Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EPq_hx465cdH3Hs60vFVEFQcTGE.roa
File: EPq_hx465cdH3Hs60vFVEFQcTGE.roa (raw, json)
Hash identifier: VehQpQ0NQvc3GTF7QA3vg9UPKlEtGoxODciq1Q3P4zA=
Subject key identifier: 10:FA:BF:87:1E:3A:E5:C7:47:DC:7B:3A:D2:F1:55:10:54:1C:4C:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1113E9A58226003B1E5EFC3C2E272F94
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EPq_hx465cdH3Hs60vFVEFQcTGE.roa
Signing time: Wed 06 Mar 2024 00:05:01 +0000
ROA not before: Wed 06 Mar 2024 00:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:1113:8040/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:13:e9:a5:82:26:00:3b:1e:5e:fc:3c:2e:27:2f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 00:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10fabf871e3ae5c747dc7b3ad2f15510541c4c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:01:26:23:fa:2e:98:ce:b5:96:47:0e:f0:
10:51:1a:0c:5c:e0:d7:27:1f:87:c4:e6:03:9c:04:
50:09:3f:46:d6:8c:df:9c:e4:48:3e:df:da:35:57:
da:1c:4a:1f:7a:dc:6e:16:7c:ae:c5:d6:14:1a:58:
c9:c2:c4:dc:cf:43:7a:f5:cb:0c:bb:1e:07:49:4a:
90:3e:54:d2:e2:f7:47:87:4d:21:c0:29:ef:b4:d2:
80:b7:3b:b3:ba:2d:06:c0:1b:ba:0c:7f:98:b1:4a:
cc:89:a5:71:90:58:d1:45:28:e1:2e:a7:df:0d:36:
7f:8b:b4:52:51:bf:98:e6:ab:87:21:21:d0:76:08:
3e:07:0b:fd:af:ce:4e:f8:36:1b:77:8e:6d:ce:9c:
7b:35:da:91:ad:6d:42:ba:b3:b0:3a:83:23:70:fe:
7f:39:3f:79:64:29:56:79:af:b1:3b:fb:08:20:f5:
2d:68:6f:ee:6c:98:4f:1d:20:a3:c9:5e:e0:ce:e5:
f3:a1:80:2a:59:2c:6c:7e:e7:87:13:72:ba:66:b9:
2b:9c:c3:90:7a:52:1e:62:9f:5c:51:cf:87:4e:0a:
96:12:05:c1:30:dd:cd:61:9b:e7:7e:87:74:9a:2a:
54:7a:a6:5d:6a:a5:a7:3e:d5:ce:08:26:d1:d6:87:
f9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FA:BF:87:1E:3A:E5:C7:47:DC:7B:3A:D2:F1:55:10:54:1C:4C:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EPq_hx465cdH3Hs60vFVEFQcTGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:51:d8:00:e9:17:75:c3:68:da:76:60:0f:4d:0e:28:12:13:
92:d4:90:a5:1a:dc:e3:96:e7:48:81:d0:d2:33:fc:6a:e3:43:
be:af:df:79:fd:d0:36:03:88:b9:f2:36:fa:44:43:df:ef:1a:
2e:5f:0c:6e:41:28:0d:94:cf:de:f0:55:27:e9:85:c3:91:80:
16:b2:b2:1b:ac:66:81:ab:6f:e4:fb:ff:f2:9e:ff:02:51:1c:
80:5d:db:14:01:7e:ce:bc:b5:26:fb:39:44:51:cc:46:65:07:
3c:cd:3f:a5:61:7b:68:df:ca:86:b3:9b:8e:9c:65:44:81:f3:
9c:0a:c4:b4:12:27:81:5d:41:1e:81:b3:1d:6e:cd:da:93:4b:
4e:ff:0a:da:91:57:5b:dc:05:26:4b:30:66:f0:cb:a9:88:99:
bd:f7:69:f8:a2:8f:07:2f:78:02:7a:cd:e6:fb:82:e7:e2:29:
01:00:9f:64:23:43:17:33:92:26:06:c4:79:19:48:08:3a:8e:
10:4d:5b:da:43:17:65:8b:97:77:bc:48:cd:de:c4:1e:9d:2f:
7a:54:3c:b9:b5:f0:8d:47:73:2a:cc:76:24:36:11:36:7a:74:
18:5e:a0:33:8c:00:28:80:e5:0e:44:a4:59:40:71:ff:3c:f7:
59:22:80:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4RE+mlgiYAOx5e/DwuJy+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MDAwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZhYmY4NzFlM2FlNWM3NDdkYzdiM2FkMmYxNTUxMDU0MWM0YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb8BJiP6LpjOtZZHDvAQURoMXODX
Jx+HxOYDnARQCT9G1ozfnORIPt/aNVfaHEofetxuFnyuxdYUGljJwsTcz0N69csM
ux4HSUqQPlTS4vdHh00hwCnvtNKAtzuzui0GwBu6DH+YsUrMiaVxkFjRRSjhLqff
DTZ/i7RSUb+Y5quHISHQdgg+Bwv9r85O+DYbd45tzpx7NdqRrW1CurOwOoMjcP5/
OT95ZClWea+xO/sIIPUtaG/ubJhPHSCjyV7gzuXzoYAqWSxsfueHE3K6ZrkrnMOQ
elIeYp9cUc+HTgqWEgXBMN3NYZvnfod0mipUeqZdaqWnPtXOCCbR1of5NwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBD6v4ceOuXHR9x7OtLxVRBUHExhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRVBxX2h4NDY1Y2RIM0hzNjB2RlZFRlFjVEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9R2ADpF3XDaNp2YA9N
DigSE5LUkKUa3OOW50iB0NIz/GrjQ76v33n90DYDiLnyNvpEQ9/vGi5fDG5BKA2U
z97wVSfphcORgBayshusZoGrb+T7//Ke/wJRHIBd2xQBfs68tSb7OURRzEZlBzzN
P6Vhe2jfyoazm46cZUSB85wKxLQSJ4FdQR6Bsx1uzdqTS07/CtqRV1vcBSZLMGbw
y6mImb33afiijwcveAJ6zeb7gufiKQEAn2QjQxczkiYGxHkZSAg6jhBNW9pDF2WL
l3e8SM3exB6dL3pUPLm18I1HcyrMdiQ2ETZ6dBheoDOMACiA5Q5EpFlAcf8891ki
gFI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org