Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hUqFCLNR3M3PoVVlnA_EP07fPSQ.roa
File: hUqFCLNR3M3PoVVlnA_EP07fPSQ.roa (raw, json)
Hash identifier: Q3tcI8bptyp5CdxZA3GbitI+rfqZ6Xt69t1o7IKYLBM=
Subject key identifier: 85:4A:85:08:B3:51:DC:CD:CF:A1:55:65:9C:0F:C4:3F:4E:DF:3D:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C97DA0ACC63B7D54DCB0A4A8AC5644CFF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hUqFCLNR3M3PoVVlnA_EP07fPSQ.roa
Signing time: Sat 23 Dec 2023 18:04:58 +0000
ROA not before: Sat 23 Dec 2023 18:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:97d9:807e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:da:0a:cc:63:b7:d5:4d:cb:0a:4a:8a:c5:64:4c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 18:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=854a8508b351dccdcfa155659c0fc43f4edf3d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5f:8e:d6:81:45:0b:84:ec:48:ba:d3:3c:c7:
11:3b:9e:5d:23:48:3f:87:ba:0f:8a:a1:99:5b:f3:
7d:2f:5b:45:81:a6:07:9a:88:8e:c5:c9:66:a1:1a:
8e:9f:f2:58:68:fb:26:2a:18:1d:ce:2d:10:db:64:
ed:58:f5:93:6d:32:c4:e4:3c:03:07:2f:6b:c3:56:
27:22:4a:ed:bf:c4:89:42:03:e8:ef:3d:94:af:b9:
0e:ad:41:8f:fa:5b:e4:d0:de:54:d2:72:34:9b:b0:
24:22:91:26:45:16:61:d4:28:c1:15:c1:6a:13:f5:
db:1b:33:74:b0:79:2b:69:d9:36:7e:ef:5b:fe:db:
f5:9e:c1:32:ef:7d:7f:57:6d:96:49:67:e7:99:d0:
b3:71:80:b1:67:34:64:36:12:77:37:50:0a:57:ab:
68:e6:bf:81:5e:92:97:db:31:af:56:fa:31:47:85:
a5:09:a3:fd:fa:a5:95:7a:63:3d:ff:06:7c:bd:43:
24:a8:2a:0a:d9:bf:91:68:d9:d6:9e:c4:bd:b3:38:
64:4e:99:01:2a:1e:ab:40:0f:67:d6:6f:2d:07:21:
32:72:17:1c:ae:cd:42:ef:be:e2:51:e5:4e:47:7f:
c1:86:38:99:d9:8b:c3:4c:79:f3:f3:22:db:a0:be:
92:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4A:85:08:B3:51:DC:CD:CF:A1:55:65:9C:0F:C4:3F:4E:DF:3D:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hUqFCLNR3M3PoVVlnA_EP07fPSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:fc:d3:66:a0:bd:ff:49:e5:43:7c:b6:d1:68:ad:fc:94:84:
ce:8b:0b:61:e2:29:93:24:51:c8:52:33:7d:49:ef:f4:b1:9c:
d2:41:6a:a5:fc:12:65:fb:09:6e:6d:a8:08:6e:76:0f:0d:99:
e8:24:27:63:e1:81:e4:c7:2a:09:71:44:2a:e6:a9:4a:e3:0c:
3f:2d:fd:08:42:54:c0:bc:bc:1b:29:80:da:0a:3c:df:38:d7:
db:0e:08:b8:2a:56:15:31:50:a0:f9:41:19:01:d9:8c:1b:b9:
f2:9c:b8:eb:ca:56:c6:33:6e:8f:96:c4:d0:14:8c:16:f6:7d:
7e:2e:e3:b7:bb:93:5c:8c:6a:ca:72:e6:0f:74:98:46:ec:8c:
8b:1a:89:1c:38:95:2c:31:09:5f:40:e5:62:96:f2:ed:48:1a:
d7:50:1d:e1:b9:51:bd:7b:e9:1e:24:b4:8c:5b:9d:bb:55:e6:
95:6b:b8:ce:2a:c3:71:37:0e:77:26:bc:e5:7a:18:a8:ce:d9:
5c:8b:d7:bc:b0:5f:ec:cb:82:d9:49:0a:34:e0:4e:d8:e0:75:
ad:73:d2:91:53:d4:be:27:df:d6:07:e5:bd:9a:c3:5f:91:51:
4c:ac:03:9f:02:d4:7a:a2:2e:8d:f0:99:a9:ea:2b:b3:bf:7d:
87:67:5f:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyX2grMY7fVTcsKSorFZEz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRhODUwOGIzNTFkY2NkY2ZhMTU1NjU5YzBmYzQzZjRlZGYzZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV+O1oFFC4TsSLrTPMcRO55dI0g/
h7oPiqGZW/N9L1tFgaYHmoiOxclmoRqOn/JYaPsmKhgdzi0Q22TtWPWTbTLE5DwD
By9rw1YnIkrtv8SJQgPo7z2Ur7kOrUGP+lvk0N5U0nI0m7AkIpEmRRZh1CjBFcFq
E/XbGzN0sHkradk2fu9b/tv1nsEy731/V22WSWfnmdCzcYCxZzRkNhJ3N1AKV6to
5r+BXpKX2zGvVvoxR4WlCaP9+qWVemM9/wZ8vUMkqCoK2b+RaNnWnsS9szhkTpkB
Kh6rQA9n1m8tByEychccrs1C777iUeVOR3/BhjiZ2YvDTHnz8yLboL6SiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVKhQizUdzNz6FVZZwPxD9O3z0kMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaFVxRkNMTlIzTTNQb1ZWbG5BX0VQMDdmUFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC7802agvf9J5UN8ttFo
rfyUhM6LC2HiKZMkUchSM31J7/SxnNJBaqX8EmX7CW5tqAhudg8NmegkJ2PhgeTH
KglxRCrmqUrjDD8t/QhCVMC8vBspgNoKPN8419sOCLgqVhUxUKD5QRkB2YwbufKc
uOvKVsYzbo+WxNAUjBb2fX4u47e7k1yMaspy5g90mEbsjIsaiRw4lSwxCV9A5WKW
8u1IGtdQHeG5Ub176R4ktIxbnbtV5pVruM4qw3E3DncmvOV6GKjO2VyL17ywX+zL
gtlJCjTgTtjgda1z0pFT1L4n39YH5b2aw1+RUUysA58C1HqiLo3wmanqK7O/fYdn
X1o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:40 2025 by rpki-client