Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXVaq6rQEylhxGU8tFmAJssIDiw.roa
File: hXVaq6rQEylhxGU8tFmAJssIDiw.roa (raw, json)
Hash identifier: o7Q7ITkBuw45m6f96DZbyT9N86e5Wb0l7ReWf22BJtA=
Subject key identifier: 85:75:5A:AB:AA:D0:13:29:61:C4:65:3C:B4:59:80:26:CB:08:0E:2C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2A71B6A724F0BDC0F17EB4E27F726D9A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXVaq6rQEylhxGU8tFmAJssIDiw.roa
Signing time: Sun 21 Jan 2024 05:15:11 +0000
ROA not before: Sun 21 Jan 2024 05:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2a:71:b6:a7:24:f0:bd:c0:f1:7e:b4:e2:7f:72:6d:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 05:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85755aabaad0132961c4653cb4598026cb080e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a7:c9:e8:5a:67:66:f9:d6:2b:99:8a:00:1d:
c2:9d:1f:6c:b5:da:74:8d:ea:e0:45:6b:cf:ac:fb:
51:a3:86:32:6c:df:0c:6a:56:5a:db:70:6c:fa:fc:
55:ff:17:29:b9:fb:1a:a2:85:57:4b:4e:44:2f:8f:
fe:3e:47:cb:b2:49:17:dc:f9:21:2c:c4:0f:86:d3:
6f:aa:c5:6c:d3:2b:b0:f6:0c:9d:a7:19:33:04:aa:
3b:5a:f7:9c:ba:55:01:05:c4:92:d5:5b:bd:e4:23:
65:46:61:3c:69:22:e1:96:38:78:c2:8f:bf:46:03:
91:21:5d:a1:49:1e:18:21:b2:cd:e4:19:37:5c:fa:
33:c6:a7:09:f4:48:74:c6:96:7b:30:f7:d7:fb:fa:
9c:ea:d3:19:b1:c8:9e:64:aa:0d:40:c9:a4:8d:f3:
be:9f:6d:5b:72:33:28:25:71:b7:d3:f1:5a:7b:20:
b0:08:ba:0b:c4:29:c1:37:56:1a:9d:1f:f5:e3:e7:
47:7d:c2:50:45:c3:0f:29:c4:21:00:d6:66:c8:52:
a7:5e:4d:32:87:09:eb:72:36:41:a7:16:3f:c5:01:
eb:09:af:27:e9:11:e6:8f:af:da:2d:55:2c:f8:de:
78:92:45:dc:40:c0:7a:1f:21:ca:75:14:c9:e8:75:
8b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:75:5A:AB:AA:D0:13:29:61:C4:65:3C:B4:59:80:26:CB:08:0E:2C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hXVaq6rQEylhxGU8tFmAJssIDiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:f5:f0:8f:47:c0:b4:1e:0c:29:75:30:c7:de:34:3f:e5:2d:
81:5a:5f:ca:bb:20:7b:78:15:71:71:33:be:71:5a:87:d6:21:
55:ad:63:53:20:67:a0:b2:41:5e:74:b5:5e:b8:0d:17:1f:d0:
a3:f8:59:4c:22:ea:06:31:34:3a:db:80:34:b9:9e:56:7e:00:
e3:f8:ed:73:dc:93:dc:99:c3:36:97:55:4c:3b:52:dd:b8:7b:
34:38:4f:24:64:c2:da:93:5f:79:89:31:41:5c:8b:ff:22:8a:
60:8d:c2:ae:ae:e6:ea:17:1c:17:bf:b2:76:77:c0:a4:f9:75:
f5:1f:50:81:ce:f6:29:e0:09:ee:69:8c:d5:af:fd:57:f1:97:
ef:8c:a2:b0:1e:cc:c6:c1:a4:65:b8:93:3a:2f:3f:09:57:b1:
b2:20:a4:e9:76:34:36:27:68:4a:eb:6a:4b:67:62:34:f6:0a:
62:28:04:b6:3b:f9:20:eb:92:2d:4c:1e:5b:46:a3:03:fb:0b:
0c:75:ad:d7:71:16:2a:49:24:f3:87:61:26:aa:b8:bd:bf:ef:
88:ad:30:65:9c:29:03:03:f7:cb:55:b5:af:22:88:ab:cf:7f:
7a:7d:7a:98:c2:fa:a8:f7:90:9a:22:de:91:59:1f:27:2f:49:
17:54:e6:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0qcbanJPC9wPF+tOJ/cm2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMDUxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc1NWFhYmFhZDAxMzI5NjFjNDY1M2NiNDU5ODAyNmNiMDgwZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKfJ6FpnZvnWK5mKAB3CnR9stdp0
jergRWvPrPtRo4YybN8MalZa23Bs+vxV/xcpufsaooVXS05EL4/+PkfLskkX3Pkh
LMQPhtNvqsVs0yuw9gydpxkzBKo7WveculUBBcSS1Vu95CNlRmE8aSLhljh4wo+/
RgORIV2hSR4YIbLN5Bk3XPozxqcJ9Eh0xpZ7MPfX+/qc6tMZscieZKoNQMmkjfO+
n21bcjMoJXG30/FaeyCwCLoLxCnBN1YanR/14+dHfcJQRcMPKcQhANZmyFKnXk0y
hwnrcjZBpxY/xQHrCa8n6RHmj6/aLVUs+N54kkXcQMB6HyHKdRTJ6HWLCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIV1Wquq0BMpYcRlPLRZgCbLCA4sMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaFhWYXE2clFFeWxoeEdVOHRGbUFKc3NJRGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHb18I9HwLQeDCl1MMfe
ND/lLYFaX8q7IHt4FXFxM75xWofWIVWtY1MgZ6CyQV50tV64DRcf0KP4WUwi6gYx
NDrbgDS5nlZ+AOP47XPck9yZwzaXVUw7Ut24ezQ4TyRkwtqTX3mJMUFci/8iimCN
wq6u5uoXHBe/snZ3wKT5dfUfUIHO9ingCe5pjNWv/Vfxl++MorAezMbBpGW4kzov
PwlXsbIgpOl2NDYnaErraktnYjT2CmIoBLY7+SDrki1MHltGowP7Cwx1rddxFipJ
JPOHYSaquL2/74itMGWcKQMD98tVta8iiKvPf3p9epjC+qj3kJoi3pFZHycvSRdU
5t0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org