Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HIyHMX0I7vE8LkuW7IyebsugOTE.roa
File: HIyHMX0I7vE8LkuW7IyebsugOTE.roa (raw, json)
Hash identifier: WruD3hqIIUc3J9RFsZDC5enKN7m/kN5lAnhqxiaSyas=
Subject key identifier: 1C:8C:87:31:7D:08:EE:F1:3C:2E:4B:96:EC:8C:9E:6E:CB:A0:39:31
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E48A6F56DE2DD6EE001B749E31F40B252
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HIyHMX0I7vE8LkuW7IyebsugOTE.roa
Signing time: Sat 16 Mar 2024 19:04:45 +0000
ROA not before: Sat 16 Mar 2024 19:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:48a6:95c3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:a6:f5:6d:e2:dd:6e:e0:01:b7:49:e3:1f:40:b2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 19:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c8c87317d08eef13c2e4b96ec8c9e6ecba03931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:69:0c:27:59:57:01:09:8d:e2:b0:eb:6e:28:
b5:09:33:c7:65:9c:ae:ee:8f:c6:5e:e3:3e:f6:87:
1f:15:a8:8c:06:21:b5:df:95:74:bf:f1:be:29:1f:
80:a7:3b:78:1d:aa:fc:f1:ac:f3:97:8f:60:47:d3:
5c:9b:3d:fe:26:05:fc:8e:d3:da:2d:aa:10:91:1b:
46:74:38:b9:3f:a6:20:66:d9:ac:2b:46:38:d9:04:
57:97:4d:b8:c9:92:3e:0c:d4:09:1d:de:a8:92:07:
49:27:88:93:be:1b:dc:4b:ab:1a:cc:80:d2:ba:91:
89:ad:57:39:a7:ab:54:8d:85:5e:66:02:a1:4c:71:
a1:de:9e:92:08:83:e8:eb:e4:cc:d6:f9:03:b0:fc:
b5:a2:29:6c:43:e0:0f:b6:7c:c2:c9:96:2a:73:94:
69:9b:8e:6c:13:4b:33:75:ec:60:53:29:2a:40:c7:
71:e3:00:96:f7:bc:d7:bd:df:07:9c:1a:f2:99:7b:
97:fd:8d:93:08:5d:d3:0e:58:5e:9c:bb:02:c4:26:
e7:76:4b:a8:d4:9e:83:cd:fc:83:b1:60:21:12:f2:
a9:43:fc:0c:ef:a0:36:61:90:bb:c1:d7:e8:68:15:
e1:52:f3:78:75:81:64:a7:b9:58:eb:42:f2:1a:50:
49:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8C:87:31:7D:08:EE:F1:3C:2E:4B:96:EC:8C:9E:6E:CB:A0:39:31
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HIyHMX0I7vE8LkuW7IyebsugOTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:32:8c:e4:f5:56:fe:6a:58:2f:aa:84:21:a8:4b:b9:a3:f5:
b0:d0:a3:1e:d1:28:8d:5e:3e:1f:a6:81:5b:1c:f8:57:ce:1f:
dc:bc:e1:ee:d2:6f:7f:73:dc:d1:2b:d5:cd:c6:63:94:39:a9:
bd:fb:49:5b:1c:59:aa:3f:82:c7:02:8a:a7:fd:cd:3e:d5:36:
d7:44:d0:81:0e:dc:0e:89:d3:e9:d5:b9:70:8e:07:b7:05:87:
9f:0c:e0:14:a2:c0:da:ec:4f:37:05:0b:3b:6a:d9:78:88:22:
57:dc:82:51:27:e8:d2:c2:9e:df:b1:23:f7:aa:52:07:65:6f:
85:a3:35:dc:f2:22:52:7c:4b:b8:b8:89:08:b7:4f:31:7f:ff:
7c:5d:5b:14:00:01:bc:0b:88:5e:5b:bb:1f:66:88:b0:78:28:
f5:2e:04:fe:6a:86:da:c9:7c:0c:f3:91:c1:f1:5f:c3:fd:34:
a6:49:2b:fe:28:20:48:a9:b0:47:a7:5a:28:9b:cf:db:5c:91:
87:e1:47:5d:f5:67:9a:1d:4c:2b:c8:95:33:fa:39:a3:3c:58:
a6:5c:e3:10:7d:b7:f6:42:63:44:22:9b:92:3f:19:34:4f:d2:
8d:0c:2c:2f:94:e6:fe:3c:69:86:c9:04:45:59:36:56:f5:31:
d2:f6:72:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5IpvVt4t1u4AG3SeMfQLJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MTkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhjODczMTdkMDhlZWYxM2MyZTRiOTZlYzhjOWU2ZWNiYTAzOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWkMJ1lXAQmN4rDrbii1CTPHZZyu
7o/GXuM+9ocfFaiMBiG135V0v/G+KR+Apzt4Har88azzl49gR9Ncmz3+JgX8jtPa
LaoQkRtGdDi5P6YgZtmsK0Y42QRXl024yZI+DNQJHd6okgdJJ4iTvhvcS6sazIDS
upGJrVc5p6tUjYVeZgKhTHGh3p6SCIPo6+TM1vkDsPy1oilsQ+APtnzCyZYqc5Rp
m45sE0szdexgUykqQMdx4wCW97zXvd8HnBrymXuX/Y2TCF3TDlhenLsCxCbndkuo
1J6DzfyDsWAhEvKpQ/wM76A2YZC7wdfoaBXhUvN4dYFkp7lY60LyGlBJBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByMhzF9CO7xPC5LluyMnm7LoDkxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSEl5SE1YMEk3dkU4TGt1VzdJeWVic3VnT1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIcyjOT1Vv5qWC+qhCGo
S7mj9bDQox7RKI1ePh+mgVsc+FfOH9y84e7Sb39z3NEr1c3GY5Q5qb37SVscWao/
gscCiqf9zT7VNtdE0IEO3A6J0+nVuXCOB7cFh58M4BSiwNrsTzcFCztq2XiIIlfc
glEn6NLCnt+xI/eqUgdlb4WjNdzyIlJ8S7i4iQi3TzF//3xdWxQAAbwLiF5bux9m
iLB4KPUuBP5qhtrJfAzzkcHxX8P9NKZJK/4oIEipsEenWiibz9tckYfhR131Z5od
TCvIlTP6OaM8WKZc4xB9t/ZCY0Qim5I/GTRP0o0MLC+U5v48aYbJBEVZNlb1MdL2
cpk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:47 2025 by rpki-client