Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HAJdOIoYneZEXRaw6fpKT0loP24.roa
File: HAJdOIoYneZEXRaw6fpKT0loP24.roa (raw, json)
Hash identifier: NaVDy6g0MXgoW6X6+ScsLIXIyVf08hF/wuSnK0PXBUM=
Subject key identifier: 1C:02:5D:38:8A:18:9D:E6:44:5D:16:B0:E9:FA:4A:4F:49:68:3F:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D992D3E06C0C10CA2FD3DB1AF95C5F39E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HAJdOIoYneZEXRaw6fpKT0loP24.roa
Signing time: Sun 11 Feb 2024 17:18:15 +0000
ROA not before: Sun 11 Feb 2024 17:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:2d:3e:06:c0:c1:0c:a2:fd:3d:b1:af:95:c5:f3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 17:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c025d388a189de6445d16b0e9fa4a4f49683f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e1:f4:39:47:4b:df:22:40:36:81:6f:da:96:
5d:b8:01:df:e1:02:43:3b:96:a9:f7:4f:b5:62:39:
fa:e8:97:24:58:7d:18:90:df:62:37:0e:62:da:89:
06:09:fa:1c:7e:d6:d5:08:26:bc:43:d7:66:4b:bd:
9c:35:63:df:67:5d:56:ec:71:d8:e5:2e:99:76:bf:
d7:34:a9:3b:e8:42:a5:1a:bc:2c:78:ba:b5:c2:b6:
92:74:26:ed:9f:9d:d4:4d:b1:2e:f5:f1:00:ac:5d:
35:f9:56:55:86:5f:b4:10:d7:b7:85:38:17:5a:0d:
3a:6a:c8:a7:5e:ec:27:c0:ea:4f:85:c7:45:d4:12:
cc:d5:e8:8a:38:51:0a:05:1e:88:61:15:ea:2c:99:
47:62:55:73:c0:b8:69:7a:56:f6:dc:49:25:51:18:
81:04:ca:b4:4c:28:aa:e7:7b:df:5c:91:f0:a1:86:
df:0f:5f:70:b8:22:83:0d:60:d5:77:8c:71:f9:03:
2c:65:e3:5e:99:14:96:47:8e:c8:78:0f:07:d8:ce:
82:1b:ba:09:76:ee:2f:d7:c4:fc:3f:4d:b7:d2:6f:
70:4f:0c:57:b0:13:c1:c9:32:8b:d2:13:d9:73:df:
3c:02:38:34:e4:b5:81:06:49:03:ba:c3:a9:e1:a6:
e8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:02:5D:38:8A:18:9D:E6:44:5D:16:B0:E9:FA:4A:4F:49:68:3F:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HAJdOIoYneZEXRaw6fpKT0loP24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:c7:92:ee:ae:03:e1:22:86:86:3a:10:4f:40:b7:34:28:f1:
d1:61:29:bc:4b:27:02:9e:6a:50:3f:d1:1b:d4:e5:24:ac:a8:
e6:84:12:ae:8a:78:19:61:4a:28:c5:6b:13:af:75:04:dc:b0:
ef:80:48:d9:fa:d1:78:93:14:c1:fd:0c:8a:99:78:c7:0a:5f:
06:ce:89:bc:25:38:4d:e3:09:b4:7e:69:94:bb:aa:b1:6d:c8:
39:3b:4d:41:ba:30:60:97:6f:cf:43:af:31:9c:d6:5c:a9:51:
a1:b9:a6:11:b6:9b:99:94:e5:88:26:bf:95:74:0f:cf:7b:f7:
d3:8d:ae:69:6a:cc:22:99:a1:ba:8e:78:36:f5:69:c4:a0:23:
c9:f9:26:a9:74:69:eb:29:3e:91:e7:ce:62:c4:5f:42:f1:8b:
b6:eb:6d:97:70:c7:47:17:f5:85:0b:ad:f7:65:f9:2e:66:36:
be:a6:21:08:dc:a9:db:f3:76:46:08:b5:e4:1e:76:52:93:dd:
1e:a0:38:01:53:d3:88:4c:3f:65:1a:d7:5a:58:06:ea:ba:86:
c7:40:19:ac:35:d2:44:c8:72:75:08:e3:98:75:ca:f0:f5:c6:
b2:47:b7:53:01:13:a1:7b:39:f0:37:41:da:a9:74:45:ef:cd:
22:e2:66:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ZLT4GwMEMov09sa+VxfOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMTcxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAyNWQzODhhMTg5ZGU2NDQ1ZDE2YjBlOWZhNGE0ZjQ5NjgzZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+H0OUdL3yJANoFv2pZduAHf4QJD
O5ap90+1Yjn66JckWH0YkN9iNw5i2okGCfocftbVCCa8Q9dmS72cNWPfZ11W7HHY
5S6Zdr/XNKk76EKlGrwseLq1wraSdCbtn53UTbEu9fEArF01+VZVhl+0ENe3hTgX
Wg06asinXuwnwOpPhcdF1BLM1eiKOFEKBR6IYRXqLJlHYlVzwLhpelb23EklURiB
BMq0TCiq53vfXJHwoYbfD19wuCKDDWDVd4xx+QMsZeNemRSWR47IeA8H2M6CG7oJ
du4v18T8P0230m9wTwxXsBPByTKL0hPZc988Ajg05LWBBkkDusOp4abowQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBwCXTiKGJ3mRF0WsOn6Sk9JaD9uMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSEFKZE9Jb1luZVpFWFJhdzZmcEtUMGxvUDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbHku6uA+EihoY6EE9A
tzQo8dFhKbxLJwKealA/0RvU5SSsqOaEEq6KeBlhSijFaxOvdQTcsO+ASNn60XiT
FMH9DIqZeMcKXwbOibwlOE3jCbR+aZS7qrFtyDk7TUG6MGCXb89DrzGc1lypUaG5
phG2m5mU5Ygmv5V0D89799ONrmlqzCKZobqOeDb1acSgI8n5Jql0aespPpHnzmLE
X0Lxi7brbZdwx0cX9YULrfdl+S5mNr6mIQjcqdvzdkYIteQedlKT3R6gOAFT04hM
P2Ua11pYBuq6hsdAGaw10kTIcnUI45h1yvD1xrJHt1MBE6F7OfA3QdqpdEXvzSLi
Zi8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org