Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnNNTqjUm3TG_wbVG1kMJvA1nRA.roa
File: YnNNTqjUm3TG_wbVG1kMJvA1nRA.roa (raw, json)
Hash identifier: 9MSfMCDEDBW+SO9gb/7mTO7Tj7a7lqIvcdA1UoOSQUs=
Subject key identifier: 62:73:4D:4E:A8:D4:9B:74:C6:FF:06:D5:1B:59:0C:26:F0:35:9D:10
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE43F2353537E636C058C8C90D13433B3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnNNTqjUm3TG_wbVG1kMJvA1nRA.roa
Signing time: Tue 16 Apr 2024 00:12:06 +0000
ROA not before: Tue 16 Apr 2024 00:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e4:3f:23:53:53:7e:63:6c:05:8c:8c:90:d1:34:33:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 16 00:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62734d4ea8d49b74c6ff06d51b590c26f0359d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e1:f1:39:30:11:0b:0a:76:99:26:e8:fa:cb:
1d:db:d8:8c:df:19:a5:98:30:3d:ce:cd:6a:8c:b6:
b1:c7:4b:d3:c7:13:05:9f:57:b3:7a:10:1e:29:f5:
4f:bc:ff:2d:90:e1:a6:fa:81:47:a1:30:7c:93:97:
ac:ca:2e:97:5b:36:29:a0:19:f5:e6:2c:b7:1b:5f:
8d:f5:e0:99:60:40:50:fd:72:45:b7:c6:74:7b:e4:
4c:35:16:04:c8:69:be:9f:f7:f3:b2:8e:b2:d5:de:
0a:59:b9:5d:4c:57:9d:20:d9:00:11:5c:d6:f5:b4:
db:c9:e0:bd:e5:a7:be:47:db:b7:c7:0d:65:28:be:
12:e8:35:e7:26:b8:e1:a6:22:8b:45:f1:2e:63:9a:
8a:f5:9e:71:a1:c0:25:c9:82:3a:8f:00:c1:11:47:
32:e2:fb:36:eb:38:84:10:cb:f8:a9:4a:79:b2:ec:
66:97:0c:aa:02:03:dc:bb:38:1e:48:a4:ed:be:bc:
1d:b2:db:e6:af:61:ef:27:e4:41:5c:bb:16:2b:7d:
02:60:6d:f3:f5:71:c7:e8:65:aa:a2:c2:4e:8b:13:
6d:8c:9f:5d:02:7f:15:d7:1f:7a:e2:af:cb:88:3a:
c7:d9:4e:43:62:59:e2:01:fe:48:ca:13:53:d2:10:
c5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:73:4D:4E:A8:D4:9B:74:C6:FF:06:D5:1B:59:0C:26:F0:35:9D:10
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnNNTqjUm3TG_wbVG1kMJvA1nRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:6b:10:6c:fe:60:8f:04:28:08:63:33:72:e3:74:51:c6:2f:
7f:11:3b:af:15:a6:0e:ba:d5:f2:12:67:0f:fa:12:a3:c5:5e:
6a:9a:ff:91:a3:81:ff:a5:27:6d:a6:c4:33:ac:6c:d3:1c:7f:
88:f8:54:52:51:8d:aa:d0:41:09:c0:e8:6c:ec:05:9f:27:b1:
28:fa:90:c9:e0:ee:82:d4:3e:3d:16:fa:d5:48:77:cb:c9:13:
5a:02:de:4a:ac:6a:cf:f1:8c:aa:ac:05:1e:88:43:b3:2f:3f:
62:54:73:f1:15:22:7c:df:d6:74:bd:54:06:22:c8:9c:97:b6:
b3:b8:95:02:f2:a4:cf:04:52:dd:39:49:e8:3f:b0:6b:67:ce:
0c:d6:ac:da:a4:8a:fb:f8:30:f6:f4:1d:f0:2e:a9:fc:cf:57:
51:d6:10:07:7f:28:e3:e9:27:bd:6b:74:31:be:79:c7:aa:24:
46:0e:a8:fa:f2:2e:e6:49:55:67:aa:b6:14:59:cc:17:86:dc:
7a:35:f7:16:e9:7b:1a:dd:05:b1:6b:54:e5:75:2a:b7:50:5b:
a0:9e:3c:b4:ef:65:fa:d4:ee:19:5a:33:9a:6d:5c:79:02:65:
62:4b:c6:3a:52:0e:ff:ea:39:31:f5:ab:13:31:ec:27:89:02:
61:b0:8b:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7kPyNTU35jbAWMjJDRNDOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE2MDAxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjczNGQ0ZWE4ZDQ5Yjc0YzZmZjA2ZDUxYjU5MGMyNmYwMzU5ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeHxOTARCwp2mSbo+ssd29iM3xml
mDA9zs1qjLaxx0vTxxMFn1ezehAeKfVPvP8tkOGm+oFHoTB8k5esyi6XWzYpoBn1
5iy3G1+N9eCZYEBQ/XJFt8Z0e+RMNRYEyGm+n/fzso6y1d4KWbldTFedINkAEVzW
9bTbyeC95ae+R9u3xw1lKL4S6DXnJrjhpiKLRfEuY5qK9Z5xocAlyYI6jwDBEUcy
4vs26ziEEMv4qUp5suxmlwyqAgPcuzgeSKTtvrwdstvmr2HvJ+RBXLsWK30CYG3z
9XHH6GWqosJOixNtjJ9dAn8V1x964q/LiDrH2U5DYlniAf5IyhNT0hDFXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGJzTU6o1Jt0xv8G1RtZDCbwNZ0QMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWW5OTlRxalVtM1RHX3diVkcxa01KdkExblJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAERrEGz+YI8EKAhjM3Lj
dFHGL38RO68Vpg661fISZw/6EqPFXmqa/5Gjgf+lJ22mxDOsbNMcf4j4VFJRjarQ
QQnA6GzsBZ8nsSj6kMng7oLUPj0W+tVId8vJE1oC3kqsas/xjKqsBR6IQ7MvP2JU
c/EVInzf1nS9VAYiyJyXtrO4lQLypM8EUt05Seg/sGtnzgzWrNqkivv4MPb0HfAu
qfzPV1HWEAd/KOPpJ71rdDG+eceqJEYOqPryLuZJVWeqthRZzBeG3Ho19xbpexrd
BbFrVOV1KrdQW6CePLTvZfrU7hlaM5ptXHkCZWJLxjpSDv/qOTH1qxMx7CeJAmGw
i98=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:06:19 2025 by rpki-client