Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7LtfuyXcqCDIaoW2ZPLEybCawo.roa
File: H7LtfuyXcqCDIaoW2ZPLEybCawo.roa (raw, json)
Hash identifier: itndfp1p767xt9PkMPtqc2Ld8CiiESLBB/ivMo84liA=
Subject key identifier: 1F:B2:ED:7E:EC:97:72:A0:83:21:AA:16:D9:93:CB:13:26:C2:6B:0A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6A5DA269A6EDC5163713E5291C649722
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7LtfuyXcqCDIaoW2ZPLEybCawo.roa
Signing time: Sat 23 Mar 2024 08:11:44 +0000
ROA not before: Sat 23 Mar 2024 08:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:5d:a2:69:a6:ed:c5:16:37:13:e5:29:1c:64:97:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 08:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fb2ed7eec9772a08321aa16d993cb1326c26b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:8f:4c:25:5a:17:b6:d5:97:3a:87:c1:9c:
a1:02:1b:e2:47:a8:bc:4e:0b:9e:0c:77:0b:93:0a:
80:ac:c5:0e:5f:b0:6f:b1:c3:6e:d3:60:1b:2e:59:
4c:13:a0:0b:41:a4:61:44:22:7e:17:0e:9c:60:55:
3e:fd:b6:cd:17:f4:cd:80:35:c4:4b:d7:b7:2b:d1:
7c:c5:ea:49:2e:45:3b:72:9f:ff:5f:41:a5:ab:04:
d4:cb:73:b6:5a:ac:8d:a4:3e:8c:48:29:0a:11:ee:
f2:51:d9:93:0c:b1:31:db:70:1b:77:02:ff:54:54:
49:5c:b1:8b:95:fe:7a:44:f1:17:80:31:eb:ac:93:
c6:dc:4c:e2:10:8d:83:7c:05:e1:42:06:2c:1b:90:
4a:de:c5:e4:fe:8d:7a:df:aa:59:82:14:7b:1a:48:
60:11:5f:ef:ed:22:44:83:80:d5:c7:5d:8f:8f:20:
1b:5f:b6:a0:a7:b4:c3:40:57:19:64:2d:7e:36:57:
59:c9:0e:55:b5:e6:ce:88:d8:6c:e9:49:59:56:6d:
c3:10:41:e9:9e:49:57:4a:63:62:77:d1:eb:e1:d0:
3b:30:31:eb:c0:db:f6:09:1b:25:9d:be:63:66:1d:
a7:ea:af:59:6c:3f:09:3f:5a:db:c1:9c:f2:2c:2f:
40:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B2:ED:7E:EC:97:72:A0:83:21:AA:16:D9:93:CB:13:26:C2:6B:0A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7LtfuyXcqCDIaoW2ZPLEybCawo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:95:29:d0:24:91:fd:8a:e8:d7:6d:0c:f9:eb:3a:28:5d:7a:
a0:4a:73:8a:d0:cf:5f:4d:5f:67:1d:d5:52:bd:f2:50:bc:4d:
f0:be:cf:ad:c8:1b:d2:1e:bd:02:ef:73:cd:3f:98:dc:72:13:
7b:2f:66:2e:cd:ac:6f:83:c5:bc:2a:39:c3:48:d1:48:ad:57:
a6:df:b1:81:a3:7e:61:9c:29:f5:14:71:69:50:b0:47:57:fc:
70:07:db:4e:0f:53:7c:08:e7:75:6e:a3:2a:ae:02:41:81:cf:
6e:28:28:fd:03:3b:9c:7b:e6:f2:d5:10:66:9c:17:11:b9:b7:
ca:7a:31:9f:98:91:ae:f1:70:5f:4d:9a:74:16:94:bc:06:8e:
c9:8d:9b:d4:d0:93:29:93:d9:70:7f:2d:38:50:2b:03:b9:45:
f9:09:9d:55:6d:4d:29:b6:4d:e8:62:1d:87:48:95:03:99:67:
0d:04:08:f7:00:ef:4a:8e:6d:8c:3f:dd:fb:a8:e5:40:92:c4:
a1:14:d5:03:ed:e9:25:19:02:17:5b:c1:f7:20:ad:9c:4f:1a:
f4:0f:a6:81:d5:aa:f9:16:45:ea:de:4f:84:a3:c4:67:80:d6:
49:ea:c6:9f:68:58:3c:9a:5b:da:c0:f7:4b:51:84:17:a4:22:
68:47:29:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5qXaJppu3FFjcT5SkcZJciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDgxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIyZWQ3ZWVjOTc3MmEwODMyMWFhMTZkOTkzY2IxMzI2YzI2YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKSPTCVaF7bVlzqHwZyhAhviR6i8
TgueDHcLkwqArMUOX7BvscNu02AbLllME6ALQaRhRCJ+Fw6cYFU+/bbNF/TNgDXE
S9e3K9F8xepJLkU7cp//X0GlqwTUy3O2WqyNpD6MSCkKEe7yUdmTDLEx23AbdwL/
VFRJXLGLlf56RPEXgDHrrJPG3EziEI2DfAXhQgYsG5BK3sXk/o1636pZghR7Gkhg
EV/v7SJEg4DVx12PjyAbX7agp7TDQFcZZC1+NldZyQ5VtebOiNhs6UlZVm3DEEHp
nklXSmNid9Hr4dA7MDHrwNv2CRslnb5jZh2n6q9ZbD8JP1rbwZzyLC9AbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB+y7X7sl3KggyGqFtmTyxMmwmsKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSDdMdGZ1eVhjcUNESWFvVzJaUExFeWJDYXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICVKdAkkf2K6NdtDPnr
OihdeqBKc4rQz19NX2cd1VK98lC8TfC+z63IG9IevQLvc80/mNxyE3svZi7NrG+D
xbwqOcNI0UitV6bfsYGjfmGcKfUUcWlQsEdX/HAH204PU3wI53VuoyquAkGBz24o
KP0DO5x75vLVEGacFxG5t8p6MZ+Yka7xcF9NmnQWlLwGjsmNm9TQkymT2XB/LThQ
KwO5RfkJnVVtTSm2TehiHYdIlQOZZw0ECPcA70qObYw/3fuo5UCSxKEU1QPt6SUZ
AhdbwfcgrZxPGvQPpoHVqvkWRereT4SjxGeA1knqxp9oWDyaW9rA90tRhBekImhH
KWY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:18 2025 by rpki-client