Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yjWJirqIBowPCPG5XBkjGhMj8ik.roa
File: yjWJirqIBowPCPG5XBkjGhMj8ik.roa (raw, json)
Hash identifier: y9x300Ora1TO60BWwHm91S6P4Hkg3WG3P0Y8bQPqvBk=
Subject key identifier: CA:35:89:8A:BA:88:06:8C:0F:08:F1:B9:5C:19:23:1A:13:23:F2:29
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E393A4AF3CB717542701BEA435F2ED26E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yjWJirqIBowPCPG5XBkjGhMj8ik.roa
Signing time: Wed 13 Mar 2024 19:11:45 +0000
ROA not before: Wed 13 Mar 2024 19:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:3a:4a:f3:cb:71:75:42:70:1b:ea:43:5f:2e:d2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 19:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca35898aba88068c0f08f1b95c19231a1323f229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4d:60:e2:1e:6d:d0:0f:43:15:03:cf:be:e6:
6c:20:08:fc:36:bc:eb:d2:79:6c:97:a2:31:eb:c7:
9d:cb:92:e4:58:22:e7:c5:f5:02:08:a6:21:87:c9:
5b:86:19:ea:cd:57:66:eb:bf:f1:a9:fa:a9:69:7a:
20:da:42:1d:c2:02:d2:8b:1e:72:1c:8d:b7:33:4d:
fa:00:0f:e9:74:6c:c0:d0:9f:cc:99:21:a5:c2:10:
43:04:17:ac:d6:f4:ab:c3:90:3d:00:e9:81:b8:c1:
9e:38:f3:f1:d3:84:66:f5:d6:40:37:d9:7d:b4:c8:
2a:05:28:88:6f:38:ec:e4:d1:a7:da:9b:de:85:82:
9e:25:f8:b6:93:9e:8a:32:47:92:62:7d:ca:83:1a:
16:9c:01:fa:e6:db:c1:75:08:0e:ee:d7:a4:85:03:
fc:d8:e9:d9:c6:8a:3e:30:18:90:56:31:c0:e6:2e:
be:16:1f:30:1d:b9:35:0d:1f:41:9d:52:f8:2e:68:
c8:62:3f:2e:63:16:ce:45:ef:db:ab:36:12:65:54:
55:e8:8b:07:de:59:f4:3d:1f:3d:2e:26:ec:be:8b:
b4:fa:d9:88:16:bd:91:8e:40:e3:f3:62:3a:2e:06:
61:41:4e:d6:28:d5:ef:b1:26:c9:d9:13:9c:2c:25:
77:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:35:89:8A:BA:88:06:8C:0F:08:F1:B9:5C:19:23:1A:13:23:F2:29
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yjWJirqIBowPCPG5XBkjGhMj8ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:96:96:3e:f3:c7:20:e6:0f:c1:88:c1:37:55:e4:c6:1a:70:
80:d5:eb:42:46:b1:79:05:9c:5d:f0:1a:5c:d7:c7:d8:be:65:
2f:99:a1:d4:1f:a4:68:fd:ce:82:41:e0:5e:05:4c:a1:56:49:
c1:10:bb:1d:7a:13:3e:69:8e:77:1d:31:86:eb:75:e4:ee:6a:
2a:00:24:55:5a:cb:13:16:fd:fd:57:65:d3:9b:16:97:28:f2:
b9:a4:f7:11:eb:fa:a4:dc:35:b8:de:0b:c0:34:b1:07:b0:05:
9b:ca:c8:49:3c:3a:ea:88:26:7c:b4:db:02:d5:a0:1f:9d:8e:
8e:4e:44:a8:08:89:a9:fb:ae:0a:07:b6:b8:4e:70:4e:28:44:
0c:9c:9f:19:35:74:49:34:04:bf:f5:96:3e:d9:31:05:4c:a7:
d0:aa:e8:d7:c9:ef:90:a7:eb:72:df:e3:0b:22:82:c7:43:05:
a5:df:60:0b:98:fd:0c:7e:b4:d3:19:f2:1d:67:e1:2a:de:94:
0a:6d:4f:43:5f:45:63:b0:f4:38:e7:ad:7a:1e:3d:90:cb:83:
06:ac:3d:0a:4f:38:d9:a3:f6:68:33:87:68:56:62:1d:b9:b0:
59:cc:32:24:5f:31:ea:6f:cd:0b:c7:b3:4f:b0:4d:3a:8a:8f:
9a:0c:c6:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY45Okrzy3F1QnAb6kNfLtJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMTkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM1ODk4YWJhODgwNjhjMGYwOGYxYjk1YzE5MjMxYTEzMjNmMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk1g4h5t0A9DFQPPvuZsIAj8Nrzr
0nlsl6Ix68edy5LkWCLnxfUCCKYhh8lbhhnqzVdm67/xqfqpaXog2kIdwgLSix5y
HI23M036AA/pdGzA0J/MmSGlwhBDBBes1vSrw5A9AOmBuMGeOPPx04Rm9dZAN9l9
tMgqBSiIbzjs5NGn2pvehYKeJfi2k56KMkeSYn3KgxoWnAH65tvBdQgO7tekhQP8
2OnZxoo+MBiQVjHA5i6+Fh8wHbk1DR9BnVL4LmjIYj8uYxbORe/bqzYSZVRV6IsH
3ln0PR89Libsvou0+tmIFr2RjkDj82I6LgZhQU7WKNXvsSbJ2ROcLCV3mQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMo1iYq6iAaMDwjxuVwZIxoTI/IpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveWpXSmlycUlCb3dQQ1BHNVhCa2pHaE1qOGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA2Wlj7zxyDmD8GIwTdV
5MYacIDV60JGsXkFnF3wGlzXx9i+ZS+ZodQfpGj9zoJB4F4FTKFWScEQux16Ez5p
jncdMYbrdeTuaioAJFVayxMW/f1XZdObFpco8rmk9xHr+qTcNbjeC8A0sQewBZvK
yEk8OuqIJny02wLVoB+djo5ORKgIian7rgoHtrhOcE4oRAycnxk1dEk0BL/1lj7Z
MQVMp9Cq6NfJ75Cn63Lf4wsigsdDBaXfYAuY/Qx+tNMZ8h1n4SrelAptT0NfRWOw
9DjnrXoePZDLgwasPQpPONmj9mgzh2hWYh25sFnMMiRfMepvzQvHs0+wTTqKj5oM
xmU=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:03:46 2025 by rpki-client