Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H_BaruSiHM4EobV5uGmKRPgNKRg.roa
File: H_BaruSiHM4EobV5uGmKRPgNKRg.roa (raw, json)
Hash identifier: jpDuxEpg7IL3tFvm42yOc3C26lKB+cKaIq/p8z/yMBs=
Subject key identifier: 1F:F0:5A:AE:E4:A2:1C:CE:04:A1:B5:79:B8:69:8A:44:F8:0D:29:18
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC14BB9C4C32098D4B3312B76C9C5F5D3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H_BaruSiHM4EobV5uGmKRPgNKRg.roa
Signing time: Mon 19 Feb 2024 12:16:21 +0000
ROA not before: Mon 19 Feb 2024 12:16:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:4b:b9:c4:c3:20:98:d4:b3:31:2b:76:c9:c5:f5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 19 12:16:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ff05aaee4a21cce04a1b579b8698a44f80d2918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:12:29:49:8a:d8:df:e7:56:d0:88:d9:80:3b:
7b:c7:49:b2:70:66:73:55:2d:24:6b:27:7d:36:14:
73:48:59:30:39:16:6c:34:50:99:e3:8e:90:a1:17:
2d:a8:76:a7:5f:b8:9d:18:99:c8:49:1f:07:40:09:
07:87:6d:d3:f7:9c:3e:84:d2:84:86:e4:25:27:ec:
98:55:81:f0:bf:dd:0b:1d:9c:55:40:4a:a2:5a:19:
c4:4a:49:f3:61:cd:03:dd:47:3c:68:62:59:8a:8d:
08:45:eb:ab:80:b2:8f:20:b4:44:1e:03:7e:19:be:
09:85:d0:1a:36:31:38:4a:ff:68:dc:bc:93:e0:8f:
76:ed:d8:e0:00:db:9a:03:95:5c:56:dc:44:33:bb:
00:80:8c:c4:4a:4e:e7:47:7d:39:5c:f8:a1:68:c0:
7b:be:c9:c5:c8:74:a7:ba:a1:98:d2:a2:07:99:5e:
6c:e7:31:6d:8f:3e:ad:70:85:9a:f1:0d:ab:67:d6:
e3:bb:f1:81:d9:39:43:53:c6:c9:fa:8e:dd:96:d2:
e4:09:91:a5:b7:db:d2:ca:db:c1:c1:ef:3b:10:30:
74:50:98:79:40:65:eb:06:3c:6b:6b:10:e4:8b:7e:
3b:6d:e2:4e:3f:15:be:1f:6e:02:5e:77:5c:a2:3d:
d7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F0:5A:AE:E4:A2:1C:CE:04:A1:B5:79:B8:69:8A:44:F8:0D:29:18
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H_BaruSiHM4EobV5uGmKRPgNKRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:40:b3:f9:0d:37:e9:d7:77:b1:68:a4:94:59:62:b9:d5:6f:
1e:ef:fb:75:a1:3d:57:89:4c:ab:92:15:ba:31:fe:c4:57:01:
bc:89:73:05:3e:96:d5:db:f2:d5:58:6d:d4:77:7c:bd:7b:cc:
40:4f:51:a7:3e:87:5f:38:ae:b8:0a:07:0b:3c:cf:35:05:9d:
f1:47:4f:50:1c:67:77:ad:4b:dd:bf:5d:57:bf:d9:cd:80:e9:
09:9c:c2:74:59:1b:59:7f:e3:3a:da:1b:98:6c:9b:c8:4a:31:
e6:c2:62:c8:df:44:6e:e1:94:28:a1:6f:ec:64:fe:9c:17:90:
a9:bc:a8:c6:cf:6d:22:2e:74:cf:b1:2e:4c:3f:1e:0a:9d:74:
98:28:82:58:c6:c9:23:5b:a8:8f:50:d7:ee:17:dd:06:e9:2b:
12:63:5c:a0:63:0a:9d:79:72:6a:6d:e0:ee:36:da:ab:d1:65:
5d:73:28:bc:d8:e1:8f:64:95:90:50:15:fc:b0:74:1b:61:d8:
b7:91:df:cc:3b:35:f3:1e:cf:c4:d2:10:42:49:2c:0a:c3:a1:
fe:96:6e:8a:b5:06:33:5d:7d:b0:d0:c3:07:04:0e:ba:c2:67:
59:8f:02:37:62:b9:2c:11:9e:76:25:ed:94:3b:8f:0d:32:15:
15:60:de:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3BS7nEwyCY1LMxK3bJxfXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE5MTIxNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmYwNWFhZWU0YTIxY2NlMDRhMWI1NzliODY5OGE0NGY4MGQyOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhIpSYrY3+dW0IjZgDt7x0mycGZz
VS0kayd9NhRzSFkwORZsNFCZ446QoRctqHanX7idGJnISR8HQAkHh23T95w+hNKE
huQlJ+yYVYHwv90LHZxVQEqiWhnESknzYc0D3Uc8aGJZio0IReurgLKPILREHgN+
Gb4JhdAaNjE4Sv9o3LyT4I927djgANuaA5VcVtxEM7sAgIzESk7nR305XPihaMB7
vsnFyHSnuqGY0qIHmV5s5zFtjz6tcIWa8Q2rZ9bju/GB2TlDU8bJ+o7dltLkCZGl
t9vSytvBwe87EDB0UJh5QGXrBjxraxDki347beJOPxW+H24CXndcoj3XzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB/wWq7kohzOBKG1ebhpikT4DSkYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSF9CYXJ1U2lITTRFb2JWNXVHbUtSUGdOS1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIZAs/kNN+nXd7FopJRZ
YrnVbx7v+3WhPVeJTKuSFbox/sRXAbyJcwU+ltXb8tVYbdR3fL17zEBPUac+h184
rrgKBws8zzUFnfFHT1AcZ3etS92/XVe/2c2A6QmcwnRZG1l/4zraG5hsm8hKMebC
YsjfRG7hlCihb+xk/pwXkKm8qMbPbSIudM+xLkw/HgqddJgogljGySNbqI9Q1+4X
3QbpKxJjXKBjCp15cmpt4O422qvRZV1zKLzY4Y9klZBQFfywdBth2LeR38w7NfMe
z8TSEEJJLArDof6Wboq1BjNdfbDQwwcEDrrCZ1mPAjdiuSwRnnYl7ZQ7jw0yFRVg
3ok=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:22 2025 by rpki-client