Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hAtpmTOQcyzjd51x9ukyZLvXTCA.roa
File: hAtpmTOQcyzjd51x9ukyZLvXTCA.roa (raw, json)
Hash identifier: BJz2gWQqOPA5on+qNjam7qxTk4VrJcQqH2hziDXm3lY=
Subject key identifier: 84:0B:69:99:33:90:73:2C:E3:77:9D:71:F6:E9:32:64:BB:D7:4C:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7F9DF7C5C677B6843A3B4CEDF4D02A3A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hAtpmTOQcyzjd51x9ukyZLvXTCA.roa
Signing time: Tue 06 Feb 2024 18:11:15 +0000
ROA not before: Tue 06 Feb 2024 18:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:9d:f7:c5:c6:77:b6:84:3a:3b:4c:ed:f4:d0:2a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 18:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=840b69993390732ce3779d71f6e93264bbd74c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:41:ba:39:61:be:e4:37:9a:42:f1:42:3d:
38:b5:a7:e5:06:bb:78:73:cf:7f:82:50:f1:c8:91:
1a:2c:fb:9e:7f:9c:6b:2f:0b:60:c6:ef:0b:bd:85:
d7:c7:9c:2d:a2:a6:39:a1:df:48:83:b3:1c:1e:47:
b5:82:77:52:47:0d:13:cb:c5:54:bd:eb:8b:2a:99:
56:67:e8:b5:94:9e:1f:2f:c0:c1:cb:5b:e4:a2:03:
ce:ac:bd:97:1b:64:af:fb:70:c0:19:77:87:df:8c:
dc:8f:42:11:4b:83:26:95:f7:f3:eb:cd:d7:3e:b2:
0c:e1:18:fb:62:22:09:ea:44:22:b1:6d:b2:5f:9c:
6c:56:62:e7:73:23:2e:be:73:82:2f:fb:53:31:b9:
52:a9:d1:9c:f5:60:bc:be:0c:24:99:d1:b4:fa:02:
75:9e:b8:17:41:44:fa:12:c4:47:e3:7d:d9:a4:59:
bd:15:1a:6b:10:18:3f:dd:e2:22:eb:64:9c:99:25:
c1:74:f6:97:08:08:6c:cc:0e:ea:98:f6:56:47:98:
d9:a3:f7:f6:fc:44:0c:db:ac:36:23:05:7b:c4:a3:
a9:43:e4:f3:31:c6:db:46:0c:81:93:f6:10:37:1d:
93:10:c3:38:40:76:81:d2:7b:81:09:04:14:f2:0a:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0B:69:99:33:90:73:2C:E3:77:9D:71:F6:E9:32:64:BB:D7:4C:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hAtpmTOQcyzjd51x9ukyZLvXTCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:bd:15:d5:8c:d8:2f:a3:ae:13:72:59:cb:e3:cc:8b:9a:a4:
de:17:5d:9b:cb:6d:82:b5:6a:09:c0:2e:98:7e:a6:c3:bf:50:
13:4f:cf:ec:35:35:bb:5b:c8:0c:c5:e5:ed:ff:1b:9f:74:80:
40:f7:06:67:08:87:42:b2:e7:21:6a:e7:aa:f9:eb:01:2d:bf:
ff:ea:79:77:0f:6f:e2:2d:5a:f9:b1:02:34:9b:6a:50:b9:f5:
0b:e3:d0:c7:46:44:b9:03:88:db:02:4b:ab:73:27:d5:50:d6:
e7:0b:79:78:26:47:62:5f:ca:47:6c:e8:38:67:e7:db:70:24:
4d:78:e3:36:ab:8a:f0:de:12:24:e6:c3:5b:42:a8:11:3d:b1:
84:06:3c:89:cb:93:bd:e1:27:9b:ab:a8:a5:b0:e7:0f:6c:f8:
f7:e5:34:7d:06:38:88:4a:ca:cd:f9:f5:f3:c8:de:5e:dd:59:
ad:fd:ad:c4:57:72:29:ab:a8:a2:74:07:bf:98:35:04:7c:ca:
22:45:81:d4:64:2b:e9:1b:1d:05:9e:b6:fc:33:30:38:d1:f2:
85:f8:37:d6:6d:97:49:9b:1e:9a:2b:e6:b9:a8:4f:e4:7c:e8:
e6:4b:9f:ca:07:18:71:71:5a:c7:a5:31:42:db:cf:b7:99:cc:
d2:55:c8:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1/nffFxne2hDo7TO300Co6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MTgxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBiNjk5OTMzOTA3MzJjZTM3NzlkNzFmNmU5MzI2NGJiZDc0YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJVBujlhvuQ3mkLxQj04taflBrt4
c89/glDxyJEaLPuef5xrLwtgxu8LvYXXx5wtoqY5od9Ig7McHke1gndSRw0Ty8VU
veuLKplWZ+i1lJ4fL8DBy1vkogPOrL2XG2Sv+3DAGXeH34zcj0IRS4Mmlffz683X
PrIM4Rj7YiIJ6kQisW2yX5xsVmLncyMuvnOCL/tTMblSqdGc9WC8vgwkmdG0+gJ1
nrgXQUT6EsRH433ZpFm9FRprEBg/3eIi62ScmSXBdPaXCAhszA7qmPZWR5jZo/f2
/EQM26w2IwV7xKOpQ+TzMcbbRgyBk/YQNx2TEMM4QHaB0nuBCQQU8grBLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIQLaZkzkHMs43edcfbpMmS710wgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaEF0cG1UT1FjeXpqZDUxeDl1a3laTHZYVENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFe9FdWM2C+jrhNyWcvj
zIuapN4XXZvLbYK1agnALph+psO/UBNPz+w1NbtbyAzF5e3/G590gED3BmcIh0Ky
5yFq56r56wEtv//qeXcPb+ItWvmxAjSbalC59Qvj0MdGRLkDiNsCS6tzJ9VQ1ucL
eXgmR2Jfykds6Dhn59twJE144zarivDeEiTmw1tCqBE9sYQGPInLk73hJ5urqKWw
5w9s+PflNH0GOIhKys359fPI3l7dWa39rcRXcimrqKJ0B7+YNQR8yiJFgdRkK+kb
HQWetvwzMDjR8oX4N9Ztl0mbHpor5rmoT+R86OZLn8oHGHFxWselMULbz7eZzNJV
yEs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org