Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fyYgl4UVb9d7DFXgZYbOA92-nTw.roa
File: fyYgl4UVb9d7DFXgZYbOA92-nTw.roa (raw, json)
Hash identifier: cW+VDm0glVcMm+FjuFuolx3h3SKTynaDBSwRBlSuJvM=
Subject key identifier: 7F:26:20:97:85:15:6F:D7:7B:0C:55:E0:65:86:CE:03:DD:BE:9D:3C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC85747C534F52EF28C07DAF9DA6A9E87
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fyYgl4UVb9d7DFXgZYbOA92-nTw.roa
Signing time: Wed 10 Apr 2024 14:09:06 +0000
ROA not before: Wed 10 Apr 2024 14:09:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:57:47:c5:34:f5:2e:f2:8c:07:da:f9:da:6a:9e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 14:09:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f26209785156fd77b0c55e06586ce03ddbe9d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f9:b4:fc:9c:8d:34:88:73:8b:fc:e6:84:04:
e3:92:a4:4b:ec:a7:59:fb:e5:1a:c1:bc:d3:0a:73:
48:c4:d4:70:87:24:12:47:56:67:1c:d4:d1:ea:23:
5b:5c:b5:7a:17:5c:77:5f:74:ad:c0:2e:02:46:ed:
0a:73:a0:bf:2f:9d:fa:0c:00:00:7b:02:07:d6:ae:
48:db:10:d5:4a:9b:b5:e0:ca:f5:75:aa:2e:01:2c:
03:32:c7:3d:bd:f6:26:ce:e8:68:4f:3c:f3:65:59:
66:42:1b:6c:e5:26:38:44:bf:a8:9e:a6:b9:11:88:
ab:fc:e8:7f:ff:5e:29:47:07:26:bd:63:7e:15:69:
03:17:56:2a:cb:f6:b2:cc:f0:04:3d:2c:e4:4e:2d:
d5:a2:9e:f5:72:fb:9d:bd:aa:a4:fa:8b:15:c3:cb:
a7:0e:76:8e:30:48:7a:3a:ca:30:77:20:d0:11:92:
5f:5e:09:fc:de:e7:6a:f9:53:aa:2d:09:5d:4d:eb:
d4:3d:cc:38:c2:e4:f5:a4:2a:76:27:db:1b:5d:9f:
48:ae:75:83:64:45:e3:55:9d:d5:64:89:b8:9c:99:
5e:c0:eb:e7:d8:87:b1:65:a8:36:9a:84:66:87:f2:
30:c5:58:d6:33:f7:d8:2d:c4:b7:33:e0:ab:10:55:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:26:20:97:85:15:6F:D7:7B:0C:55:E0:65:86:CE:03:DD:BE:9D:3C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fyYgl4UVb9d7DFXgZYbOA92-nTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:aa:44:fe:ed:ed:df:84:88:13:a7:18:ab:b7:e0:cb:f9:ba:
41:b0:54:c8:6f:7b:2a:e4:e9:19:41:d3:46:0e:9c:a9:49:c6:
a2:11:a3:97:68:c4:fd:bf:65:88:89:41:94:a6:6a:1b:47:33:
e9:ff:8d:d3:ff:fc:21:68:4f:b6:38:cb:da:9d:d3:25:51:72:
67:f9:27:a5:b9:81:c2:3f:05:fa:de:0c:7f:06:43:b1:68:68:
71:44:57:7a:c8:b7:10:6b:00:eb:c2:12:a8:05:74:32:31:ce:
ba:54:e6:3d:4d:79:fd:47:dd:b2:a0:22:9a:97:f1:26:b0:d0:
b4:58:04:df:4f:50:5b:83:3d:ae:b7:82:9b:ff:4b:a6:91:ab:
6a:4f:bf:88:b8:8f:0c:c8:35:ba:37:39:41:9e:2a:8a:51:61:
52:2e:b1:a8:26:e1:59:be:8c:1f:cc:55:0b:3a:9c:62:9c:52:
19:27:2a:94:44:91:0a:6f:50:30:7a:c4:b7:ce:ad:cd:5d:ee:
70:e5:0a:4c:9c:e3:d4:0b:46:ef:6a:98:0e:ea:5c:db:6f:86:
b7:12:e6:72:66:4b:bc:02:06:86:dc:55:c6:1e:1e:3c:22:28:
22:5b:90:75:56:07:69:c3:ad:8f:50:63:88:26:b1:62:2d:10:
f6:45:81:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7IV0fFNPUu8owH2vnaap6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMTQwOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI2MjA5Nzg1MTU2ZmQ3N2IwYzU1ZTA2NTg2Y2UwM2RkYmU5ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/m0/JyNNIhzi/zmhATjkqRL7KdZ
++UawbzTCnNIxNRwhyQSR1ZnHNTR6iNbXLV6F1x3X3StwC4CRu0Kc6C/L536DAAA
ewIH1q5I2xDVSpu14Mr1daouASwDMsc9vfYmzuhoTzzzZVlmQhts5SY4RL+onqa5
EYir/Oh//14pRwcmvWN+FWkDF1Yqy/ayzPAEPSzkTi3Vop71cvudvaqk+osVw8un
DnaOMEh6OsowdyDQEZJfXgn83udq+VOqLQldTevUPcw4wuT1pCp2J9sbXZ9IrnWD
ZEXjVZ3VZIm4nJlewOvn2IexZag2moRmh/IwxVjWM/fYLcS3M+CrEFWimwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH8mIJeFFW/XewxV4GWGzgPdvp08MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZnlZZ2w0VVZiOWQ3REZYZ1pZYk9BOTItblR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJSqRP7t7d+EiBOnGKu3
4Mv5ukGwVMhveyrk6RlB00YOnKlJxqIRo5doxP2/ZYiJQZSmahtHM+n/jdP//CFo
T7Y4y9qd0yVRcmf5J6W5gcI/BfreDH8GQ7FoaHFEV3rItxBrAOvCEqgFdDIxzrpU
5j1Nef1H3bKgIpqX8Saw0LRYBN9PUFuDPa63gpv/S6aRq2pPv4i4jwzINbo3OUGe
KopRYVIusagm4Vm+jB/MVQs6nGKcUhknKpREkQpvUDB6xLfOrc1d7nDlCkyc49QL
Ru9qmA7qXNtvhrcS5nJmS7wCBobcVcYeHjwiKCJbkHVWB2nDrY9QY4gmsWItEPZF
gVk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:17:09 2025 by rpki-client