Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnxbkbnX7jLRZa1FybcO80Pi4R8.roa
File: YnxbkbnX7jLRZa1FybcO80Pi4R8.roa (raw, json)
Hash identifier: r39qETRoWBgzEjWyuwrXasarfn2o4OoLu7AgK6sa0P4=
Subject key identifier: 62:7C:5B:91:B9:D7:EE:32:D1:65:AD:45:C9:B7:0E:F3:43:E2:E1:1F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA28F50B974182C3E5CE60EF2CD1FA717
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnxbkbnX7jLRZa1FybcO80Pi4R8.roa
Signing time: Wed 03 Apr 2024 06:04:45 +0000
ROA not before: Wed 03 Apr 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:a28e:ec8e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:8f:50:b9:74:18:2c:3e:5c:e6:0e:f2:cd:1f:a7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=627c5b91b9d7ee32d165ad45c9b70ef343e2e11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8c:3c:9e:28:e8:7c:9a:04:0a:c0:48:d5:c5:
d0:fd:7c:ac:f7:d7:8c:e9:12:ab:38:99:60:2c:c4:
b2:44:6f:34:fd:71:ea:8f:01:e6:0e:5b:92:09:85:
c2:7f:39:43:55:1d:17:1d:8f:d6:40:b8:98:a0:25:
8b:43:17:e5:7b:d4:0e:27:7f:15:e5:e6:5e:bf:17:
ef:99:ba:fd:f9:57:69:66:eb:f7:c8:94:90:ea:e3:
6e:3d:29:ff:b7:79:02:8b:aa:60:5a:e0:ad:8f:a1:
1d:75:e2:7a:9f:f8:2e:8a:b3:83:e7:f6:b3:5c:03:
52:70:76:f7:08:03:56:4f:7f:39:4a:87:11:a8:e8:
c6:a6:15:fb:05:5c:a0:80:07:56:b3:07:87:28:6c:
8c:0d:02:4c:bd:e4:71:ed:43:2e:f7:32:62:f1:58:
74:c0:a7:8b:bc:09:bf:ee:c6:1f:a8:5c:12:ad:5c:
30:5e:f4:90:f2:63:ad:42:c6:de:86:50:88:91:39:
46:be:84:13:fe:15:de:9a:a6:f3:72:88:59:b8:cf:
16:2f:ab:37:af:f3:33:48:3f:ba:f1:70:f4:27:4b:
9b:bd:46:51:da:92:3a:39:fb:b8:77:ed:7d:ca:b3:
1b:da:56:e0:a5:b9:65:cb:e0:07:8e:97:25:7f:85:
3d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7C:5B:91:B9:D7:EE:32:D1:65:AD:45:C9:B7:0E:F3:43:E2:E1:1F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YnxbkbnX7jLRZa1FybcO80Pi4R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:4a:df:b2:e8:5a:26:0e:de:0b:4e:1e:31:76:ae:2a:6d:db:
85:f6:86:73:ee:60:bb:ec:45:93:c0:39:c4:d3:ff:18:10:4c:
63:c1:e5:48:e8:41:c0:97:19:b0:49:2b:d1:fd:09:be:6a:6a:
82:89:89:f2:4d:6c:5c:e6:2c:dc:d8:c4:b2:23:2d:79:b3:a5:
be:49:41:69:9e:69:f3:6c:b9:13:0d:d9:38:a8:60:88:21:2e:
bc:74:d8:cc:20:26:25:e7:43:8e:e6:a7:c8:1e:38:de:29:a5:
40:d1:3a:a7:e6:e2:ad:1a:a6:26:74:47:0a:4c:5f:b0:9f:84:
eb:68:86:69:64:95:01:51:a4:80:0b:f9:21:2f:e8:91:ee:2c:
46:fa:f4:77:d7:78:53:25:87:a3:81:ec:64:cb:40:0d:74:33:
82:dc:c7:97:75:9c:4c:60:38:de:fd:f5:e7:8e:fc:e3:5c:f9:
64:4c:61:53:46:eb:3a:0a:ed:85:a3:ef:be:c6:e6:f0:48:b1:
a6:bf:45:99:e3:c0:da:ed:37:86:8f:3b:5d:c5:fe:bf:c9:cc:
b1:d0:2f:68:5c:38:74:d1:bc:58:9a:d7:41:22:3e:e9:d6:e3:
15:7a:71:ed:d7:b0:c7:48:2f:e0:54:ac:3a:97:9b:d6:e8:03:
e1:45:b5:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6ij1C5dBgsPlzmDvLNH6cXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdjNWI5MWI5ZDdlZTMyZDE2NWFkNDVjOWI3MGVmMzQzZTJlMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArow8nijofJoECsBI1cXQ/Xys99eM
6RKrOJlgLMSyRG80/XHqjwHmDluSCYXCfzlDVR0XHY/WQLiYoCWLQxfle9QOJ38V
5eZevxfvmbr9+VdpZuv3yJSQ6uNuPSn/t3kCi6pgWuCtj6EddeJ6n/guirOD5/az
XANScHb3CANWT385SocRqOjGphX7BVyggAdWsweHKGyMDQJMveRx7UMu9zJi8Vh0
wKeLvAm/7sYfqFwSrVwwXvSQ8mOtQsbehlCIkTlGvoQT/hXemqbzcohZuM8WL6s3
r/MzSD+68XD0J0ubvUZR2pI6Ofu4d+19yrMb2lbgpblly+AHjpclf4U9MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGJ8W5G51+4y0WWtRcm3DvND4uEfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWW54Ymtiblg3akxSWmExRnliY084MFBpNFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADlK37LoWiYO3gtOHjF2
ript24X2hnPuYLvsRZPAOcTT/xgQTGPB5UjoQcCXGbBJK9H9Cb5qaoKJifJNbFzm
LNzYxLIjLXmzpb5JQWmeafNsuRMN2TioYIghLrx02MwgJiXnQ47mp8geON4ppUDR
Oqfm4q0apiZ0RwpMX7CfhOtohmlklQFRpIAL+SEv6JHuLEb69HfXeFMlh6OB7GTL
QA10M4Lcx5d1nExgON799eeO/ONc+WRMYVNG6zoK7YWj777G5vBIsaa/RZnjwNrt
N4aPO13F/r/JzLHQL2hcOHTRvFia10EiPunW4xV6ce3XsMdIL+BUrDqXm9boA+FF
tZw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:30 2025 by rpki-client