Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7xwRLQTKvg0TyzVy5ufxTM_300.roa
File: H7xwRLQTKvg0TyzVy5ufxTM_300.roa (raw, json)
Hash identifier: vOG5waeWW84bJIIfk2SK6EX2+yUo2hyTy04y1T3JTQQ=
Subject key identifier: 1F:BC:70:44:B4:13:2A:F8:34:4F:2C:D5:CB:9B:9F:C5:33:3F:DF:4D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8802418E745C688DEC461EF80D0B35E2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7xwRLQTKvg0TyzVy5ufxTM_300.roa
Signing time: Wed 20 Dec 2023 16:14:58 +0000
ROA not before: Wed 20 Dec 2023 16:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:02:41:8e:74:5c:68:8d:ec:46:1e:f8:0d:0b:35:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 20 16:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fbc7044b4132af8344f2cd5cb9b9fc5333fdf4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:44:33:f9:3e:c4:26:ed:97:17:98:76:d0:8d:
de:8f:9b:4f:f2:93:e8:70:58:b9:0c:08:c9:d3:76:
b1:17:a7:8e:dd:cf:5a:be:e7:83:a1:75:6e:18:09:
cf:95:ed:4f:62:ac:f9:77:90:0f:e3:cf:ec:fb:d2:
f2:36:b2:77:29:80:f3:64:2e:90:1d:65:1e:0c:ee:
b2:ed:a7:1d:1a:37:0f:b2:5a:0d:f0:e7:8a:49:74:
d0:97:bb:56:69:03:0a:f0:0b:06:05:b3:aa:c8:bc:
ce:d1:5e:a3:2b:f8:5c:8c:82:50:6a:f3:b2:74:89:
4b:44:88:ee:f0:93:ad:13:c6:60:32:19:e9:27:83:
76:44:ac:ec:35:f6:78:42:cf:fe:13:32:e9:d5:37:
5b:e8:50:ce:45:c1:88:d6:01:1f:8a:78:e0:36:0d:
49:3f:ed:60:e5:d9:f5:c3:5b:12:21:76:e4:39:bb:
10:54:ab:81:35:78:63:b5:94:98:ea:a1:02:46:71:
96:99:30:e8:0d:67:7c:f6:3a:b7:f7:a5:b2:36:e8:
1c:8c:90:51:34:bb:c4:57:dc:55:58:be:cd:0e:8b:
fc:fc:8b:64:c9:08:a9:57:3b:7b:d3:c2:c6:d3:ca:
72:4d:c2:8b:e3:d3:16:c1:60:b1:e0:87:fa:4b:95:
13:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BC:70:44:B4:13:2A:F8:34:4F:2C:D5:CB:9B:9F:C5:33:3F:DF:4D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H7xwRLQTKvg0TyzVy5ufxTM_300.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:44:1f:6a:d7:4c:c4:4a:82:28:21:6d:e5:86:8c:d2:42:3d:
bc:47:4c:af:4e:98:c8:db:bc:d2:82:ab:c2:31:9e:d8:14:17:
c2:5e:10:f1:39:60:2a:c7:8a:99:78:65:e5:37:30:c7:84:82:
bd:3f:94:90:c2:ac:39:21:da:7b:18:37:2e:5d:12:95:07:4a:
e4:f4:2c:18:ec:0c:62:32:2c:fe:01:2e:a3:76:82:6e:50:bd:
8b:8d:92:8f:e9:58:3e:4a:b9:88:35:4a:68:b1:f9:85:6c:6b:
3c:ca:22:7c:42:6c:2a:c8:47:d6:fc:45:46:44:72:5b:e9:c7:
b1:e3:c6:87:3a:c8:33:ec:72:77:63:71:71:ca:1b:14:d6:a9:
ad:a3:49:9c:0c:fb:4b:3b:37:fa:94:9a:d7:22:ee:db:14:60:
91:63:e0:db:65:5c:31:8c:ed:ea:1b:ca:85:50:60:c9:a6:f6:
74:26:44:0a:22:ae:77:52:90:9d:10:df:26:e8:88:a2:9d:6f:
3b:ee:49:12:fb:2f:54:93:6d:0a:ce:77:23:d2:fb:99:97:a3:
a2:e8:04:26:c1:c4:76:09:d4:b2:3a:64:2a:6e:2b:94:7d:b3:
56:75:53:59:36:cd:3c:9c:44:74:b6:91:b6:8e:ab:0e:4e:15:
58:3c:31:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyIAkGOdFxojexGHvgNCzXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIwMTYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmJjNzA0NGI0MTMyYWY4MzQ0ZjJjZDVjYjliOWZjNTMzM2ZkZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkQz+T7EJu2XF5h20I3ej5tP8pPo
cFi5DAjJ03axF6eO3c9avueDoXVuGAnPle1PYqz5d5AP48/s+9LyNrJ3KYDzZC6Q
HWUeDO6y7acdGjcPsloN8OeKSXTQl7tWaQMK8AsGBbOqyLzO0V6jK/hcjIJQavOy
dIlLRIju8JOtE8ZgMhnpJ4N2RKzsNfZ4Qs/+EzLp1Tdb6FDORcGI1gEfinjgNg1J
P+1g5dn1w1sSIXbkObsQVKuBNXhjtZSY6qECRnGWmTDoDWd89jq396WyNugcjJBR
NLvEV9xVWL7NDov8/ItkyQipVzt708LG08pyTcKL49MWwWCx4If6S5UTJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB+8cES0Eyr4NE8s1cubn8UzP99NMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSDd4d1JMUVRLdmcwVHl6Vnk1dWZ4VE1fMzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGpEH2rXTMRKgighbeWG
jNJCPbxHTK9OmMjbvNKCq8IxntgUF8JeEPE5YCrHipl4ZeU3MMeEgr0/lJDCrDkh
2nsYNy5dEpUHSuT0LBjsDGIyLP4BLqN2gm5QvYuNko/pWD5KuYg1Smix+YVsazzK
InxCbCrIR9b8RUZEclvpx7Hjxoc6yDPscndjcXHKGxTWqa2jSZwM+0s7N/qUmtci
7tsUYJFj4NtlXDGM7eobyoVQYMmm9nQmRAoirndSkJ0Q3yboiKKdbzvuSRL7L1ST
bQrOdyPS+5mXo6LoBCbBxHYJ1LI6ZCpuK5R9s1Z1U1k2zTycRHS2kbaOqw5OFVg8
Mfo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:33 2025 by rpki-client