Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HH-CoZQGakj4N7QZzYqmfEUP4VY.roa
File: HH-CoZQGakj4N7QZzYqmfEUP4VY.roa (raw, json)
Hash identifier: vH9Q3LXMwDO0jwQ6Sw5Fu4QVNVqvNtEcVG71lYANUPY=
Subject key identifier: 1C:7F:82:A1:94:06:6A:48:F8:37:B4:19:CD:8A:A6:7C:45:0F:E1:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8DCB1F413DED51F6FC814ECCBEF40D59
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HH-CoZQGakj4N7QZzYqmfEUP4VY.roa
Signing time: Fri 09 Feb 2024 12:15:15 +0000
ROA not before: Fri 09 Feb 2024 12:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:cb:1f:41:3d:ed:51:f6:fc:81:4e:cc:be:f4:0d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 12:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c7f82a194066a48f837b419cd8aa67c450fe156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:79:97:e6:f3:36:c0:30:4d:2e:26:65:57:d4:
34:62:f6:b1:b5:b7:6a:04:35:af:5e:a0:f9:96:bd:
1a:f7:db:4e:d7:a2:ff:b4:b7:3c:96:a8:2a:59:0b:
57:2d:12:fb:80:a7:c2:92:8e:1f:b9:7b:17:e4:57:
78:36:96:8d:17:51:0e:34:f8:8d:2c:0f:56:23:8e:
e8:ff:e2:57:50:fe:9d:a7:06:86:5b:12:91:82:bc:
3b:b0:c3:a6:42:a9:e4:cc:75:a9:de:e9:60:3a:a4:
de:b3:20:8a:5f:5e:3a:01:2a:05:7e:fa:c5:67:8b:
5e:36:1a:5b:8e:77:49:71:87:66:16:8f:a5:9e:16:
59:59:b8:46:98:ab:8a:6e:7d:c0:61:95:ef:85:9b:
1d:88:51:89:ee:f0:78:5d:4e:31:ad:35:69:19:a8:
f4:21:66:02:f3:ab:10:d4:96:7c:ff:aa:2b:ad:93:
8b:ea:b4:51:2f:47:82:41:fa:13:7a:13:76:af:00:
6e:0b:44:97:d3:fc:4e:09:87:82:96:45:d7:b8:4b:
7a:0c:9d:37:0b:0f:99:0e:ff:1a:6c:d7:9a:0d:de:
df:76:05:93:37:7b:b9:0f:7f:fd:dc:29:51:81:85:
86:f2:1b:58:af:c0:28:f6:43:34:e5:8f:ae:bc:04:
f7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7F:82:A1:94:06:6A:48:F8:37:B4:19:CD:8A:A6:7C:45:0F:E1:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HH-CoZQGakj4N7QZzYqmfEUP4VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:b7:ed:53:b8:14:02:17:c8:39:1c:ba:66:fe:67:ad:f6:9d:
c7:fb:7c:fd:52:e4:54:51:d0:df:c6:da:0f:d0:38:3e:54:61:
10:a5:17:42:f0:7c:bb:31:18:39:26:c1:12:67:34:77:9c:60:
6a:a0:60:5c:f6:b7:a4:97:6c:e5:a0:5d:ad:70:4e:b6:0b:62:
27:1b:e5:47:ec:46:64:96:98:00:02:2c:b3:8c:46:f0:3b:33:
46:6b:cc:c1:4f:b9:ea:4e:3e:c7:be:ee:09:2a:9e:39:bc:2f:
96:64:8d:57:b9:6b:20:17:9d:60:90:fc:b2:0d:3e:3d:44:2a:
5c:82:93:03:22:ff:41:37:c6:b6:95:18:80:fb:04:ec:cb:3e:
49:75:14:a8:00:e5:14:32:79:e2:c1:73:c5:ef:03:61:bf:ca:
e5:9a:ab:8f:a7:f5:b6:90:d8:42:17:7d:e3:b7:e3:7e:5b:fa:
94:d9:ce:27:c2:e2:35:f2:fd:b8:d2:6b:fe:a3:86:07:77:1b:
de:72:22:0e:38:c9:6c:1f:0a:a5:60:dd:de:96:dd:2f:2b:53:
c8:73:15:1b:27:09:bb:74:9d:bf:84:21:7d:7e:ee:f2:c9:16:
36:06:d1:f3:32:79:01:d5:31:8b:c0:af:d2:28:47:ba:69:95:
95:3b:97:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2Nyx9BPe1R9vyBTsy+9A1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MTIxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzdmODJhMTk0MDY2YTQ4ZjgzN2I0MTljZDhhYTY3YzQ1MGZlMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3mX5vM2wDBNLiZlV9Q0Yvaxtbdq
BDWvXqD5lr0a99tO16L/tLc8lqgqWQtXLRL7gKfCko4fuXsX5Fd4NpaNF1EONPiN
LA9WI47o/+JXUP6dpwaGWxKRgrw7sMOmQqnkzHWp3ulgOqTesyCKX146ASoFfvrF
Z4teNhpbjndJcYdmFo+lnhZZWbhGmKuKbn3AYZXvhZsdiFGJ7vB4XU4xrTVpGaj0
IWYC86sQ1JZ8/6orrZOL6rRRL0eCQfoTehN2rwBuC0SX0/xOCYeClkXXuEt6DJ03
Cw+ZDv8abNeaDd7fdgWTN3u5D3/93ClRgYWG8htYr8Ao9kM05Y+uvAT34wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBx/gqGUBmpI+De0Gc2KpnxFD+FWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSEgtQ29aUUdha2o0TjdRWnpZcW1mRVVQNFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF237VO4FAIXyDkcumb+
Z632ncf7fP1S5FRR0N/G2g/QOD5UYRClF0LwfLsxGDkmwRJnNHecYGqgYFz2t6SX
bOWgXa1wTrYLYicb5UfsRmSWmAACLLOMRvA7M0ZrzMFPuepOPse+7gkqnjm8L5Zk
jVe5ayAXnWCQ/LINPj1EKlyCkwMi/0E3xraVGID7BOzLPkl1FKgA5RQyeeLBc8Xv
A2G/yuWaq4+n9baQ2EIXfeO3435b+pTZzifC4jXy/bjSa/6jhgd3G95yIg44yWwf
CqVg3d6W3S8rU8hzFRsnCbt0nb+EIX1+7vLJFjYG0fMyeQHVMYvAr9IoR7pplZU7
l+M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:10 2025 by rpki-client