Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiZQfuk9UiZ7fF9S8CSQ0SsBRvo.roa
File: HiZQfuk9UiZ7fF9S8CSQ0SsBRvo.roa (raw, json)
Hash identifier: GCdzXe55Y/G0oSiNwu1eRp9UhEl6qRCjRN8vK4EeRa0=
Subject key identifier: 1E:26:50:7E:E9:3D:52:26:7B:7C:5F:52:F0:24:90:D1:2B:01:46:FA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7C9FADB7B7146BBF43DAD39757726FAC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiZQfuk9UiZ7fF9S8CSQ0SsBRvo.roa
Signing time: Tue 06 Feb 2024 04:14:15 +0000
ROA not before: Tue 06 Feb 2024 04:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7c:9f:ad:b7:b7:14:6b:bf:43:da:d3:97:57:72:6f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 04:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e26507ee93d52267b7c5f52f02490d12b0146fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:52:e7:e0:ca:ae:cc:4c:f9:ef:91:82:00:
88:fe:eb:3c:26:54:e3:e9:36:04:82:aa:ca:7c:3d:
5c:39:87:ec:6e:45:9c:47:80:9d:d7:98:1e:30:2d:
a8:34:21:2a:1c:b1:fc:bd:ec:f4:86:32:5a:b2:03:
b2:6a:00:b1:da:cb:3a:58:56:f2:e1:95:a8:c5:a2:
28:6f:61:94:0e:0f:49:fe:af:48:74:66:be:95:ac:
b0:5c:c8:2d:7c:33:36:7c:27:9f:08:ad:81:da:5c:
ec:6e:c0:7c:9e:9b:a5:92:08:c6:a5:15:45:d0:7f:
18:77:86:5d:42:a6:00:05:5a:86:56:01:9c:a2:cf:
03:7c:f0:b3:3c:2a:d8:38:c3:1e:46:70:93:8c:bd:
1c:f3:f4:71:36:f1:77:e2:e6:ff:01:82:84:fd:a8:
5d:16:1e:69:00:53:45:f4:e4:f0:67:e8:87:d9:98:
83:a2:1d:b2:3b:00:13:70:f2:42:db:1d:33:0c:a4:
85:a9:9b:3e:d1:1c:c0:43:bd:b7:64:0b:85:4d:42:
fe:eb:3a:0c:2d:ce:bb:9d:8e:bd:e7:81:c3:4e:a4:
7a:e1:1c:dc:ed:fb:f2:be:0c:c1:0d:18:25:74:0d:
aa:c2:32:74:74:21:62:fd:77:cd:7e:30:ee:93:91:
65:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:26:50:7E:E9:3D:52:26:7B:7C:5F:52:F0:24:90:D1:2B:01:46:FA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HiZQfuk9UiZ7fF9S8CSQ0SsBRvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:7c:8c:bc:89:33:5b:4d:ee:31:66:de:03:5a:08:bf:60:a5:
c5:70:b1:96:fe:6b:66:5c:bd:d0:d7:1f:22:73:77:3a:3d:79:
d4:b6:e9:79:b9:91:9b:19:6b:9a:c0:05:e5:95:59:b3:01:69:
2b:04:b8:bc:83:4e:25:0e:03:01:05:3d:c8:ab:30:b6:7c:88:
e5:14:d9:a6:3c:1b:d0:1b:5c:7e:e3:16:23:dd:ce:68:da:8e:
62:8a:ad:5b:b0:3f:d3:73:9b:17:62:14:77:57:75:18:9e:c4:
a0:14:14:fa:ad:8a:cb:78:24:0b:3c:2b:c4:17:04:47:a1:4c:
49:c2:02:d3:21:8c:5a:9d:32:69:08:7e:7d:c9:f3:ce:d4:9a:
dc:a7:aa:44:dd:28:c9:d2:69:5c:c9:0c:10:6b:14:01:ee:20:
2f:30:72:a9:33:ef:d5:4d:68:7a:f7:1f:00:06:f7:e7:75:16:
8a:05:45:67:57:a9:ab:6b:14:ed:bc:90:f3:ab:c9:0c:a3:11:
e6:1d:dc:ad:a6:01:e7:be:f6:6e:4a:08:f8:a6:a7:e7:1a:93:
d7:2c:ad:d9:a3:5e:9b:02:34:6b:51:33:70:bf:00:0d:e1:84:
21:0f:e8:7d:f4:f9:4b:83:cb:59:c3:0a:32:fa:f1:c0:a9:bf:
fe:dc:36:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY18n623txRrv0Pa05dXcm+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MDQxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI2NTA3ZWU5M2Q1MjI2N2I3YzVmNTJmMDI0OTBkMTJiMDE0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgdS5+DKrsxM+e+RggCI/us8JlTj
6TYEgqrKfD1cOYfsbkWcR4Cd15geMC2oNCEqHLH8vez0hjJasgOyagCx2ss6WFby
4ZWoxaIob2GUDg9J/q9IdGa+laywXMgtfDM2fCefCK2B2lzsbsB8npulkgjGpRVF
0H8Yd4ZdQqYABVqGVgGcos8DfPCzPCrYOMMeRnCTjL0c8/RxNvF34ub/AYKE/ahd
Fh5pAFNF9OTwZ+iH2ZiDoh2yOwATcPJC2x0zDKSFqZs+0RzAQ723ZAuFTUL+6zoM
Lc67nY6954HDTqR64Rzc7fvyvgzBDRgldA2qwjJ0dCFi/XfNfjDuk5Fl4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4mUH7pPVIme3xfUvAkkNErAUb6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSGlaUWZ1azlVaVo3ZkY5UzhDU1EwU3NCUnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZ8jLyJM1tN7jFm3gNa
CL9gpcVwsZb+a2ZcvdDXHyJzdzo9edS26Xm5kZsZa5rABeWVWbMBaSsEuLyDTiUO
AwEFPcirMLZ8iOUU2aY8G9AbXH7jFiPdzmjajmKKrVuwP9NzmxdiFHdXdRiexKAU
FPqtist4JAs8K8QXBEehTEnCAtMhjFqdMmkIfn3J887UmtynqkTdKMnSaVzJDBBr
FAHuIC8wcqkz79VNaHr3HwAG9+d1FooFRWdXqatrFO28kPOryQyjEeYd3K2mAee+
9m5KCPimp+cak9csrdmjXpsCNGtRM3C/AA3hhCEP6H30+UuDy1nDCjL68cCpv/7c
Ntk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:11 2025 by rpki-client