e8:03:50:f9:6f:d2:ca:19:17:27:0c:f9:
24:ae:81:83:6f:d5:98:6f:2f:c2:d2:fb:41:7e:f2:
40:ba:be:d1:4a:3b:06:21:7e:32:c7:02:56:ed:26:
f2:b5:f3:87:fc:f4:38:64:0c:69:c9:a7:bf:26:a1:
6a:f8:3a:60:74:63:c6:1f:89:16:a1:a0:29:85:48:
2c:c9:34:20:14:62:f7:dc:ae:a7:07:5b:d1:c4:c5:
4e:89:7e:cb:11:1c:d2:33:3e:84:3c:e4:b2:7b:fa:
8d:80:59:74:ad:25:32:b0:0d:57:ef:a0:8f:f9:dd:
3a:bc:0f:2e:fb:22:0b:10:c8:cb:06:69:3d:b6:43:
e7:e3:0a:ac:3c:d4:b4:e5:a5:35:74:d0:df:e9:8d:
75:ea:69:b9:1a:7f:58:3f:f0:cb:97:bc:cf:dc:51:
06:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B9:6B:6A:FC:E7:F4:36:45:7E:4E:F3:63:12:8A:3E:70:0C:A2:1F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yblravzn9DZFfk7zYxKKPnAMoh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:58:2d:5c:74:71:5d:ee:60:83:4a:52:1c:6a:c2:8a:ee:e8:
3c:5f:b2:10:8c:65:82:01:db:6e:9c:43:55:12:55:8f:51:41:
04:c5:83:52:e1:ae:7f:a4:3f:fe:42:f2:00:35:11:54:4d:55:
72:93:d7:46:84:ee:e2:2f:7e:46:33:3e:82:40:96:5a:d6:63:
60:f0:0b:c9:c2:02:14:f1:92:7a:c7:7f:09:ca:a9:61:02:ca:
db:c7:d7:2c:d8:94:aa:5a:c8:2c:5f:93:ae:d5:d8:75:bf:a1:
41:d9:21:fb:92:8d:4f:8a:f3:f7:41:93:8c:3e:74:b6:a2:27:
fa:24:66:df:a9:cc:7b:5f:c7:64:73:d1:d4:db:63:6b:5c:64:
60:74:50:ff:a0:6a:15:af:4f:15:09:b6:c1:16:8c:14:c3:02:
d3:02:09:7d:2f:3a:9c:52:45:3e:95:f7:e1:ba:4b:51:12:82:
31:1b:e2:5f:9e:cf:82:11:4a:5a:fd:aa:4e:33:7f:31:b2:cf:
d5:3c:de:56:9d:52:90:6e:9c:14:88:1a:b3:0c:79:c3:66:61:
f1:b9:de:8e:0f:df:21:3f:07:94:c6:61:a6:5c:22:25:8d:85:
4d:9e:a6:19:90:ea:f2:5f:b5:5d:90:d6:9f:b2:8c:4e:bd:26:
95:dd:d9:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5K0NqG1GCOWeaveHU5oH1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MDUwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI5NmI2YWZjZTdmNDM2NDU3ZTRlZjM2MzEyOGEzZTcwMGNhMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyKNWHmpULG2CPc2OoDgk0ZDbH28
PJmFZ4Xcb2GvvDs7mNvu1xGq7N345ZrB03/D9vZqQAx5Gx2iDRUc1nEDjwkiUTqv
z6V88Rrl0MlIuu3/Alynl/e7i4fle0PoA1D5b9LKGRcnDPkkroGDb9WYby/C0vtB
fvJAur7RSjsGIX4yxwJW7SbytfOH/PQ4ZAxpyae/JqFq+DpgdGPGH4kWoaAphUgs
yTQgFGL33K6nB1vRxMVOiX7LERzSMz6EPOSye/qNgFl0rSUysA1X76CP+d06vA8u
+yILEMjLBmk9tkPn4wqsPNS05aU1dNDf6Y116mm5Gn9YP/DLl7zP3FEGkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGG5a2r85/Q2RX5O82MSij5wDKIfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWWJscmF2em45RFpGZms3ell4S0tQbkFNb2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABtYLVx0cV3uYINKUhxq
woru6DxfshCMZYIB226cQ1USVY9RQQTFg1Lhrn+kP/5C8gA1EVRNVXKT10aE7uIv
fkYzPoJAllrWY2DwC8nCAhTxknrHfwnKqWECytvH1yzYlKpayCxfk67V2HW/oUHZ
IfuSjU+K8/dBk4w+dLaiJ/okZt+pzHtfx2Rz0dTbY2tcZGB0UP+gahWvTxUJtsEW
jBTDAtMCCX0vOpxSRT6V9+G6S1ESgjEb4l+ez4IRSlr9qk4zfzGyz9U83ladUpBu
nBSIGrMMecNmYfG53o4P3yE/B5TGYaZcIiWNhU2ephmQ6vJftV2Q1p+yjE69JpXd
2ew=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:52:07 2025 by rpki-client