Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hq-328zTUSf984iAjs78kToxAOQ.roa
File: hq-328zTUSf984iAjs78kToxAOQ.roa (raw, json)
Hash identifier: s2wUJNYKJiB2H7u+AmnW6fkhPezYexZHIMX5jduF+vM=
Subject key identifier: 86:AF:B7:DB:CC:D3:51:27:FD:F3:88:80:8E:CE:FC:91:3A:31:00:E4
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F90C33AC61EC97999596A416B58E429CA
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hq-328zTUSf984iAjs78kToxAOQ.roa
Signing time: Sun 19 May 2024 12:11:04 +0000
ROA not before: Sun 19 May 2024 12:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:90:c3:3a:c6:1e:c9:79:99:59:6a:41:6b:58:e4:29:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 12:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86afb7dbccd35127fdf388808ecefc913a3100e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:99:76:ed:be:26:bd:4e:d3:de:82:47:a2:
f5:b2:d6:6d:14:ea:a6:2b:8c:2d:25:69:d1:e2:89:
9e:4e:bc:f0:13:42:80:19:81:1d:4d:76:b7:6b:88:
7b:70:d6:93:71:b3:be:e6:bd:33:21:b6:61:a8:2b:
b4:7b:49:fd:d6:f8:ab:1b:6f:41:e3:85:de:8b:90:
19:f4:09:04:a2:51:13:b2:1b:2f:67:7a:82:c7:1b:
2c:d7:75:68:ec:77:d0:4c:a1:ce:60:d0:c2:b7:53:
d4:f0:6e:4e:c4:2e:30:28:56:48:e5:8d:5c:03:f9:
a4:f2:09:92:88:90:22:dc:47:0a:5f:89:d9:e9:ab:
ac:3c:02:66:7f:23:3b:69:51:ef:3d:d1:e1:40:e5:
4e:06:eb:dd:96:04:6c:1a:11:74:f5:c3:e2:85:12:
41:7f:63:ad:a9:d0:d1:5e:69:1b:4a:e0:a1:a5:38:
e5:1c:36:cd:26:5f:5c:67:2b:63:cd:a7:60:1c:b8:
6f:33:61:ec:ca:91:4f:98:12:aa:6b:16:74:12:db:
95:9e:6a:d0:98:c0:21:fb:80:93:00:c8:81:a2:63:
49:44:f4:a2:e8:a6:6f:0e:55:58:96:6c:d4:c9:aa:
19:b6:d3:21:26:81:87:96:ca:4b:7c:4c:3c:c1:2a:
3b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AF:B7:DB:CC:D3:51:27:FD:F3:88:80:8E:CE:FC:91:3A:31:00:E4
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/hq-328zTUSf984iAjs78kToxAOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:d4:5e:96:2c:4e:ee:fe:32:0c:52:6e:09:4c:35:50:4d:2f:
ab:81:5f:d1:0a:1a:80:bb:61:cb:33:08:a1:32:ac:f5:85:ed:
6e:4e:7d:fb:a9:40:68:55:55:63:0e:c3:7d:78:35:57:23:dd:
13:93:c0:22:0b:af:e7:ee:b1:5a:02:53:cc:09:92:72:88:68:
db:e2:55:14:f5:79:5e:c8:fd:3e:9e:1b:0c:0c:2a:3b:e2:53:
ec:57:19:e7:15:8c:01:67:bc:4b:4b:8a:fe:ae:c3:71:bc:05:
ac:40:be:bc:fb:70:fe:c9:a1:3a:d8:54:41:fd:fb:b2:f5:0b:
c8:2d:80:5e:6d:d1:fa:8f:ef:1e:a1:a7:fd:32:d1:f5:71:74:
64:92:87:8d:ca:0d:e7:3d:f8:e6:34:9a:8c:b4:ff:b9:e4:7f:
ba:5b:2b:5e:a8:50:b4:8e:dc:62:d4:5b:d6:b2:e9:74:c4:f7:
22:cf:85:c2:4c:ca:f5:6d:e9:aa:6d:4b:1a:1a:ee:08:d0:92:
0d:8e:13:89:40:8a:04:c1:a7:ae:4c:ad:f5:0d:78:c9:be:e5:
c2:21:fc:44:d8:04:b9:3b:d1:57:4a:47:cc:49:77:b1:d8:3e:
12:99:fc:9f:c7:04:a1:34:ec:c9:d6:d5:7d:09:49:7f:ee:89:
be:8e:ad:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+QwzrGHsl5mVlqQWtY5CnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MTIxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFmYjdkYmNjZDM1MTI3ZmRmMzg4ODA4ZWNlZmM5MTNhMzEwMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSyZdu2+Jr1O096CR6L1stZtFOqm
K4wtJWnR4omeTrzwE0KAGYEdTXa3a4h7cNaTcbO+5r0zIbZhqCu0e0n91virG29B
44Xei5AZ9AkEolETshsvZ3qCxxss13Vo7HfQTKHOYNDCt1PU8G5OxC4wKFZI5Y1c
A/mk8gmSiJAi3EcKX4nZ6ausPAJmfyM7aVHvPdHhQOVOBuvdlgRsGhF09cPihRJB
f2OtqdDRXmkbSuChpTjlHDbNJl9cZytjzadgHLhvM2HsypFPmBKqaxZ0EtuVnmrQ
mMAh+4CTAMiBomNJRPSi6KZvDlVYlmzUyaoZttMhJoGHlspLfEw8wSo7aQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIavt9vM01En/fOIgI7O/JE6MQDkMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvaHEtMzI4elRVU2Y5ODRpQWpzNzhrVG94QU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD3UXpYsTu7+MgxSbglM
NVBNL6uBX9EKGoC7YcszCKEyrPWF7W5OffupQGhVVWMOw314NVcj3ROTwCILr+fu
sVoCU8wJknKIaNviVRT1eV7I/T6eGwwMKjviU+xXGecVjAFnvEtLiv6uw3G8BaxA
vrz7cP7JoTrYVEH9+7L1C8gtgF5t0fqP7x6hp/0y0fVxdGSSh43KDec9+OY0moy0
/7nkf7pbK16oULSO3GLUW9ay6XTE9yLPhcJMyvVt6aptSxoa7gjQkg2OE4lAigTB
p65MrfUNeMm+5cIh/ETYBLk70VdKR8xJd7HYPhKZ/J/HBKE07MnW1X0JSX/uib6O
rR0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org