Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HEDqTyzOto2S6cnon-Rw1G86620.roa
File: HEDqTyzOto2S6cnon-Rw1G86620.roa (raw, json)
Hash identifier: KniKhohPEMF8yjV04Nx96lA0uRGEk1ugf/SG9o2V858=
Subject key identifier: 1C:40:EA:4F:2C:CE:B6:8D:92:E9:C9:E8:9F:E4:70:D4:6F:3A:EB:6D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4A65053CB52CECE999E4CEBEBB3416AF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HEDqTyzOto2S6cnon-Rw1G86620.roa
Signing time: Sun 17 Mar 2024 03:11:58 +0000
ROA not before: Sun 17 Mar 2024 03:11:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4a:65:05:3c:b5:2c:ec:e9:99:e4:ce:be:bb:34:16:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 03:11:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c40ea4f2cceb68d92e9c9e89fe470d46f3aeb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:5b:ff:71:1c:07:03:d5:a8:a1:b7:65:77:
e8:fc:aa:d0:21:3d:dd:3e:a8:52:89:b4:f7:76:1e:
1f:98:42:f1:0f:a0:dd:f1:db:85:23:5e:d9:65:cb:
ad:fb:3f:b8:cd:e1:3f:52:ef:79:5f:26:7c:73:7e:
29:e0:03:d9:09:f4:d2:b0:82:c2:f8:e3:58:f2:4e:
06:df:7d:44:0a:8e:98:6d:4f:e6:6c:ed:16:c1:32:
13:dc:7c:e1:a8:03:ec:05:45:70:0c:dd:7c:35:d7:
7a:af:b3:25:7a:62:55:c9:be:71:fe:83:1f:05:6b:
f5:bb:a7:35:50:86:ab:ee:9f:29:08:85:f3:7f:52:
de:99:33:9f:f5:a3:63:cd:9e:cf:ce:c9:95:4f:f5:
4f:a3:da:68:e1:16:6e:c1:95:14:27:52:00:bd:40:
4e:e8:ea:72:9b:ca:4d:ff:15:07:7d:b5:85:5e:3b:
10:d8:93:b5:4a:e2:cc:a0:6c:1a:df:c1:1c:be:1d:
3a:a4:99:97:66:93:a9:46:6c:0c:9f:1d:65:9f:da:
aa:b3:da:7d:75:33:fb:ca:2d:97:db:45:c4:76:91:
d3:1f:02:7d:69:fb:29:23:70:5f:fb:18:87:33:01:
8a:63:4e:2a:e9:de:09:da:41:06:00:cd:71:e6:51:
3c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:40:EA:4F:2C:CE:B6:8D:92:E9:C9:E8:9F:E4:70:D4:6F:3A:EB:6D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HEDqTyzOto2S6cnon-Rw1G86620.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:ca:f0:0c:57:1d:c0:e0:fb:3b:ee:11:ae:96:c6:72:93:b5:
bb:9b:36:f7:0c:e0:5a:cb:68:85:69:48:cc:04:f6:04:33:db:
8a:ac:41:e2:2e:17:6c:d0:62:03:cd:f1:d0:6c:1f:1f:33:d9:
8a:8e:3e:db:5d:09:f9:ae:84:ae:fe:b1:ed:dc:cf:f5:d0:c9:
ab:26:92:ba:08:8e:5f:5e:d4:77:04:d0:4c:bf:f9:ce:2f:5d:
5b:e5:b5:eb:32:93:79:89:89:9e:a3:76:8b:99:3d:19:8f:5c:
b9:88:a6:d4:b0:c0:f1:2d:9c:cd:79:dc:79:cc:69:77:8d:d2:
f9:ee:fb:e5:6f:50:9e:e6:8c:59:b5:e6:67:4d:87:bb:8e:99:
b8:d2:2f:f6:df:42:1f:7e:69:e2:1b:92:f9:10:06:f8:8f:a0:
d6:0e:99:3f:76:ed:9f:30:ae:2d:31:d1:8d:13:19:67:cb:41:
4c:f1:d1:60:f7:3b:26:ca:e6:b8:fd:b4:77:1d:b9:cc:dc:1b:
25:56:8d:1a:4e:8d:fe:fb:61:1e:47:d0:fe:01:f8:78:ef:df:
ce:c8:3c:7e:15:a0:c7:df:84:bc:6a:33:87:be:32:5d:cc:2d:
1b:69:8c:bb:ef:da:05:0e:0a:c0:f1:f8:81:1a:38:c4:b5:cc:
3a:3c:2f:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5KZQU8tSzs6Znkzr67NBavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MDMxMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQwZWE0ZjJjY2ViNjhkOTJlOWM5ZTg5ZmU0NzBkNDZmM2FlYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQlb/3EcBwPVqKG3ZXfo/KrQIT3d
PqhSibT3dh4fmELxD6Dd8duFI17ZZcut+z+4zeE/Uu95XyZ8c34p4APZCfTSsILC
+ONY8k4G331ECo6YbU/mbO0WwTIT3HzhqAPsBUVwDN18Ndd6r7MlemJVyb5x/oMf
BWv1u6c1UIar7p8pCIXzf1LemTOf9aNjzZ7PzsmVT/VPo9po4RZuwZUUJ1IAvUBO
6Opym8pN/xUHfbWFXjsQ2JO1SuLMoGwa38Ecvh06pJmXZpOpRmwMnx1ln9qqs9p9
dTP7yi2X20XEdpHTHwJ9afspI3Bf+xiHMwGKY04q6d4J2kEGAM1x5lE8KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBxA6k8szraNkunJ6J/kcNRvOuttMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSEVEcVR5ek90bzJTNmNub24tUncxRzg2NjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFDK8AxXHcDg+zvuEa6W
xnKTtbubNvcM4FrLaIVpSMwE9gQz24qsQeIuF2zQYgPN8dBsHx8z2YqOPttdCfmu
hK7+se3cz/XQyasmkroIjl9e1HcE0Ey/+c4vXVvltesyk3mJiZ6jdouZPRmPXLmI
ptSwwPEtnM153HnMaXeN0vnu++VvUJ7mjFm15mdNh7uOmbjSL/bfQh9+aeIbkvkQ
BviPoNYOmT927Z8wri0x0Y0TGWfLQUzx0WD3OybK5rj9tHcduczcGyVWjRpOjf77
YR5H0P4B+Hjv387IPH4VoMffhLxqM4e+Ml3MLRtpjLvv2gUOCsDx+IEaOMS1zDo8
L6c=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:08:13 2025 by rpki-client