Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hx4ggzMRXssS6EfSlRINzXWbJ9U.roa
File: Hx4ggzMRXssS6EfSlRINzXWbJ9U.roa (raw, json)
Hash identifier: iVzJHUEHxW35akRNB9COyFe93KmQ92rscp9daXZb6ME=
Subject key identifier: 1F:1E:20:83:33:11:5E:CB:12:E8:47:D2:95:12:0D:CD:75:9B:27:D5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF71F6C57226EDD3655D2DB4351E18C09
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hx4ggzMRXssS6EfSlRINzXWbJ9U.roa
Signing time: Thu 11 Jan 2024 06:04:40 +0000
ROA not before: Thu 11 Jan 2024 06:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:f71f:3653/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:1f:6c:57:22:6e:dd:36:55:d2:db:43:51:e1:8c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 06:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f1e208333115ecb12e847d295120dcd759b27d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:05:60:9a:5b:13:c1:2d:dd:e6:df:27:2e:
48:57:9d:30:b7:5c:7a:1a:45:5b:69:bb:ad:a6:59:
be:00:4e:a6:b5:c3:22:cc:2c:30:e4:3c:fc:90:a2:
d5:f4:8e:6e:79:6b:4d:fc:d5:a3:ea:fc:05:53:8d:
a3:97:e6:7b:88:6b:af:55:11:3c:c3:a4:46:93:f3:
a8:48:d4:a8:2c:e0:c2:e7:15:a3:c8:37:e7:da:bd:
52:20:f8:b5:dc:78:0e:47:ab:a1:c6:ad:8a:48:93:
86:13:f4:f8:5f:1d:1a:9c:8f:36:f0:54:18:a0:ff:
f4:e0:7b:d8:46:ee:31:c5:a1:f5:df:36:d0:d9:81:
6e:06:44:0b:54:6a:cd:ff:25:36:af:42:82:e1:aa:
4e:85:1f:16:3d:cd:f0:16:6f:ca:93:27:59:52:3a:
dc:79:e9:22:ae:e0:4d:eb:fc:c1:fa:06:ab:2b:36:
7e:75:48:21:58:ba:84:35:8e:2f:b8:7a:da:c8:8c:
2f:b8:09:ac:41:87:48:f7:0a:cb:5a:17:b8:3b:2a:
c6:1c:c3:e7:6c:92:1c:58:71:95:9d:91:3c:d7:33:
3e:47:1b:37:aa:e1:6b:1f:c3:27:f7:c2:41:b2:d5:
24:cd:42:73:35:00:85:f7:c1:3b:9e:e3:0d:ed:62:
cf:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1E:20:83:33:11:5E:CB:12:E8:47:D2:95:12:0D:CD:75:9B:27:D5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Hx4ggzMRXssS6EfSlRINzXWbJ9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:2f:44:96:5c:41:a1:e1:2c:a6:56:36:89:8d:7a:80:6b:f0:
d3:3a:e2:bb:91:68:bb:48:0a:2b:98:da:7d:b1:a2:99:d8:aa:
15:e0:85:e8:47:a8:57:0b:84:94:a1:db:20:19:ab:76:05:37:
e2:7e:8f:05:90:11:66:f1:b1:ff:16:4d:87:21:32:1a:fe:54:
83:e1:cb:46:03:5d:5e:9b:35:7f:6f:3c:17:79:03:54:27:ee:
2f:e8:51:e8:40:9b:66:9d:d9:58:a8:c0:aa:20:9a:38:07:aa:
05:12:bc:b3:26:73:1b:8c:0b:1b:4f:8a:67:ad:a9:10:46:86:
11:6d:b5:1c:f7:0f:19:66:a7:ba:81:81:ed:cc:da:95:dc:72:
42:87:9d:d3:81:b2:05:cf:a6:69:eb:f8:6d:e6:87:01:15:7f:
8c:6d:64:47:07:fe:65:2b:31:98:e8:ea:4e:b9:50:44:1b:80:
1b:6d:36:35:47:6f:04:7e:34:c9:d7:70:7c:f2:4b:43:ec:f5:
0d:e9:24:6c:8c:ad:49:1c:2d:ff:b5:6c:85:6c:a8:e5:04:b4:
b8:4a:f2:a0:0f:5a:85:1a:15:57:99:c3:f7:5a:08:af:77:67:
4f:1b:16:4e:03:b3:39:c4:46:70:11:d6:ee:a0:a8:c5:89:ce:
d2:36:6e:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz3H2xXIm7dNlXS20NR4YwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDYwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjFlMjA4MzMzMTE1ZWNiMTJlODQ3ZDI5NTEyMGRjZDc1OWIyN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmYFYJpbE8Et3ebfJy5IV50wt1x6
GkVbabutplm+AE6mtcMizCww5Dz8kKLV9I5ueWtN/NWj6vwFU42jl+Z7iGuvVRE8
w6RGk/OoSNSoLODC5xWjyDfn2r1SIPi13HgOR6uhxq2KSJOGE/T4Xx0anI828FQY
oP/04HvYRu4xxaH13zbQ2YFuBkQLVGrN/yU2r0KC4apOhR8WPc3wFm/KkydZUjrc
eekiruBN6/zB+garKzZ+dUghWLqENY4vuHrayIwvuAmsQYdI9wrLWhe4OyrGHMPn
bJIcWHGVnZE81zM+Rxs3quFrH8Mn98JBstUkzUJzNQCF98E7nuMN7WLP8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8eIIMzEV7LEuhH0pUSDc11myfVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSHg0Z2d6TVJYc3NTNkVmU2xSSU56WFdiSjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHwvRJZcQaHhLKZWNomN
eoBr8NM64ruRaLtICiuY2n2xopnYqhXghehHqFcLhJSh2yAZq3YFN+J+jwWQEWbx
sf8WTYchMhr+VIPhy0YDXV6bNX9vPBd5A1Qn7i/oUehAm2ad2ViowKogmjgHqgUS
vLMmcxuMCxtPimetqRBGhhFttRz3Dxlmp7qBge3M2pXcckKHndOBsgXPpmnr+G3m
hwEVf4xtZEcH/mUrMZjo6k65UEQbgBttNjVHbwR+NMnXcHzyS0Ps9Q3pJGyMrUkc
Lf+1bIVsqOUEtLhK8qAPWoUaFVeZw/daCK93Z08bFk4DsznERnAR1u6gqMWJztI2
bm4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:34:36 2025 by rpki-client