Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HxHkRnxFb2NCMoNApJXmAXpgFxk.roa
File: HxHkRnxFb2NCMoNApJXmAXpgFxk.roa (raw, json)
Hash identifier: pAhyoy30V9IU9YNAemI2zJKowLBcBqXl3assxtIp9gs=
Subject key identifier: 1F:11:E4:46:7C:45:6F:63:42:32:83:40:A4:95:E6:01:7A:60:17:19
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC8C7E42AF8AF044E00BC2BAB525C4740
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HxHkRnxFb2NCMoNApJXmAXpgFxk.roa
Signing time: Wed 10 Apr 2024 16:12:06 +0000
ROA not before: Wed 10 Apr 2024 16:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:c7:e4:2a:f8:af:04:4e:00:bc:2b:ab:52:5c:47:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 16:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f11e4467c456f6342328340a495e6017a601719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d1:72:a8:a4:e4:fc:e9:45:a8:0c:bd:46:c3:
dc:10:06:21:c3:94:15:45:2f:46:9e:65:d7:e5:71:
79:d8:93:0a:36:b8:a3:4f:3f:00:ca:dd:d2:7a:bf:
b3:f2:bf:ef:df:83:1f:38:36:cd:04:ab:ad:a9:71:
69:21:ec:3c:7a:f7:66:42:09:b2:a6:89:dc:b1:6e:
43:23:cb:d9:71:18:f7:60:82:4a:8c:eb:30:b1:2e:
90:1e:38:9b:18:b0:48:71:07:7c:6a:63:b6:0c:3c:
a7:6a:24:0c:e7:94:da:b7:7b:e8:7e:99:99:97:7b:
39:01:91:b6:59:d8:94:a5:d8:0a:f4:94:e0:3f:37:
8e:9f:88:23:70:7e:df:d8:cf:dd:ea:b3:90:cf:ad:
23:02:12:38:d9:ce:1f:46:2e:8c:d2:bd:82:07:d3:
12:0e:99:6a:85:fa:aa:4f:16:7d:e9:ea:8a:6a:41:
ee:c0:e3:c9:f1:1c:d2:0b:c5:7f:d9:c2:5c:f5:f6:
f8:8d:69:7d:af:40:b7:25:4a:be:3b:28:26:27:7a:
ed:a3:5b:f7:1a:da:45:11:fb:d3:99:f9:ee:5c:8d:
dc:10:37:51:0e:1c:d6:b0:2c:eb:96:39:7e:07:fd:
28:65:c5:36:19:f4:62:bb:0b:00:d8:54:77:34:ec:
13:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:11:E4:46:7C:45:6F:63:42:32:83:40:A4:95:E6:01:7A:60:17:19
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HxHkRnxFb2NCMoNApJXmAXpgFxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:ed:62:87:33:d3:83:4d:b5:4e:2d:ef:57:70:dc:6a:b1:b9:
12:32:52:49:a5:99:f9:e6:80:3d:f9:b6:20:50:53:70:cf:6c:
ba:3b:b1:a4:60:96:f7:19:c6:3c:2a:f9:6e:ba:1c:5c:d6:17:
4e:74:29:e8:e4:86:3b:24:d9:35:34:5f:f1:aa:d5:3c:a4:c5:
22:84:8a:1e:73:d0:00:0f:08:ae:75:b4:ce:44:a5:7f:7c:04:
ac:0e:23:d3:c3:15:07:3a:05:20:7f:d8:d9:f6:17:44:c9:3a:
fa:20:d5:9a:f7:ab:b7:b0:ca:d6:72:1b:29:a3:5e:cb:83:74:
67:4f:e5:6d:ee:b6:bd:70:d9:a0:81:86:af:f1:a7:74:5d:97:
e4:de:9e:21:00:61:ba:c3:84:49:95:12:c0:a3:99:dc:05:d2:
e9:cd:3f:76:5b:1c:c0:60:54:1d:5c:00:22:3e:cb:d6:08:54:
26:00:38:0f:e5:9f:ad:4c:8c:16:73:c8:4c:44:d5:bc:87:02:
20:86:4d:9e:ad:b3:97:8c:d2:06:70:a0:79:2f:d4:33:bb:6d:
db:e0:69:c3:b6:a4:31:a0:dc:e9:6d:82:78:44:47:67:9e:95:
55:d2:1c:a8:00:9c:ea:44:31:91:f6:9b:00:ba:73:00:78:cc:
bf:78:9f:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7Ix+Qq+K8ETgC8K6tSXEdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMTYxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjExZTQ0NjdjNDU2ZjYzNDIzMjgzNDBhNDk1ZTYwMTdhNjAxNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNFyqKTk/OlFqAy9RsPcEAYhw5QV
RS9GnmXX5XF52JMKNrijTz8Ayt3Ser+z8r/v34MfODbNBKutqXFpIew8evdmQgmy
poncsW5DI8vZcRj3YIJKjOswsS6QHjibGLBIcQd8amO2DDynaiQM55Tat3vofpmZ
l3s5AZG2WdiUpdgK9JTgPzeOn4gjcH7f2M/d6rOQz60jAhI42c4fRi6M0r2CB9MS
DplqhfqqTxZ96eqKakHuwOPJ8RzSC8V/2cJc9fb4jWl9r0C3JUq+OygmJ3rto1v3
GtpFEfvTmfnuXI3cEDdRDhzWsCzrljl+B/0oZcU2GfRiuwsA2FR3NOwTgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8R5EZ8RW9jQjKDQKSV5gF6YBcZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSHhIa1JueEZiMk5DTW9OQXBKWG1BWHBnRnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7tYocz04NNtU4t71dw
3GqxuRIyUkmlmfnmgD35tiBQU3DPbLo7saRglvcZxjwq+W66HFzWF050Kejkhjsk
2TU0X/Gq1TykxSKEih5z0AAPCK51tM5EpX98BKwOI9PDFQc6BSB/2Nn2F0TJOvog
1Zr3q7ewytZyGymjXsuDdGdP5W3utr1w2aCBhq/xp3Rdl+TeniEAYbrDhEmVEsCj
mdwF0unNP3ZbHMBgVB1cACI+y9YIVCYAOA/ln61MjBZzyExE1byHAiCGTZ6ts5eM
0gZwoHkv1DO7bdvgacO2pDGg3OltgnhER2eelVXSHKgAnOpEMZH2mwC6cwB4zL94
n7I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:22 2025 by rpki-client