Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hc5S1v0gWHaTS0gSE0ExH7jvWwo.roa
File: Hc5S1v0gWHaTS0gSE0ExH7jvWwo.roa (raw, json)
Hash identifier: TtWBE8WaIpOipb/kV4QHjoYcG6GIKLnBrj/GnA513P8=
Subject key identifier: 1D:CE:52:D6:FD:20:58:76:93:4B:48:12:13:41:31:1F:B8:EF:5B:0A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C92171FF397A347A400140030594249D6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hc5S1v0gWHaTS0gSE0ExH7jvWwo.roa
Signing time: Fri 22 Dec 2023 15:13:58 +0000
ROA not before: Fri 22 Dec 2023 15:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:17:1f:f3:97:a3:47:a4:00:14:00:30:59:42:49:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 15:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dce52d6fd205876934b48121341311fb8ef5b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:05:48:77:0d:bc:48:ed:2c:96:ec:d5:4f:de:
fc:17:fa:91:2c:91:02:bd:87:6a:56:6b:4b:67:02:
fc:d4:e6:6f:19:54:66:c6:a8:84:3f:59:ac:84:3f:
c4:0f:96:dd:43:8e:48:bb:d2:cc:6c:51:60:8d:61:
39:ab:56:95:91:38:07:8f:d1:7a:38:18:7f:68:c9:
ff:e3:44:38:eb:ac:9e:2b:aa:98:a8:29:62:e9:61:
a5:e8:e6:bb:82:24:ed:40:f7:53:ce:96:6b:df:87:
43:57:57:c1:05:ac:3a:5e:6d:39:8d:50:cb:b7:9b:
3c:51:67:cd:26:20:aa:30:e4:33:44:e3:ef:84:92:
45:94:d3:02:80:c4:82:37:b0:bc:df:7a:a8:4b:f0:
b7:42:b6:76:a0:f6:64:39:b0:3b:17:74:cf:22:56:
21:a9:7f:49:0f:f6:54:8f:89:55:65:f6:74:ea:fa:
07:ec:06:e5:fe:10:0b:87:5c:74:95:dc:7a:dd:9b:
99:ce:df:61:46:e4:96:6f:5d:09:a1:db:6c:c9:73:
83:00:65:a2:9c:b8:96:37:11:52:d1:5a:20:fb:da:
1a:2f:c7:35:9a:1e:31:01:8c:ea:70:51:a6:ac:ff:
66:e5:68:c8:6d:35:3d:4c:d3:57:07:41:27:50:22:
8a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CE:52:D6:FD:20:58:76:93:4B:48:12:13:41:31:1F:B8:EF:5B:0A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hc5S1v0gWHaTS0gSE0ExH7jvWwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:76:cb:fd:f3:1c:95:30:eb:e5:dc:50:99:07:cf:30:fc:3a:
98:30:4c:4d:06:de:d7:91:02:9d:01:3c:6a:bd:5b:5b:e8:83:
7d:6e:4d:43:a8:75:42:0b:d9:4a:75:e9:c0:16:5a:ec:8f:91:
91:00:ab:bc:f3:1e:53:54:e6:19:2c:4d:28:33:b1:2a:8f:c6:
eb:c3:d9:01:4a:5b:bd:8a:1b:fa:9e:3c:f8:a4:c2:72:a2:50:
bd:04:0d:59:15:a7:d8:c2:5e:a8:e3:75:87:27:d8:f1:f4:f6:
c7:33:9d:11:6e:6e:c2:8c:93:6c:79:47:56:3e:8b:65:b0:54:
c0:66:5c:b3:4a:b2:e6:e1:c5:87:34:69:02:2d:13:d9:be:9b:
de:fc:d2:f7:df:b9:a6:7c:75:6e:8a:5e:68:db:6c:bd:50:e4:
71:a1:33:05:83:0e:7f:b8:ce:7f:0e:d2:b0:9c:c3:41:fe:6b:
c3:ea:67:d3:82:6c:b9:dc:37:be:52:e8:9d:9a:b2:b9:eb:8c:
59:da:2e:1a:fa:1d:54:55:88:11:ca:31:47:2d:75:6c:c7:d7:
7d:c4:31:5c:2e:e9:fe:7c:3d:6e:54:59:45:aa:87:cd:d7:34:
39:9d:bf:84:00:af:8a:3a:63:0d:ba:fb:e1:5a:3f:d4:cb:09:
58:f0:40:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYySFx/zl6NHpAAUADBZQknWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTUxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNlNTJkNmZkMjA1ODc2OTM0YjQ4MTIxMzQxMzExZmI4ZWY1YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgVIdw28SO0sluzVT978F/qRLJEC
vYdqVmtLZwL81OZvGVRmxqiEP1mshD/ED5bdQ45Iu9LMbFFgjWE5q1aVkTgHj9F6
OBh/aMn/40Q466yeK6qYqCli6WGl6Oa7giTtQPdTzpZr34dDV1fBBaw6Xm05jVDL
t5s8UWfNJiCqMOQzROPvhJJFlNMCgMSCN7C833qoS/C3QrZ2oPZkObA7F3TPIlYh
qX9JD/ZUj4lVZfZ06voH7Abl/hALh1x0ldx63ZuZzt9hRuSWb10JodtsyXODAGWi
nLiWNxFS0Vog+9oaL8c1mh4xAYzqcFGmrP9m5WjIbTU9TNNXB0EnUCKKrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB3OUtb9IFh2k0tIEhNBMR+471sKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGM1UzF2MGdXSGFUUzBnU0UwRXhIN2p2V3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADp2y/3zHJUw6+XcUJkH
zzD8OpgwTE0G3teRAp0BPGq9W1vog31uTUOodUIL2Up16cAWWuyPkZEAq7zzHlNU
5hksTSgzsSqPxuvD2QFKW72KG/qePPikwnKiUL0EDVkVp9jCXqjjdYcn2PH09scz
nRFubsKMk2x5R1Y+i2WwVMBmXLNKsubhxYc0aQItE9m+m9780vffuaZ8dW6KXmjb
bL1Q5HGhMwWDDn+4zn8O0rCcw0H+a8PqZ9OCbLncN75S6J2asrnrjFnaLhr6HVRV
iBHKMUctdWzH133EMVwu6f58PW5UWUWqh83XNDmdv4QAr4o6Yw26++FaP9TLCVjw
QHc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:17 2025 by rpki-client