Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbQozauhwtt4O11HdezBetKRG2I.roa
File: HbQozauhwtt4O11HdezBetKRG2I.roa (raw, json)
Hash identifier: 4QmZO0+gw7S10VOSBvOHXlgbBXa5UiDHwF4w/9i+KyU=
Subject key identifier: 1D:B4:28:CD:AB:A1:C2:DB:78:3B:5D:47:75:EC:C1:7A:D2:91:1B:62
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE47AE4B7E0067F7E29F65D797F602F57
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbQozauhwtt4O11HdezBetKRG2I.roa
Signing time: Sun 07 Jan 2024 15:11:48 +0000
ROA not before: Sun 07 Jan 2024 15:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:7a:e4:b7:e0:06:7f:7e:29:f6:5d:79:7f:60:2f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 15:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db428cdaba1c2db783b5d4775ecc17ad2911b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:8e:d7:67:df:0b:84:96:4c:26:e1:c7:2b:
de:8e:14:33:8f:72:12:a5:56:0c:59:fd:3f:34:02:
a5:59:b8:9a:51:9c:87:72:2a:1f:a1:a0:62:fd:e5:
2e:1d:95:5c:77:51:92:d4:55:31:12:b3:d4:c9:dd:
7e:ac:a7:43:04:25:5d:06:59:a3:ea:ab:0c:fa:c4:
4b:bd:f9:8b:00:eb:c6:b1:fb:00:d5:01:4b:19:11:
5e:70:7d:ac:cb:c7:b0:b6:84:d6:93:9b:57:b0:c7:
e4:61:b5:84:0f:61:30:9c:16:08:7f:b3:ef:34:d4:
df:cb:97:5f:ce:a0:8d:57:94:7b:1d:1b:26:c3:11:
f9:68:0d:8e:c4:50:53:50:65:e9:cc:8c:33:55:a9:
f1:12:51:0f:df:b2:f8:8f:66:87:ba:f6:4b:f4:24:
d5:3b:f9:5f:6a:07:97:32:1d:26:2a:89:c4:ab:ce:
81:49:aa:62:d2:ec:73:55:ee:5e:74:2c:11:af:e7:
8c:99:01:a7:5a:8a:77:2d:e6:97:56:7c:fc:65:ed:
cc:67:e9:61:9f:1e:5d:30:02:47:62:62:1b:d9:2c:
48:26:45:76:98:d7:99:1c:0d:ad:62:db:24:03:46:
0a:14:a8:78:39:d2:55:80:89:43:69:78:94:c8:8a:
54:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B4:28:CD:AB:A1:C2:DB:78:3B:5D:47:75:EC:C1:7A:D2:91:1B:62
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HbQozauhwtt4O11HdezBetKRG2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:41:43:f3:c7:a8:b7:51:9a:f8:e7:f4:b7:09:0a:e6:a8:da:
f8:10:71:00:2d:77:5d:c6:80:98:2a:86:6c:9f:88:3d:ce:f4:
a9:db:96:c4:03:80:0d:30:20:1a:94:05:15:f3:9b:5a:f9:b3:
73:56:51:c6:e7:8d:ba:b4:92:7f:86:4d:51:33:db:87:54:34:
14:d9:fd:ac:9a:36:15:97:ae:e5:be:73:f4:40:96:96:65:f6:
b4:55:8b:41:9b:fb:09:ab:d4:a3:87:a7:e5:26:4b:4c:5b:99:
16:4e:45:96:02:6c:03:76:d3:2b:15:df:ac:c2:1d:81:50:df:
15:57:7f:1e:ee:29:56:49:a1:a1:5c:92:4f:f9:52:9c:b4:31:
32:9a:c1:0a:c0:f4:7c:b9:73:af:de:86:ce:81:33:9f:22:4d:
c2:48:77:5c:b5:55:a9:95:a0:a2:3a:d4:ef:dd:4f:c9:9e:28:
ed:4f:ee:a4:10:2b:70:9c:9f:14:a5:f7:72:20:8d:c0:d7:ec:
de:97:42:d1:61:66:b8:80:b1:28:a8:b9:45:27:35:3f:25:4c:
a5:b2:cc:04:46:f4:3f:c9:98:d2:dc:c6:eb:69:70:f3:44:b0:
b0:9d:59:71:21:48:34:1d:61:6d:70:fd:b2:3c:0f:e0:66:14:
23:22:a8:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzkeuS34AZ/fin2XXl/YC9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MTUxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI0MjhjZGFiYTFjMmRiNzgzYjVkNDc3NWVjYzE3YWQyOTExYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLOO12ffC4SWTCbhxyvejhQzj3IS
pVYMWf0/NAKlWbiaUZyHciofoaBi/eUuHZVcd1GS1FUxErPUyd1+rKdDBCVdBlmj
6qsM+sRLvfmLAOvGsfsA1QFLGRFecH2sy8ewtoTWk5tXsMfkYbWED2EwnBYIf7Pv
NNTfy5dfzqCNV5R7HRsmwxH5aA2OxFBTUGXpzIwzVanxElEP37L4j2aHuvZL9CTV
O/lfageXMh0mKonEq86BSapi0uxzVe5edCwRr+eMmQGnWop3LeaXVnz8Ze3MZ+lh
nx5dMAJHYmIb2SxIJkV2mNeZHA2tYtskA0YKFKh4OdJVgIlDaXiUyIpUpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB20KM2rocLbeDtdR3XswXrSkRtiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGJRb3phdWh3dHQ0TzExSGRlekJldEtSRzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVBQ/PHqLdRmvjn9LcJ
Cuao2vgQcQAtd13GgJgqhmyfiD3O9KnblsQDgA0wIBqUBRXzm1r5s3NWUcbnjbq0
kn+GTVEz24dUNBTZ/ayaNhWXruW+c/RAlpZl9rRVi0Gb+wmr1KOHp+UmS0xbmRZO
RZYCbAN20ysV36zCHYFQ3xVXfx7uKVZJoaFckk/5Upy0MTKawQrA9Hy5c6/ehs6B
M58iTcJId1y1VamVoKI61O/dT8meKO1P7qQQK3CcnxSl93IgjcDX7N6XQtFhZriA
sSiouUUnNT8lTKWyzARG9D/JmNLcxutpcPNEsLCdWXEhSDQdYW1w/bI8D+BmFCMi
qCA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:39 2025 by rpki-client