Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RH4rcnTSQzjVH2e13yx3xDc2PU8.roa
File: RH4rcnTSQzjVH2e13yx3xDc2PU8.roa (raw, json)
Hash identifier: lia3A36GqhzWrGb6KjM18rMvhvmb8LLWNITofW6PQvM=
Subject key identifier: 44:7E:2B:72:74:D2:43:38:D5:1F:67:B5:DF:2C:77:C4:37:36:3D:4F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAABD4342BD3123B9285A160800E66F96
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RH4rcnTSQzjVH2e13yx3xDc2PU8.roa
Signing time: Thu 04 Apr 2024 20:11:53 +0000
ROA not before: Thu 04 Apr 2024 20:11:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:aa:bd:43:42:bd:31:23:b9:28:5a:16:08:00:e6:6f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 20:11:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=447e2b7274d24338d51f67b5df2c77c437363d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d2:21:be:79:d7:de:14:99:eb:35:24:4e:5b:
18:92:c7:17:da:04:0f:65:53:0d:02:a8:13:ef:d4:
f2:9d:0e:cd:93:c4:c7:96:2f:2f:82:98:48:4e:fe:
4e:e1:74:cd:56:34:27:59:3a:98:33:44:58:3b:4f:
ca:f8:3f:a2:4a:7c:4e:60:5c:60:df:0c:06:4f:69:
08:14:f0:5f:11:a3:66:d2:7e:28:83:a3:40:26:7f:
e3:eb:05:ec:e1:cf:51:8f:02:e8:39:d5:28:19:09:
21:87:e1:0a:43:7a:a2:e0:29:ef:e5:6d:49:d5:eb:
4e:42:3c:a8:7a:05:f8:69:a2:1c:05:f0:8a:d0:53:
ef:db:fc:66:f2:e4:f3:22:2f:ec:18:e1:10:03:9f:
e1:98:7d:79:11:0f:01:72:a8:8f:69:39:08:d9:68:
df:8a:b7:16:25:aa:d3:60:34:2b:ea:40:d3:2d:79:
77:33:ba:9e:2f:6b:1c:57:35:76:64:f3:f0:82:79:
d3:16:19:ec:5d:68:44:38:5b:a4:eb:1a:20:2e:1f:
24:c8:a2:34:c0:d7:99:db:87:a0:0e:e7:99:72:19:
59:99:a1:d4:83:2a:16:4d:d4:5f:aa:df:55:89:fb:
7d:4e:cb:99:06:db:19:b7:93:58:93:bd:a0:56:36:
0e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7E:2B:72:74:D2:43:38:D5:1F:67:B5:DF:2C:77:C4:37:36:3D:4F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RH4rcnTSQzjVH2e13yx3xDc2PU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:4b:57:be:4b:6d:c5:3e:2b:c1:c6:2a:7b:fd:8c:2c:57:d5:
db:3e:b6:fc:d1:1b:4c:96:5b:6c:da:ac:8a:a2:0d:c6:06:ca:
b8:24:09:d0:d7:a8:99:df:f3:db:29:63:d6:34:e2:1b:b7:a0:
91:3f:cc:de:fc:67:18:67:c4:39:8d:86:26:ff:29:93:ff:8e:
9a:e0:64:e0:c8:6c:1f:58:2b:93:29:25:9b:63:54:b5:a3:40:
51:f2:fe:22:6a:cf:ee:d8:74:46:ef:03:30:37:2d:46:8b:ee:
f2:e2:7d:bb:5d:b9:bd:ab:dc:a6:6e:46:ee:62:6f:e2:a3:9b:
b1:b8:22:48:29:da:2e:d4:73:4c:0a:f9:58:ad:d7:3b:dd:2a:
e7:36:eb:99:81:a8:50:35:78:a3:fa:cc:71:05:b0:db:e7:6f:
12:2d:65:11:9e:89:9f:67:a1:3d:66:a2:9f:2d:c3:f5:f7:3b:
df:e9:d6:fe:4f:56:75:0d:b4:52:72:4b:9f:6e:13:f9:4c:5f:
32:b4:7d:27:c5:be:e1:e9:20:bc:01:a2:89:34:1a:1f:97:72:
93:12:35:bb:d8:f6:07:25:27:d3:dc:91:4a:2d:e6:24:be:58:
6e:d1:d4:6a:3a:37:33:0a:a9:80:1e:36:09:ce:8a:a6:75:9f:
45:a5:11:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6qvUNCvTEjuShaFggA5m+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MjAxMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDdlMmI3Mjc0ZDI0MzM4ZDUxZjY3YjVkZjJjNzdjNDM3MzYzZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9IhvnnX3hSZ6zUkTlsYkscX2gQP
ZVMNAqgT79TynQ7Nk8THli8vgphITv5O4XTNVjQnWTqYM0RYO0/K+D+iSnxOYFxg
3wwGT2kIFPBfEaNm0n4og6NAJn/j6wXs4c9RjwLoOdUoGQkhh+EKQ3qi4Cnv5W1J
1etOQjyoegX4aaIcBfCK0FPv2/xm8uTzIi/sGOEQA5/hmH15EQ8BcqiPaTkI2Wjf
ircWJarTYDQr6kDTLXl3M7qeL2scVzV2ZPPwgnnTFhnsXWhEOFuk6xogLh8kyKI0
wNeZ24egDueZchlZmaHUgyoWTdRfqt9Vift9TsuZBtsZt5NYk72gVjYONwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFER+K3J00kM41R9ntd8sd8Q3Nj1PMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUkg0cmNuVFNRempWSDJlMTN5eDN4RGMyUFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtLV75LbcU+K8HGKnv9
jCxX1ds+tvzRG0yWW2zarIqiDcYGyrgkCdDXqJnf89spY9Y04hu3oJE/zN78Zxhn
xDmNhib/KZP/jprgZODIbB9YK5MpJZtjVLWjQFHy/iJqz+7YdEbvAzA3LUaL7vLi
fbtdub2r3KZuRu5ib+Kjm7G4Ikgp2i7Uc0wK+Vit1zvdKuc265mBqFA1eKP6zHEF
sNvnbxItZRGeiZ9noT1mop8tw/X3O9/p1v5PVnUNtFJyS59uE/lMXzK0fSfFvuHp
ILwBook0Gh+XcpMSNbvY9gclJ9PckUot5iS+WG7R1Go6NzMKqYAeNgnOiqZ1n0Wl
EQA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:35 2025 by rpki-client