Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbJ7mtAIBBqeAMDvG3JY8WLn-d8.roa
File: HbJ7mtAIBBqeAMDvG3JY8WLn-d8.roa (raw, json)
Hash identifier: PMFNUsFM8tDgUaCtcbRi9aWzZUv1pIoatDLsEKYu0YU=
Subject key identifier: 1D:B2:7B:9A:D0:08:04:1A:9E:00:C0:EF:1B:72:58:F1:62:E7:F9:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9999464133B00CF320BE6A622FC064CD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbJ7mtAIBBqeAMDvG3JY8WLn-d8.roa
Signing time: Sun 11 Feb 2024 19:16:15 +0000
ROA not before: Sun 11 Feb 2024 19:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:99:46:41:33:b0:0c:f3:20:be:6a:62:2f:c0:64:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 19:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db27b9ad008041a9e00c0ef1b7258f162e7f9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:c6:00:2a:ac:3b:f6:b3:07:ec:43:76:ab:
69:db:47:8e:29:fe:3b:11:d8:84:a3:ab:f9:38:3e:
1a:a3:d2:ef:38:4e:dc:a4:cb:f4:f4:a1:78:4a:11:
af:a7:70:af:9f:36:9a:91:88:43:f8:21:13:fb:a0:
f2:15:e8:d5:0b:01:be:ee:d3:9f:7e:c8:7f:64:a0:
3d:c2:db:bd:b5:79:b9:5c:61:72:f0:75:d3:99:50:
8d:62:e4:d4:62:7e:9c:9b:88:1d:7a:13:fc:3a:61:
7d:e8:76:54:0c:94:c2:89:c7:10:5d:e4:39:5b:6a:
13:99:d8:a0:bc:86:21:4a:5a:c7:39:43:8e:1c:25:
90:59:a2:e8:c0:f3:ae:ed:24:38:8e:5f:09:e0:44:
9e:56:42:cc:b2:22:2b:28:21:db:32:04:53:b4:a4:
9e:f2:2e:d8:72:b3:84:b1:e8:b0:09:1f:95:c3:38:
9d:a7:09:6c:88:6a:33:dc:e7:da:ad:e9:1d:c4:77:
74:35:34:66:b5:12:df:69:65:a5:50:69:88:06:41:
fc:84:8a:8e:a0:39:25:31:19:e6:92:25:2b:05:fd:
ff:29:70:7b:03:c7:f3:97:87:e8:09:2c:e6:01:eb:
08:c3:40:92:eb:6f:6a:87:7a:fa:34:68:35:ed:37:
57:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:7B:9A:D0:08:04:1A:9E:00:C0:EF:1B:72:58:F1:62:E7:F9:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbJ7mtAIBBqeAMDvG3JY8WLn-d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:eb:0e:62:9a:ea:04:8f:3e:12:95:a2:2e:8a:ef:b5:b7:4c:
f8:ea:f5:00:fb:19:6b:57:33:a8:a1:d2:7b:6d:e7:32:14:2f:
80:40:6a:bb:ac:09:c9:c7:ed:8c:25:79:0b:98:4f:7b:0a:96:
ac:9a:bb:a6:a8:89:4a:2e:7a:29:3f:16:e7:94:c9:17:cf:27:
52:ab:91:a5:57:97:5d:bb:b7:0a:36:b6:6c:91:2e:dd:ef:e4:
50:bf:8d:de:f1:4e:94:3b:da:37:25:fd:ba:e9:33:d8:4b:72:
c6:bd:ef:99:9a:66:a6:71:99:59:d3:2a:b6:aa:3e:ea:60:b7:
41:54:ef:90:7b:90:3e:ce:5a:7c:3a:8e:be:91:6e:07:33:b1:
ca:40:b6:2b:49:72:93:be:ae:b8:8c:ba:f6:38:62:c9:09:94:
03:60:ff:07:78:a4:8f:a7:13:fa:18:63:75:e3:6c:64:95:d1:
ee:d5:58:f7:fe:96:2c:b7:de:8f:62:8a:19:ca:50:72:40:88:
b9:38:db:ba:49:3b:32:ef:f2:13:16:3e:0d:d7:bc:1b:21:36:
65:51:85:83:f4:53:3d:5e:7a:3f:1b:e7:52:7b:ab:a3:b6:3d:
73:40:40:10:ad:bd:52:bf:73:05:86:9f:31:a7:ab:2b:d3:f3:
ef:e7:d5:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ZmUZBM7AM8yC+amIvwGTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMTkxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIyN2I5YWQwMDgwNDFhOWUwMGMwZWYxYjcyNThmMTYyZTdmOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGvGACqsO/azB+xDdqtp20eOKf47
EdiEo6v5OD4ao9LvOE7cpMv09KF4ShGvp3CvnzaakYhD+CET+6DyFejVCwG+7tOf
fsh/ZKA9wtu9tXm5XGFy8HXTmVCNYuTUYn6cm4gdehP8OmF96HZUDJTCiccQXeQ5
W2oTmdigvIYhSlrHOUOOHCWQWaLowPOu7SQ4jl8J4ESeVkLMsiIrKCHbMgRTtKSe
8i7YcrOEseiwCR+VwzidpwlsiGoz3OfarekdxHd0NTRmtRLfaWWlUGmIBkH8hIqO
oDklMRnmkiUrBf3/KXB7A8fzl4foCSzmAesIw0CS629qh3r6NGg17TdXqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2ye5rQCAQangDA7xtyWPFi5/nfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGJKN210QUlCQnFlQU1EdkczSlk4V0xuLWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfrDmKa6gSPPhKVoi6K
77W3TPjq9QD7GWtXM6ih0ntt5zIUL4BAarusCcnH7YwleQuYT3sKlqyau6aoiUou
eik/FueUyRfPJ1KrkaVXl127two2tmyRLt3v5FC/jd7xTpQ72jcl/brpM9hLcsa9
75maZqZxmVnTKraqPupgt0FU75B7kD7OWnw6jr6RbgczscpAtitJcpO+rriMuvY4
YskJlANg/wd4pI+nE/oYY3XjbGSV0e7VWPf+liy33o9iihnKUHJAiLk427pJOzLv
8hMWPg3XvBshNmVRhYP0Uz1eej8b51J7q6O2PXNAQBCtvVK/cwWGnzGnqyvT8+/n
1U8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:37 2025 by rpki-client