Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWTThHAu2IwC9tH0UB2LqSNVBTw.roa
File: HWTThHAu2IwC9tH0UB2LqSNVBTw.roa (raw, json)
Hash identifier: xfMrDHPqScJarBWVNn2GON2zF3IliNpr41JiBR8cTQE=
Subject key identifier: 1D:64:D3:84:70:2E:D8:8C:02:F6:D1:F4:50:1D:8B:A9:23:55:05:3C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F51764641CFAA697D20BBE5240E664FAB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWTThHAu2IwC9tH0UB2LqSNVBTw.roa
Signing time: Tue 07 May 2024 05:10:56 +0000
ROA not before: Tue 07 May 2024 05:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:76:46:41:cf:aa:69:7d:20:bb:e5:24:0e:66:4f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 05:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d64d384702ed88c02f6d1f4501d8ba92355053c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:a8:7e:ea:75:14:a4:75:14:94:1a:d0:89:
95:76:5b:ab:1d:7b:1e:a5:e9:b8:31:72:1c:42:b3:
aa:7a:65:12:45:93:31:57:99:fe:10:28:16:db:16:
e0:fe:27:93:0c:b7:95:d0:7a:c8:64:20:0c:28:8c:
4b:5a:06:0e:50:a4:d1:18:e4:16:04:3f:35:c7:e3:
1c:41:11:87:f3:70:c3:61:c9:f6:fb:09:20:af:24:
c1:af:6a:26:70:b7:01:82:d1:90:5a:3c:b6:ca:1a:
59:d9:c9:22:6d:f1:d2:2c:19:18:07:ee:52:09:6a:
79:8a:b9:63:0e:48:bd:33:b6:42:0f:35:4c:d6:ae:
87:b4:3a:8b:27:55:86:41:ca:9a:f0:14:d9:4f:9e:
37:50:37:78:6f:b4:21:b4:29:9a:e8:bc:a9:0e:6d:
cd:38:36:8d:4e:b5:7c:bb:ec:7b:ba:f2:b2:61:36:
07:46:85:3b:84:0f:79:40:e9:10:c9:1e:8a:5b:bf:
75:27:65:e5:83:cd:da:c8:90:89:cf:4d:eb:d5:fe:
10:e9:a1:fc:32:95:90:58:6f:3d:b1:7c:58:90:2d:
3b:74:08:44:b0:68:65:64:26:41:49:b2:64:c5:8e:
db:d0:7e:05:74:90:49:04:35:aa:11:5d:86:af:bc:
6a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:64:D3:84:70:2E:D8:8C:02:F6:D1:F4:50:1D:8B:A9:23:55:05:3C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/HWTThHAu2IwC9tH0UB2LqSNVBTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:24:3a:09:e4:42:60:de:12:1b:87:12:af:7d:1f:c4:ef:a9:
4f:a1:72:67:2a:fc:9a:e2:25:6d:42:30:7c:cb:60:25:14:cf:
82:2f:3f:67:d2:6f:65:57:d8:55:51:11:52:df:74:cb:25:a1:
e6:6b:43:bd:96:23:b1:e0:c1:15:26:9c:de:fa:bd:fd:0e:24:
2e:0c:04:5b:2a:f1:c5:40:2f:e9:50:47:8c:8e:69:93:a4:cd:
4d:72:99:0d:49:50:14:4e:17:f2:aa:33:89:2e:14:ea:01:8d:
7a:b0:78:52:80:23:43:0e:67:78:a8:8a:01:ef:e4:f2:1b:d5:
20:a1:22:85:9d:39:e5:36:bc:7d:a0:c3:e0:dd:07:4f:9e:40:
c7:e2:5d:71:96:cd:24:1b:81:db:40:9f:eb:37:7e:c8:cb:28:
3d:ae:77:15:13:e6:1d:72:d8:f5:6f:66:20:2a:e7:c6:e2:0f:
66:37:07:e9:1a:ac:18:60:cd:ac:89:7a:fd:c5:e2:8e:e0:a6:
e9:52:e6:b0:d9:c4:10:d7:e9:b3:eb:21:9c:e1:46:3a:b4:bd:
f4:58:3b:4e:30:c0:7b:fe:dc:9c:2a:29:c2:0b:13:82:05:b4:
6a:1d:f2:ab:ae:cc:56:67:74:06:32:fa:7c:9e:a1:f7:df:56:
b7:7c:ab:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9RdkZBz6ppfSC75SQOZk+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MDUxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDY0ZDM4NDcwMmVkODhjMDJmNmQxZjQ1MDFkOGJhOTIzNTUwNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuiofup1FKR1FJQa0ImVdlurHXse
pem4MXIcQrOqemUSRZMxV5n+ECgW2xbg/ieTDLeV0HrIZCAMKIxLWgYOUKTRGOQW
BD81x+McQRGH83DDYcn2+wkgryTBr2omcLcBgtGQWjy2yhpZ2ckibfHSLBkYB+5S
CWp5irljDki9M7ZCDzVM1q6HtDqLJ1WGQcqa8BTZT543UDd4b7QhtCma6LypDm3N
ODaNTrV8u+x7uvKyYTYHRoU7hA95QOkQyR6KW791J2Xlg83ayJCJz03r1f4Q6aH8
MpWQWG89sXxYkC07dAhEsGhlZCZBSbJkxY7b0H4FdJBJBDWqEV2Gr7xq0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB1k04RwLtiMAvbR9FAdi6kjVQU8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvSFdUVGhIQXUySXdDOXRIMFVCMkxxU05WQlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK4kOgnkQmDeEhuHEq99
H8TvqU+hcmcq/JriJW1CMHzLYCUUz4IvP2fSb2VX2FVREVLfdMsloeZrQ72WI7Hg
wRUmnN76vf0OJC4MBFsq8cVAL+lQR4yOaZOkzU1ymQ1JUBROF/KqM4kuFOoBjXqw
eFKAI0MOZ3ioigHv5PIb1SChIoWdOeU2vH2gw+DdB0+eQMfiXXGWzSQbgdtAn+s3
fsjLKD2udxUT5h1y2PVvZiAq58biD2Y3B+karBhgzayJev3F4o7gpulS5rDZxBDX
6bPrIZzhRjq0vfRYO04wwHv+3JwqKcILE4IFtGod8quuzFZndAYy+nyeofffVrd8
q7Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:45 2025 by rpki-client