Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yS5BIDlPlE9r_PP7m-Mu5Oyggsg.roa
File: yS5BIDlPlE9r_PP7m-Mu5Oyggsg.roa (raw, json)
Hash identifier: //hYQiVffY0Fy9R4vv9dC6Caxi/8uHhLybW8TTf95qE=
Subject key identifier: C9:2E:41:20:39:4F:94:4F:6B:FC:F3:FB:9B:E3:2E:E4:EC:A0:82:C8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD0B9B6532E53133F376141AC36E2686A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yS5BIDlPlE9r_PP7m-Mu5Oyggsg.roa
Signing time: Thu 22 Feb 2024 12:10:48 +0000
ROA not before: Thu 22 Feb 2024 12:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:b9:b6:53:2e:53:13:3f:37:61:41:ac:36:e2:68:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 22 12:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c92e4120394f944f6bfcf3fb9be32ee4eca082c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:47:6f:1c:cc:fb:15:fe:8c:8b:02:b5:b8:7c:
a5:e3:f2:50:74:da:88:bf:d6:e2:66:74:ff:74:ff:
78:5b:bf:84:d7:ff:67:c9:10:d1:06:47:52:24:5e:
4e:a9:34:a0:5c:19:dd:3f:91:a9:8c:72:b9:86:3a:
82:8a:48:b0:cb:e7:58:4c:41:96:34:01:18:29:04:
e1:65:a0:f7:08:74:9e:82:cc:b6:9c:fe:ce:a0:6c:
05:50:bf:76:d3:58:ba:02:ba:77:f1:7f:eb:aa:19:
c3:78:82:3c:dc:0f:dc:08:fe:61:42:c5:f4:a6:ee:
23:a6:ac:d6:7a:72:a9:14:3d:9d:3f:bb:7a:7b:b5:
68:a0:e1:c3:e0:8b:be:4b:0e:35:ba:b8:a8:52:71:
0f:3a:f0:98:cf:92:0a:e6:d0:bd:a9:5c:7b:b0:04:
02:95:0a:52:70:fa:da:59:9e:e1:58:e6:18:7a:05:
35:33:9f:1c:6b:e4:d1:00:c8:46:83:4f:69:20:65:
01:49:48:70:ad:eb:99:a3:7b:86:6f:27:50:e2:f4:
17:3a:b1:bc:f3:3a:a0:48:51:e5:90:fb:f3:cb:fc:
12:0f:61:36:12:8f:88:30:7f:fe:e9:6d:25:e4:d5:
47:17:83:fe:76:f4:92:1c:05:e5:b8:c0:ac:26:aa:
bf:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2E:41:20:39:4F:94:4F:6B:FC:F3:FB:9B:E3:2E:E4:EC:A0:82:C8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yS5BIDlPlE9r_PP7m-Mu5Oyggsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:eb:2e:9d:15:97:7e:e5:25:da:ef:f6:e3:2e:50:d5:cd:11:
fa:7b:fa:b0:5a:65:59:0f:f5:9d:9d:e8:9e:3f:59:8a:e5:18:
5f:8e:88:b3:fc:0d:bc:a8:d7:00:fe:ae:b1:87:82:20:3f:a6:
0f:6a:3c:99:bc:94:38:88:31:b4:54:63:96:41:e8:80:68:35:
4b:52:c8:06:0e:8e:67:f5:88:6e:47:c1:73:7d:23:79:da:69:
45:0f:07:09:89:b4:3f:e1:d4:eb:bb:73:5b:0d:64:bf:7f:87:
22:08:d0:c1:4f:24:7a:74:0e:99:9f:fd:48:e2:ff:fb:47:ac:
91:91:bb:99:1b:25:6d:13:2f:27:54:7e:97:05:31:2c:29:02:
37:56:4c:78:8b:20:a3:d8:bf:5d:1f:16:4a:0e:fb:33:72:32:
46:ea:34:29:d0:79:2a:59:7d:ce:de:31:0b:2c:8b:27:6c:c0:
a8:8d:55:b2:12:d6:66:21:9c:20:98:db:c6:2b:f4:a5:46:6a:
e2:63:e7:da:79:95:97:17:c1:49:d8:4e:e5:a5:bd:20:9d:5b:
13:44:c5:0e:ae:21:2d:da:76:2c:03:a0:ec:d7:22:b2:3a:0a:
e7:c0:5b:3e:3a:fe:ae:7d:48:d4:23:54:ab:64:55:4a:fe:6b:
1e:3c:41:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3QubZTLlMTPzdhQaw24mhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIyMTIxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJlNDEyMDM5NGY5NDRmNmJmY2YzZmI5YmUzMmVlNGVjYTA4MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkdvHMz7Ff6MiwK1uHyl4/JQdNqI
v9biZnT/dP94W7+E1/9nyRDRBkdSJF5OqTSgXBndP5GpjHK5hjqCikiwy+dYTEGW
NAEYKQThZaD3CHSegsy2nP7OoGwFUL9201i6Arp38X/rqhnDeII83A/cCP5hQsX0
pu4jpqzWenKpFD2dP7t6e7VooOHD4Iu+Sw41urioUnEPOvCYz5IK5tC9qVx7sAQC
lQpScPraWZ7hWOYYegU1M58ca+TRAMhGg09pIGUBSUhwreuZo3uGbydQ4vQXOrG8
8zqgSFHlkPvzy/wSD2E2Eo+IMH/+6W0l5NVHF4P+dvSSHAXluMCsJqq/BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMkuQSA5T5RPa/zz+5vjLuTsoILIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveVM1QklEbFBsRTlyX1BQN20tTXU1T3lnZ3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACfrLp0Vl37lJdrv9uMu
UNXNEfp7+rBaZVkP9Z2d6J4/WYrlGF+OiLP8Dbyo1wD+rrGHgiA/pg9qPJm8lDiI
MbRUY5ZB6IBoNUtSyAYOjmf1iG5HwXN9I3naaUUPBwmJtD/h1Ou7c1sNZL9/hyII
0MFPJHp0Dpmf/Uji//tHrJGRu5kbJW0TLydUfpcFMSwpAjdWTHiLIKPYv10fFkoO
+zNyMkbqNCnQeSpZfc7eMQssiydswKiNVbIS1mYhnCCY28Yr9KVGauJj59p5lZcX
wUnYTuWlvSCdWxNExQ6uIS3adiwDoOzXIrI6CufAWz46/q59SNQjVKtkVUr+ax48
QRM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:25:24 2025 by rpki-client