Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HQFH__KGl23RM6hjwfL2oD71tIU.roa
File: HQFH__KGl23RM6hjwfL2oD71tIU.roa (raw, json)
Hash identifier: iAVJFegwFYsHoijWGiESUlZNct2/rwFyNwyD3vvbh+s=
Subject key identifier: 1D:01:47:FF:F2:86:97:6D:D1:33:A8:63:C1:F2:F6:A0:3E:F5:B4:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7F2C2C0B352ECBE0351A509C2287AFBF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HQFH__KGl23RM6hjwfL2oD71tIU.roa
Signing time: Wed 27 Mar 2024 09:09:45 +0000
ROA not before: Wed 27 Mar 2024 09:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:2c:2c:0b:35:2e:cb:e0:35:1a:50:9c:22:87:af:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 09:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d0147fff286976dd133a863c1f2f6a03ef5b485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:00:70:3e:92:56:73:9b:94:5f:8f:d4:d7:91:
f7:2c:b7:30:bb:da:8e:b3:59:a9:b0:31:a3:f9:7c:
0d:f4:e6:69:58:c6:ec:66:c0:1a:a2:31:7b:8d:c9:
ab:5f:b9:aa:7c:8a:58:5c:11:63:64:13:19:b2:60:
73:9f:21:f5:f7:1e:30:fa:68:03:ef:f2:3c:28:e3:
50:ac:69:ef:c9:04:d2:88:88:4b:13:c3:3a:46:05:
79:7e:31:e1:50:aa:b0:72:d2:40:ec:2c:d1:73:4f:
2e:e5:82:33:cf:99:e8:27:aa:dc:1b:8f:58:45:d3:
b8:6e:c4:13:40:48:32:47:ee:ab:e6:a5:73:0e:83:
ed:3c:53:a0:67:c8:29:b2:24:50:ce:d2:18:72:32:
67:1a:9a:8a:52:c1:09:b0:77:13:34:c8:92:0a:42:
fe:8e:72:de:05:7f:56:81:3b:aa:31:08:92:c4:ab:
40:61:aa:d7:27:77:73:6c:4c:3f:73:0b:4e:88:96:
58:ab:58:2f:6b:e2:ca:ea:66:ad:a3:90:24:bb:f0:
9a:08:73:0d:15:01:d3:dc:ec:c2:b7:2f:b4:46:ad:
b0:ef:3a:2e:6a:f7:84:cc:25:de:c5:17:eb:99:4b:
a6:f0:9d:73:2d:02:5e:bd:78:6d:db:80:81:35:3f:
8b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:01:47:FF:F2:86:97:6D:D1:33:A8:63:C1:F2:F6:A0:3E:F5:B4:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HQFH__KGl23RM6hjwfL2oD71tIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:6a:4d:4b:eb:66:4c:64:4c:ed:31:a1:99:0f:10:25:19:40:
fa:63:d3:e1:78:cf:ed:71:70:aa:6e:03:69:8c:bb:ea:ec:85:
cc:79:90:cd:c5:44:0a:d6:4b:2a:20:d3:bd:d9:83:c6:b3:af:
41:fc:70:c7:cd:82:ee:d4:90:8f:e9:39:8c:52:26:6a:b0:5a:
10:57:f1:7a:e8:a1:71:48:8c:a0:9f:40:e7:28:fd:b0:0e:ad:
83:b4:2e:5e:96:2c:7f:26:fb:f9:12:d5:cc:36:f8:bc:59:29:
85:6e:3b:46:2f:55:7a:6f:6e:6e:e9:5c:cf:cb:6a:0f:a3:bf:
3f:1a:57:90:7b:44:28:e9:f4:5e:6f:23:ab:d1:2a:49:96:d7:
ae:13:cc:b1:6e:d1:bd:59:0b:54:3b:b6:55:ce:e8:db:9f:62:
7e:0f:6e:d0:ee:5e:73:d8:ad:27:33:c1:08:03:d3:5e:cc:5f:
e5:cc:b4:46:53:f6:36:46:2c:a3:f7:ad:55:4a:c6:7d:2a:44:
e9:24:52:b1:32:40:59:80:fd:28:dc:aa:08:da:e1:59:98:ea:
68:54:c2:79:e4:67:94:5a:1d:f8:ca:0f:c1:c7:ac:34:16:1c:
82:c9:89:a7:4e:fc:bf:b6:81:ff:16:3c:07:65:73:2b:bb:cc:
1a:8f:c6:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5/LCwLNS7L4DUaUJwih6+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MDkwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAxNDdmZmYyODY5NzZkZDEzM2E4NjNjMWYyZjZhMDNlZjViNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlABwPpJWc5uUX4/U15H3LLcwu9qO
s1mpsDGj+XwN9OZpWMbsZsAaojF7jcmrX7mqfIpYXBFjZBMZsmBznyH19x4w+mgD
7/I8KONQrGnvyQTSiIhLE8M6RgV5fjHhUKqwctJA7CzRc08u5YIzz5noJ6rcG49Y
RdO4bsQTQEgyR+6r5qVzDoPtPFOgZ8gpsiRQztIYcjJnGpqKUsEJsHcTNMiSCkL+
jnLeBX9WgTuqMQiSxKtAYarXJ3dzbEw/cwtOiJZYq1gva+LK6mato5Aku/CaCHMN
FQHT3OzCty+0Rq2w7zouaveEzCXexRfrmUum8J1zLQJevXht24CBNT+LzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0BR//yhpdt0TOoY8Hy9qA+9bSFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSFFGSF9fS0dsMjNSTTZoandmTDJvRDcxdElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJqTUvrZkxkTO0xoZkP
ECUZQPpj0+F4z+1xcKpuA2mMu+rshcx5kM3FRArWSyog073Zg8azr0H8cMfNgu7U
kI/pOYxSJmqwWhBX8XrooXFIjKCfQOco/bAOrYO0Ll6WLH8m+/kS1cw2+LxZKYVu
O0YvVXpvbm7pXM/Lag+jvz8aV5B7RCjp9F5vI6vRKkmW164TzLFu0b1ZC1Q7tlXO
6NufYn4PbtDuXnPYrSczwQgD017MX+XMtEZT9jZGLKP3rVVKxn0qROkkUrEyQFmA
/Sjcqgja4VmY6mhUwnnkZ5RaHfjKD8HHrDQWHILJiadO/L+2gf8WPAdlcyu7zBqP
xiY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:27 2025 by rpki-client