Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HLH5198Z8Al6UFlyLSNlG2DqLD4.roa
File: HLH5198Z8Al6UFlyLSNlG2DqLD4.roa (raw, json)
Hash identifier: Q3OEtM0z1VCQQVkijHzmIqd6GgzCNZnJGaZh0pfQI0s=
Subject key identifier: 1C:B1:F9:D7:DF:19:F0:09:7A:50:59:72:2D:23:65:1B:60:EA:2C:3E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4D2885E4918AC419BA99035170CF20DF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HLH5198Z8Al6UFlyLSNlG2DqLD4.roa
Signing time: Sun 17 Mar 2024 16:04:45 +0000
ROA not before: Sun 17 Mar 2024 16:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:4d28:2b6a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4d:28:85:e4:91:8a:c4:19:ba:99:03:51:70:cf:20:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 16:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb1f9d7df19f0097a5059722d23651b60ea2c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:83:aa:da:b6:07:12:98:92:d0:95:ce:f2:
0a:f0:2c:ae:a3:1f:cf:34:f6:3a:0b:db:10:ad:ed:
15:a9:cc:f6:9a:8f:d9:92:e3:28:f1:83:ef:d7:60:
b3:4b:18:c5:73:fc:92:c7:97:b0:1c:23:fc:20:e2:
ee:d6:93:9f:fe:72:93:bd:ad:c8:b1:5a:3b:ae:ba:
da:3e:e3:5d:03:44:ef:ed:08:a6:e6:90:ed:40:31:
9b:ec:f5:a1:7e:0e:db:5a:a6:26:d1:4c:a4:77:3f:
73:6e:21:53:c2:d4:6b:81:52:18:9e:c1:46:29:8e:
db:ee:d4:2d:e2:74:5a:74:a2:e7:29:0a:b3:b2:10:
d2:90:2e:13:52:ed:c9:5f:13:e2:63:9e:0d:83:a6:
3f:a6:7f:fb:68:27:42:12:8a:e5:20:e2:04:6e:f3:
89:45:7e:20:84:67:53:3d:b8:83:04:da:ad:e1:d3:
8a:27:0f:47:14:35:34:b8:58:08:6b:c8:92:e4:ff:
3f:17:27:a6:f9:83:09:09:02:8a:d4:10:16:d6:92:
ee:d5:2e:07:57:ed:ab:eb:54:36:5c:5a:85:9f:e3:
60:93:66:ab:41:79:e1:dd:79:94:9d:85:3c:94:03:
85:79:3c:9e:87:60:ec:eb:88:60:ea:44:31:87:aa:
1e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B1:F9:D7:DF:19:F0:09:7A:50:59:72:2D:23:65:1B:60:EA:2C:3E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HLH5198Z8Al6UFlyLSNlG2DqLD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:c1:7c:0f:d8:64:8a:27:5a:cd:92:36:7d:c2:a3:30:31:35:
39:cd:0b:f1:b0:6d:88:51:a5:50:b7:af:82:bf:fd:b6:0d:0b:
ce:80:27:78:b6:b3:84:72:f7:39:55:5e:8c:a8:41:35:73:59:
66:ff:a7:4d:91:e7:05:0b:8e:0b:a2:60:eb:ea:cc:ae:00:ec:
d4:1a:0e:12:e3:b5:bc:0c:29:d3:a4:88:22:b4:49:67:08:99:
ad:5f:18:d2:1d:87:ca:fc:e1:b0:ba:25:45:0d:2f:4c:c6:f9:
a4:21:87:eb:57:2d:ca:cb:7a:5d:42:7d:07:e4:ce:d5:cc:8d:
58:94:3b:ab:1f:d8:61:e8:98:d6:d4:f7:ae:5a:69:28:26:5a:
b8:cf:51:43:67:18:4e:89:57:27:1b:f2:09:41:d0:9d:a7:f3:
26:ef:67:5d:b5:56:2a:fe:a1:c7:7e:5f:b0:b3:d6:a3:72:55:
69:40:0a:4b:2b:d6:52:23:7f:24:d6:37:73:0e:0c:99:83:d6:
fe:16:b4:33:11:b2:f4:b2:84:7b:71:0d:5d:00:a7:73:fe:91:
1b:7f:1b:4f:73:ad:17:4a:af:5b:ef:89:0b:d5:ba:38:d3:56:
4b:c6:73:e8:16:3d:28:53:42:8b:ae:49:e7:c0:fc:d4:02:0b:
b0:b8:01:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5NKIXkkYrEGbqZA1FwzyDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MTYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IxZjlkN2RmMTlmMDA5N2E1MDU5NzIyZDIzNjUxYjYwZWEyYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+CDqtq2BxKYktCVzvIK8Cyuox/P
NPY6C9sQre0Vqcz2mo/ZkuMo8YPv12CzSxjFc/ySx5ewHCP8IOLu1pOf/nKTva3I
sVo7rrraPuNdA0Tv7Qim5pDtQDGb7PWhfg7bWqYm0Uykdz9zbiFTwtRrgVIYnsFG
KY7b7tQt4nRadKLnKQqzshDSkC4TUu3JXxPiY54Ng6Y/pn/7aCdCEorlIOIEbvOJ
RX4ghGdTPbiDBNqt4dOKJw9HFDU0uFgIa8iS5P8/Fyem+YMJCQKK1BAW1pLu1S4H
V+2r61Q2XFqFn+Ngk2arQXnh3XmUnYU8lAOFeTyeh2Ds64hg6kQxh6oebwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByx+dffGfAJelBZci0jZRtg6iw+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSExINTE5OFo4QWw2VUZseUxTTmxHMkRxTEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABzBfA/YZIonWs2SNn3C
ozAxNTnNC/GwbYhRpVC3r4K//bYNC86AJ3i2s4Ry9zlVXoyoQTVzWWb/p02R5wUL
jguiYOvqzK4A7NQaDhLjtbwMKdOkiCK0SWcIma1fGNIdh8r84bC6JUUNL0zG+aQh
h+tXLcrLel1CfQfkztXMjViUO6sf2GHomNbU965aaSgmWrjPUUNnGE6JVycb8glB
0J2n8ybvZ121Vir+ocd+X7Cz1qNyVWlACksr1lIjfyTWN3MODJmD1v4WtDMRsvSy
hHtxDV0Ap3P+kRt/G09zrRdKr1vviQvVujjTVkvGc+gWPShTQouuSefA/NQCC7C4
Aaw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:11 2025 by rpki-client