Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HTP0Dhn2GRLcG7MWvTPdLjInGCY.roa
File: HTP0Dhn2GRLcG7MWvTPdLjInGCY.roa (raw, json)
Hash identifier: 74/xvkR9U8Tcsn/Q2/LoE12Zz6g7WBUuZZPOHrhvJYg=
Subject key identifier: 1D:33:F4:0E:19:F6:19:12:DC:1B:B3:16:BD:33:DD:2E:32:27:18:26
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFCF060EA12ACB72CC2AB751E33BBF4EB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HTP0Dhn2GRLcG7MWvTPdLjInGCY.roa
Signing time: Sat 02 Mar 2024 02:13:48 +0000
ROA not before: Sat 02 Mar 2024 02:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fc:f0:60:ea:12:ac:b7:2c:c2:ab:75:1e:33:bb:f4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 02:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d33f40e19f61912dc1bb316bd33dd2e32271826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7c:20:28:9a:2f:ff:3e:0d:33:4e:79:4d:94:
fc:37:05:e8:0e:b9:85:41:6e:a9:69:07:17:ca:ee:
ba:69:99:56:0d:ee:43:35:09:c2:81:0b:aa:04:fd:
64:c6:40:e8:b9:5f:31:09:f6:63:78:82:de:29:a4:
c9:9f:c9:93:c7:5c:b8:93:30:96:3c:23:95:1a:59:
9f:35:3f:80:dc:21:08:d5:f2:cb:2d:86:25:aa:ce:
43:2f:42:8c:f6:b5:8e:79:ba:ba:41:5d:78:14:29:
3e:5d:a2:19:e6:d9:6b:19:06:b0:f3:04:90:4b:26:
43:de:10:ee:91:01:e3:ab:86:20:cf:9c:1d:a9:58:
6c:3b:20:e7:b3:d4:b9:8f:15:f2:91:7f:ca:02:ce:
0f:11:fa:be:4d:4d:3f:ac:30:dd:19:96:79:3e:68:
9e:96:ec:a2:7f:a8:58:c4:c3:7e:34:f2:dd:e5:7a:
df:d4:df:2f:94:7f:e2:30:ee:7f:ac:2d:73:af:fd:
c7:85:88:26:b9:36:c1:cc:5b:c4:a2:5a:42:f8:c2:
6c:4b:84:51:39:e8:6c:e6:4b:61:d0:ce:12:b9:f5:
58:10:12:64:18:dd:7b:30:50:65:24:d5:bf:54:bb:
56:cf:fe:7d:b5:32:b4:33:eb:16:47:de:67:c8:fd:
ef:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:F4:0E:19:F6:19:12:DC:1B:B3:16:BD:33:DD:2E:32:27:18:26
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HTP0Dhn2GRLcG7MWvTPdLjInGCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:4f:ef:f7:48:60:ba:38:ab:d3:7a:df:8f:f0:44:9e:ec:ef:
91:91:f1:9b:c4:45:0e:38:ee:a2:bf:47:a9:6a:f7:73:a2:76:
31:f3:c4:f7:63:a6:07:a8:f6:a9:00:5f:50:0b:62:88:c3:2a:
99:74:5a:51:ff:e4:36:31:0c:f7:3c:60:1c:3f:cc:8c:65:1e:
f2:00:25:83:f2:39:49:0a:8f:4f:6e:3b:a1:11:8e:b1:a6:81:
49:08:37:c7:0a:52:92:76:af:f4:a5:90:c1:c3:f8:6f:67:34:
d2:78:b3:36:75:b0:38:dc:a9:31:eb:13:d2:7a:ca:73:bf:9a:
6b:b0:a0:97:3e:63:6a:f2:85:3d:ee:e9:ff:93:15:b2:1f:1b:
ee:14:92:c1:a1:73:cc:86:53:63:bc:b2:95:fb:f5:a6:d2:9d:
68:41:36:fb:50:85:a5:9b:fe:a9:19:38:55:bb:2c:87:ce:7d:
09:1e:4b:9b:dd:a5:3d:f2:54:54:48:21:c7:bb:67:6f:d5:7a:
74:94:5d:4b:75:88:7f:3d:52:ba:28:3d:83:7f:1f:45:c7:2b:
1c:a0:b7:6f:1b:99:fc:b8:37:9b:ff:76:54:9c:53:4a:21:77:
77:f8:16:92:b8:1f:75:c9:96:fa:0e:49:de:ec:ee:f4:b5:64:
e2:38:9d:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY388GDqEqy3LMKrdR4zu/TrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDIxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzZjQwZTE5ZjYxOTEyZGMxYmIzMTZiZDMzZGQyZTMyMjcxODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXwgKJov/z4NM055TZT8NwXoDrmF
QW6paQcXyu66aZlWDe5DNQnCgQuqBP1kxkDouV8xCfZjeILeKaTJn8mTx1y4kzCW
PCOVGlmfNT+A3CEI1fLLLYYlqs5DL0KM9rWOebq6QV14FCk+XaIZ5tlrGQaw8wSQ
SyZD3hDukQHjq4Ygz5wdqVhsOyDns9S5jxXykX/KAs4PEfq+TU0/rDDdGZZ5Pmie
luyif6hYxMN+NPLd5Xrf1N8vlH/iMO5/rC1zr/3HhYgmuTbBzFvEolpC+MJsS4RR
Oehs5kth0M4SufVYEBJkGN17MFBlJNW/VLtWz/59tTK0M+sWR95nyP3vUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0z9A4Z9hkS3BuzFr0z3S4yJxgmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSFRQMERobjJHUkxjRzdNV3ZUUGRMakluR0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAItP7/dIYLo4q9N634/w
RJ7s75GR8ZvERQ447qK/R6lq93OidjHzxPdjpgeo9qkAX1ALYojDKpl0WlH/5DYx
DPc8YBw/zIxlHvIAJYPyOUkKj09uO6ERjrGmgUkIN8cKUpJ2r/SlkMHD+G9nNNJ4
szZ1sDjcqTHrE9J6ynO/mmuwoJc+Y2ryhT3u6f+TFbIfG+4UksGhc8yGU2O8spX7
9abSnWhBNvtQhaWb/qkZOFW7LIfOfQkeS5vdpT3yVFRIIce7Z2/VenSUXUt1iH89
UrooPYN/H0XHKxygt28bmfy4N5v/dlScU0ohd3f4FpK4H3XJlvoOSd7s7vS1ZOI4
na8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:45 2025 by rpki-client