Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/haFpD-REjQlcQ1h1EEvv4_hIMME.roa
File: haFpD-REjQlcQ1h1EEvv4_hIMME.roa (raw, json)
Hash identifier: 7VzwaXiWVBRHNxI9Hj41nvxOaTV5gcvKxZ432W06y4M=
Subject key identifier: 85:A1:69:0F:E4:44:8D:09:5C:43:58:75:10:4B:EF:E3:F8:48:30:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8C7BC412D38DD505F8C41FDC8A90175B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/haFpD-REjQlcQ1h1EEvv4_hIMME.roa
Signing time: Fri 29 Mar 2024 23:11:45 +0000
ROA not before: Fri 29 Mar 2024 23:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8c:7b:c4:12:d3:8d:d5:05:f8:c4:1f:dc:8a:90:17:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 29 23:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85a1690fe4448d095c435875104befe3f84830c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:76:69:52:5c:31:90:16:2b:d9:ee:00:4c:05:
f5:3c:2c:5a:6a:51:b1:6f:fa:24:c8:50:e1:ff:73:
fc:d5:2d:1d:73:83:f8:da:0f:09:e0:02:66:31:d4:
fc:c5:95:f3:ca:d9:bf:7b:a8:92:35:35:87:0a:1d:
54:da:be:d2:b2:83:26:d4:7a:bc:f1:6d:53:27:11:
92:06:83:bf:6c:ec:57:35:54:50:ee:10:57:ca:c3:
4c:9b:8d:56:0f:6e:d8:c5:45:58:7f:da:eb:9c:b2:
86:78:b4:1b:04:43:8c:09:dc:1f:d2:c7:8f:f0:86:
83:5e:45:50:75:44:66:1f:a3:ba:53:57:33:9b:c4:
63:aa:62:3f:1c:47:51:bd:ff:ff:9a:4e:85:e0:ed:
6d:78:d0:7a:d6:fe:f7:48:1a:cf:c5:0b:d3:0d:b1:
77:86:2a:36:45:d6:dc:47:d6:fc:9f:41:ed:e5:16:
01:30:94:95:a8:bc:04:9d:fc:75:7d:66:c5:94:39:
70:72:b3:86:40:0e:74:aa:87:28:ed:2e:40:23:81:
44:40:cf:65:98:ba:e3:9b:49:00:2f:0a:8b:ac:dc:
5a:58:5d:27:4d:94:43:cb:97:20:9d:33:f9:f0:43:
1d:34:eb:e8:15:ea:cf:8e:72:45:4a:13:b8:38:43:
0f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:69:0F:E4:44:8D:09:5C:43:58:75:10:4B:EF:E3:F8:48:30:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/haFpD-REjQlcQ1h1EEvv4_hIMME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:e6:72:21:27:77:9f:b3:91:13:97:c0:c8:3f:b3:fc:dd:34:
14:6d:ab:9b:7a:1d:75:9a:13:ff:39:d4:6e:5d:f0:df:9a:16:
e7:e5:b2:64:b3:33:bf:94:f9:77:30:a4:54:d7:83:83:12:a4:
4a:7e:10:5f:b7:f1:ce:31:ee:d6:c1:34:61:8b:9e:2e:ab:64:
77:cb:80:2b:24:7f:aa:5a:57:73:e3:19:f0:7b:05:f8:de:0a:
cc:49:0e:62:a9:4d:42:28:a9:98:7c:f6:a0:6f:d8:2b:93:ed:
11:a0:ea:fd:38:52:c9:dd:3c:f6:0d:82:9b:08:07:b4:28:a9:
5e:fb:79:88:ff:2e:55:1a:e8:f3:3f:3c:64:06:ca:66:7d:c4:
6b:e7:fa:1e:5a:5e:72:4e:d5:03:01:42:df:b4:be:c0:1d:07:
ea:22:83:ae:0c:be:3a:70:bb:68:5d:89:0b:d1:36:b8:77:c9:
96:7a:29:02:26:3a:87:d6:6b:42:ec:1d:9a:aa:91:20:6d:8c:
28:5f:b9:c2:c5:02:70:a7:db:5a:38:32:ce:e9:e4:f1:8b:37:
81:d8:ae:10:fc:eb:81:36:ad:d4:75:1f:c6:73:d2:d1:16:e2:
30:c5:57:65:74:24:fa:b3:51:fb:6d:1d:95:b9:c6:d0:51:cc:
bb:9c:bb:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Me8QS043VBfjEH9yKkBdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI5MjMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWExNjkwZmU0NDQ4ZDA5NWM0MzU4NzUxMDRiZWZlM2Y4NDgzMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHZpUlwxkBYr2e4ATAX1PCxaalGx
b/okyFDh/3P81S0dc4P42g8J4AJmMdT8xZXzytm/e6iSNTWHCh1U2r7SsoMm1Hq8
8W1TJxGSBoO/bOxXNVRQ7hBXysNMm41WD27YxUVYf9rrnLKGeLQbBEOMCdwf0seP
8IaDXkVQdURmH6O6U1czm8RjqmI/HEdRvf//mk6F4O1teNB61v73SBrPxQvTDbF3
hio2RdbcR9b8n0Ht5RYBMJSVqLwEnfx1fWbFlDlwcrOGQA50qoco7S5AI4FEQM9l
mLrjm0kALwqLrNxaWF0nTZRDy5cgnTP58EMdNOvoFerPjnJFShO4OEMPkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWhaQ/kRI0JXENYdRBL7+P4SDDBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaGFGcEQtUkVqUWxjUTFoMUVFdnY0X2hJTU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLmciEnd5+zkROXwMg/
s/zdNBRtq5t6HXWaE/851G5d8N+aFuflsmSzM7+U+XcwpFTXg4MSpEp+EF+38c4x
7tbBNGGLni6rZHfLgCskf6paV3PjGfB7BfjeCsxJDmKpTUIoqZh89qBv2CuT7RGg
6v04UsndPPYNgpsIB7QoqV77eYj/LlUa6PM/PGQGymZ9xGvn+h5aXnJO1QMBQt+0
vsAdB+oig64Mvjpwu2hdiQvRNrh3yZZ6KQImOofWa0LsHZqqkSBtjChfucLFAnCn
21o4Ms7p5PGLN4HYrhD864E2rdR1H8Zz0tEW4jDFV2V0JPqzUfttHZW5xtBRzLuc
u1E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:10 2025 by rpki-client