Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HHPBG5HHRj7Zr2HmgvKIzHqnehs.roa
File: HHPBG5HHRj7Zr2HmgvKIzHqnehs.roa (raw, json)
Hash identifier: SHqBuubpiDjosU+AtLLo/QvAIzVjG8+SDm0/8F4UQeg=
Subject key identifier: 1C:73:C1:1B:91:C7:46:3E:D9:AF:61:E6:82:F2:88:CC:7A:A7:7A:1B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9ADC2F52D28B124872AE8552F75763A2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HHPBG5HHRj7Zr2HmgvKIzHqnehs.roa
Signing time: Mon 01 Apr 2024 18:11:45 +0000
ROA not before: Mon 01 Apr 2024 18:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9a:dc:2f:52:d2:8b:12:48:72:ae:85:52:f7:57:63:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 18:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c73c11b91c7463ed9af61e682f288cc7aa77a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:12:53:86:3f:e1:01:e3:f9:b6:c4:e5:27:16:
82:36:10:72:fd:70:28:64:72:00:b6:18:c8:65:ad:
b0:ef:2b:67:e3:bb:66:92:66:55:08:12:8c:0d:56:
1b:4b:cd:ea:78:eb:6c:53:46:74:86:e2:62:c0:05:
c3:22:a5:b2:b1:96:57:a3:f2:b1:60:cc:c3:43:1a:
c2:20:d0:70:b1:7e:d5:31:97:b3:70:fe:98:4b:b1:
3e:88:e6:f3:7a:b8:b2:f9:0a:5c:45:5b:21:66:20:
2a:bb:70:59:60:0f:71:18:52:18:00:5e:9e:98:a0:
56:c2:6d:83:8c:90:b6:87:20:82:23:0d:2d:9a:c1:
86:11:56:8f:14:2e:cd:10:e5:b1:47:d1:a2:12:90:
92:16:78:c6:49:ef:ef:ee:ad:9e:87:9c:e6:69:25:
51:ff:2c:34:49:ad:1f:9e:d0:e9:c6:0d:f1:a6:12:
76:0b:fb:04:f4:96:d9:02:f5:93:64:00:fc:ef:97:
ca:e3:ce:9f:cf:2f:a0:fb:36:2f:85:87:7b:09:ca:
60:24:ff:82:97:b1:72:18:63:f3:db:c2:d5:16:7c:
45:95:de:d1:56:b1:05:bf:16:63:c1:53:96:c2:74:
16:61:0b:70:cd:21:a3:14:f4:3a:41:70:1d:92:b1:
d0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:73:C1:1B:91:C7:46:3E:D9:AF:61:E6:82:F2:88:CC:7A:A7:7A:1B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HHPBG5HHRj7Zr2HmgvKIzHqnehs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:d7:ad:90:4c:94:3d:8b:4b:10:b8:8f:d2:d5:a1:33:dc:b0:
de:4f:09:b8:ec:f5:5c:21:cb:fa:07:22:39:10:18:2d:84:d2:
03:37:d3:c3:44:32:8c:8d:7b:c2:3c:c6:3d:55:3b:7c:f8:e4:
ab:65:91:73:b8:db:fc:ae:e8:39:ed:51:ca:9d:ba:98:cf:2b:
85:ae:4c:5c:2b:bd:27:d4:6e:02:10:46:39:3f:ca:b7:42:25:
46:74:3f:38:d3:10:0a:65:03:62:5d:7a:b8:a3:17:16:1d:5a:
ed:97:fd:ed:e1:a2:be:a6:6a:b3:97:76:a3:db:e7:ad:c9:b3:
15:91:a0:1d:2c:5b:29:4c:bd:fd:6e:15:09:0a:96:e7:cf:d8:
19:a5:8a:81:08:ec:08:79:69:aa:ba:b7:50:5e:e7:b8:ae:6f:
d4:ed:8f:84:e7:8d:b9:bf:24:07:c7:cd:d1:4f:fa:76:10:95:
19:67:cc:1c:c2:1f:a0:27:85:0e:5c:6e:5b:bb:da:7e:db:bf:
55:29:55:eb:5c:73:89:18:a9:f4:87:df:17:05:96:52:fe:91:
f5:76:27:f6:55:d2:84:f0:7c:45:6c:4a:4e:41:c3:3a:74:3a:
2d:e9:bf:11:95:cf:83:3f:5e:3d:2c:67:ed:83:45:90:bf:4c:
c9:f4:1e:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6a3C9S0osSSHKuhVL3V2OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMTgxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzczYzExYjkxYzc0NjNlZDlhZjYxZTY4MmYyODhjYzdhYTc3YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRJThj/hAeP5tsTlJxaCNhBy/XAo
ZHIAthjIZa2w7ytn47tmkmZVCBKMDVYbS83qeOtsU0Z0huJiwAXDIqWysZZXo/Kx
YMzDQxrCINBwsX7VMZezcP6YS7E+iObzeriy+QpcRVshZiAqu3BZYA9xGFIYAF6e
mKBWwm2DjJC2hyCCIw0tmsGGEVaPFC7NEOWxR9GiEpCSFnjGSe/v7q2eh5zmaSVR
/yw0Sa0fntDpxg3xphJ2C/sE9JbZAvWTZAD875fK486fzy+g+zYvhYd7CcpgJP+C
l7FyGGPz28LVFnxFld7RVrEFvxZjwVOWwnQWYQtwzSGjFPQ6QXAdkrHQ1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBxzwRuRx0Y+2a9h5oLyiMx6p3obMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSEhQQkc1SEhSajdacjJIbWd2S0l6SHFuZWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvXrZBMlD2LSxC4j9LV
oTPcsN5PCbjs9Vwhy/oHIjkQGC2E0gM308NEMoyNe8I8xj1VO3z45KtlkXO42/yu
6DntUcqdupjPK4WuTFwrvSfUbgIQRjk/yrdCJUZ0PzjTEAplA2JderijFxYdWu2X
/e3hor6marOXdqPb563JsxWRoB0sWylMvf1uFQkKlufP2BmlioEI7Ah5aaq6t1Be
57iub9Ttj4Tnjbm/JAfHzdFP+nYQlRlnzBzCH6AnhQ5cblu72n7bv1UpVetcc4kY
qfSH3xcFllL+kfV2J/ZV0oTwfEVsSk5Bwzp0Oi3pvxGVz4M/Xj0sZ+2DRZC/TMn0
Hho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org