Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/h6TTbEgC4Kfy6Op3ca4LdFRj5Hs.roa
File: h6TTbEgC4Kfy6Op3ca4LdFRj5Hs.roa (raw, json)
Hash identifier: 12LFvtfTlIng0ei4sCF9tI8gtU65pkAc9bv7Vf6Bgz0=
Subject key identifier: 87:A4:D3:6C:48:02:E0:A7:F2:E8:EA:77:71:AE:0B:74:54:63:E4:7B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E355F599F9E9E7054AC5763694EFC522F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/h6TTbEgC4Kfy6Op3ca4LdFRj5Hs.roa
Signing time: Wed 13 Mar 2024 01:13:45 +0000
ROA not before: Wed 13 Mar 2024 01:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:35:5f:59:9f:9e:9e:70:54:ac:57:63:69:4e:fc:52:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 01:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a4d36c4802e0a7f2e8ea7771ae0b745463e47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ae:55:71:98:9f:28:33:47:3d:90:25:9c:90:
fb:5b:d3:0e:a1:00:6b:07:1e:87:1e:3e:70:04:e9:
dd:10:f6:fa:52:f9:8b:c4:f8:cb:51:1a:0d:2a:80:
8d:05:ca:88:d8:96:1d:ba:35:d6:f3:1f:69:b8:c0:
3a:65:d4:c9:6d:a6:20:63:97:17:90:17:82:3a:f5:
28:7f:5d:7a:3d:43:76:34:b1:ab:5d:dc:78:33:c9:
69:f3:c3:4e:38:f4:c0:a2:6b:c0:bd:9e:05:92:62:
c5:3e:1b:d6:87:43:95:54:85:30:9d:0e:9a:ee:39:
05:8d:a2:33:7b:93:45:0a:32:1c:71:24:2a:cc:79:
d7:64:f4:0b:f5:6c:9e:b6:9b:c5:2f:b3:10:f5:d2:
d7:a8:95:6c:0d:c9:6d:ad:b1:41:79:e2:c5:4a:90:
1d:78:03:1d:c2:11:02:0b:8d:58:6c:a7:4f:f0:b8:
60:28:c2:06:95:0c:2e:15:ad:4e:14:3f:d6:e7:e5:
a8:bd:dd:17:6c:31:55:c4:c7:95:64:e2:02:aa:4a:
57:a5:90:0d:02:02:51:d8:86:67:49:dc:9b:ae:a1:
e2:77:93:fc:47:de:f6:f0:a1:6c:a8:b8:87:49:6e:
22:18:fe:18:b2:b8:f6:b3:c2:22:28:4d:f4:c8:e9:
5a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A4:D3:6C:48:02:E0:A7:F2:E8:EA:77:71:AE:0B:74:54:63:E4:7B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/h6TTbEgC4Kfy6Op3ca4LdFRj5Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:a5:ca:d2:c4:4a:67:df:20:77:1a:4f:2c:c6:9e:a6:c2:af:
87:3a:a7:9b:24:af:ce:66:1b:5c:93:38:12:0e:17:96:b1:5b:
ab:ed:b0:8a:f6:05:b4:3d:4b:52:ab:29:3e:e5:3c:77:ca:1e:
e6:b0:51:bf:31:4d:4f:8e:f1:a5:a3:55:1a:27:50:9e:de:30:
32:ad:5d:38:8b:81:93:d9:e8:03:50:e5:db:4c:ea:a7:b9:4e:
c4:c7:fa:5c:aa:c4:95:65:17:19:7a:34:f4:e3:dd:5a:97:9d:
a5:1e:21:d0:f1:08:6b:ac:f1:a8:b7:c6:ca:f6:91:5f:cb:70:
0f:02:02:e9:27:58:6b:f9:b2:bd:f0:b3:66:9b:92:7d:a3:37:
6d:af:f0:b5:c7:d0:77:2a:87:71:36:76:c3:e6:e3:2c:34:b1:
da:91:d8:a3:39:94:42:ed:e5:d7:d5:1c:7f:7e:56:c5:01:62:
23:51:c9:1f:5d:68:6b:5f:8f:9b:83:c1:87:32:ce:f4:9d:f0:
c0:59:3e:59:b8:d9:41:e0:c2:f8:25:45:24:6b:57:b3:1f:bc:
9d:09:7c:39:59:5d:21:a1:87:f2:af:b9:f7:d8:df:72:60:ef:
f3:88:71:a7:bb:71:82:32:1f:66:af:ef:a9:5a:6a:e7:d9:f7:
0c:7f:d2:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY41X1mfnp5wVKxXY2lO/FIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDExMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E0ZDM2YzQ4MDJlMGE3ZjJlOGVhNzc3MWFlMGI3NDU0NjNlNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh65VcZifKDNHPZAlnJD7W9MOoQBr
Bx6HHj5wBOndEPb6UvmLxPjLURoNKoCNBcqI2JYdujXW8x9puMA6ZdTJbaYgY5cX
kBeCOvUof116PUN2NLGrXdx4M8lp88NOOPTAomvAvZ4FkmLFPhvWh0OVVIUwnQ6a
7jkFjaIze5NFCjIccSQqzHnXZPQL9WyetpvFL7MQ9dLXqJVsDcltrbFBeeLFSpAd
eAMdwhECC41YbKdP8LhgKMIGlQwuFa1OFD/W5+Wovd0XbDFVxMeVZOICqkpXpZAN
AgJR2IZnSdybrqHid5P8R9728KFsqLiHSW4iGP4Ysrj2s8IiKE30yOla5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIek02xIAuCn8ujqd3GuC3RUY+R7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaDZUVGJFZ0M0S2Z5Nk9wM2NhNExkRlJqNUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGGlytLESmffIHcaTyzG
nqbCr4c6p5skr85mG1yTOBIOF5axW6vtsIr2BbQ9S1KrKT7lPHfKHuawUb8xTU+O
8aWjVRonUJ7eMDKtXTiLgZPZ6ANQ5dtM6qe5TsTH+lyqxJVlFxl6NPTj3VqXnaUe
IdDxCGus8ai3xsr2kV/LcA8CAuknWGv5sr3ws2abkn2jN22v8LXH0Hcqh3E2dsPm
4yw0sdqR2KM5lELt5dfVHH9+VsUBYiNRyR9daGtfj5uDwYcyzvSd8MBZPlm42UHg
wvglRSRrV7MfvJ0JfDlZXSGhh/KvuffY33Jg7/OIcae7cYIyH2av76laaufZ9wx/
0gg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:07 2025 by rpki-client