Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H8e4-Ly0DVSLOLtRE3Yg4i6nytY.roa
File: H8e4-Ly0DVSLOLtRE3Yg4i6nytY.roa (raw, json)
Hash identifier: 1p0X+j4IIiZfX3aFAI5VmZbtFko3BVdCkXTxntrv/FY=
Subject key identifier: 1F:C7:B8:F8:BC:B4:0D:54:8B:38:BB:51:13:76:20:E2:2E:A7:CA:D6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD31A57718832F485FBC52B2836FC7095
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H8e4-Ly0DVSLOLtRE3Yg4i6nytY.roa
Signing time: Thu 04 Jan 2024 06:12:48 +0000
ROA not before: Thu 04 Jan 2024 06:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:1a:57:71:88:32:f4:85:fb:c5:2b:28:36:fc:70:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 06:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc7b8f8bcb40d548b38bb51137620e22ea7cad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:65:16:5f:36:ce:2b:9f:7b:32:1f:af:fe:35:
e7:c4:dc:52:bd:de:f7:1a:cc:07:73:c5:99:99:85:
87:40:24:7b:e4:f5:76:81:42:69:c4:36:c2:68:df:
be:d9:23:33:3b:47:a4:0c:10:86:43:e7:7d:53:d3:
55:8f:eb:56:05:5b:c3:5a:d7:c6:21:d0:cd:66:9d:
b6:25:ba:8c:18:24:23:10:5a:e8:88:34:8c:af:f6:
ca:73:e8:af:0e:f9:eb:5a:49:73:a9:77:65:a5:c1:
9f:5d:e1:c6:d2:9d:5f:30:66:de:2d:5a:37:6a:17:
2b:7d:04:3d:cd:4e:77:f8:80:6c:24:83:22:3a:0e:
3f:fc:b5:20:b7:73:43:34:ec:37:9e:ab:7f:9b:24:
d2:99:54:90:2d:4a:82:c2:b5:9f:85:00:75:98:ac:
b6:de:31:00:22:b6:de:73:48:e6:f9:8d:67:a3:95:
9d:76:bf:62:27:4a:2a:71:61:57:b4:86:d5:95:4a:
d2:e9:39:ef:e7:4c:42:f6:d0:8f:44:b4:e4:65:08:
90:1d:34:13:9f:5d:7a:f1:d3:ad:c1:74:d0:9c:65:
50:7e:02:bb:5d:f7:72:44:7c:15:03:70:05:48:63:
5e:ff:0f:67:15:5b:ef:ba:1a:ab:e2:79:43:86:11:
48:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C7:B8:F8:BC:B4:0D:54:8B:38:BB:51:13:76:20:E2:2E:A7:CA:D6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H8e4-Ly0DVSLOLtRE3Yg4i6nytY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:34:ee:35:03:2f:32:e2:e5:3f:c3:10:13:14:36:c9:43:ab:
eb:b9:89:26:99:b2:c3:7c:a0:d8:7c:27:08:48:c0:16:37:e9:
7c:e9:bb:fc:7e:d5:1e:c3:df:f0:c7:91:18:b1:7d:26:2d:62:
21:80:f7:66:52:4c:f0:1e:33:87:95:3d:79:eb:f4:63:a2:b0:
95:2a:b0:6d:c4:0c:07:3a:59:65:63:54:04:16:16:29:26:33:
f4:a3:7c:05:46:af:20:b0:46:c2:60:af:80:88:eb:9b:af:06:
65:a2:d5:3d:8b:83:3f:e0:c1:e4:35:6f:1d:c9:b9:72:ca:f8:
c0:a0:0e:d5:d8:ab:db:c3:3b:b5:5a:84:97:c8:1a:92:fa:40:
df:3e:04:54:64:f0:88:44:90:93:98:66:df:f0:4f:4d:ad:52:
c9:19:d7:94:90:fb:dd:0f:5b:98:ed:31:c5:f0:8a:0f:f1:6c:
d9:3c:b2:0f:13:9d:72:5b:8c:4a:cf:dc:4c:c2:94:b4:dc:d9:
5e:ef:12:c8:2a:97:fb:e9:55:bf:9c:8c:ba:3e:17:82:33:68:
ab:bb:b4:2e:32:e5:70:51:e1:ca:8d:82:08:71:04:82:7f:e1:
ac:2b:55:d9:f1:81:a9:fb:e5:ac:c3:30:a8:f4:68:14:4d:2e:
66:79:38:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzTGldxiDL0hfvFKyg2/HCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM3YjhmOGJjYjQwZDU0OGIzOGJiNTExMzc2MjBlMjJlYTdjYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWUWXzbOK597Mh+v/jXnxNxSvd73
GswHc8WZmYWHQCR75PV2gUJpxDbCaN++2SMzO0ekDBCGQ+d9U9NVj+tWBVvDWtfG
IdDNZp22JbqMGCQjEFroiDSMr/bKc+ivDvnrWklzqXdlpcGfXeHG0p1fMGbeLVo3
ahcrfQQ9zU53+IBsJIMiOg4//LUgt3NDNOw3nqt/myTSmVSQLUqCwrWfhQB1mKy2
3jEAIrbec0jm+Y1no5Wddr9iJ0oqcWFXtIbVlUrS6Tnv50xC9tCPRLTkZQiQHTQT
n1168dOtwXTQnGVQfgK7XfdyRHwVA3AFSGNe/w9nFVvvuhqr4nlDhhFINQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB/HuPi8tA1Uizi7URN2IOIup8rWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSDhlNC1MeTBEVlNMT0x0UkUzWWc0aTZueXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ407jUDLzLi5T/DEBMU
NslDq+u5iSaZssN8oNh8JwhIwBY36Xzpu/x+1R7D3/DHkRixfSYtYiGA92ZSTPAe
M4eVPXnr9GOisJUqsG3EDAc6WWVjVAQWFikmM/SjfAVGryCwRsJgr4CI65uvBmWi
1T2Lgz/gweQ1bx3JuXLK+MCgDtXYq9vDO7VahJfIGpL6QN8+BFRk8IhEkJOYZt/w
T02tUskZ15SQ+90PW5jtMcXwig/xbNk8sg8TnXJbjErP3EzClLTc2V7vEsgql/vp
Vb+cjLo+F4IzaKu7tC4y5XBR4cqNgghxBIJ/4awrVdnxgan75azDMKj0aBRNLmZ5
OOs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:52 2025 by rpki-client