Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hl6CxykFJubpv4erbTGogzZ4Djs.roa
File: hl6CxykFJubpv4erbTGogzZ4Djs.roa (raw, json)
Hash identifier: IWU+8R2JM508gj96ZNu24ycghZ2wqi23VptymmYrcuE=
Subject key identifier: 86:5E:82:C7:29:05:26:E6:E9:BF:87:AB:6D:31:A8:83:36:78:0E:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1FEFE4E473F89CE3F1E0B546CBA4DAF3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hl6CxykFJubpv4erbTGogzZ4Djs.roa
Signing time: Fri 19 Jan 2024 04:17:11 +0000
ROA not before: Fri 19 Jan 2024 04:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1f:ef:e4:e4:73:f8:9c:e3:f1:e0:b5:46:cb:a4:da:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 04:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=865e82c7290526e6e9bf87ab6d31a88336780e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:8e:ad:87:41:98:31:98:f0:75:64:37:78:
7d:b2:88:d7:cf:22:bf:fa:49:b4:a3:cd:57:6b:59:
6e:16:6a:83:98:2f:09:d5:cb:76:71:da:fc:6e:48:
01:99:8e:5f:d9:91:57:2f:60:eb:11:d1:a8:bc:c9:
58:d7:9b:e3:a4:08:6f:6a:42:b8:a0:7c:6d:5e:c6:
40:8f:4c:ad:04:7d:58:3a:67:a7:0f:d8:61:9a:98:
9d:b9:82:3c:98:81:3a:44:93:4c:3b:83:e7:78:7a:
88:15:47:e1:73:97:70:b7:57:37:cb:fb:81:ce:5e:
f7:1a:2b:a0:bf:b9:25:d5:8b:cf:c2:05:e6:f2:88:
e7:6b:67:c3:78:50:22:11:e4:b1:e8:f0:2c:69:a1:
13:5d:50:40:3c:02:fc:6b:39:6c:bc:6d:4e:e8:d3:
bf:32:e7:d3:d5:05:35:68:07:12:40:54:c5:48:92:
32:99:8c:95:ac:79:ff:48:27:f9:43:f1:3e:fc:62:
13:5f:5c:64:6d:75:14:b2:e3:4f:a1:fe:c4:1f:2b:
55:26:60:51:37:e3:09:aa:14:ec:94:2a:d4:90:4b:
17:70:43:95:77:5a:05:56:bb:34:30:93:ea:89:7f:
03:23:c9:7b:90:35:65:89:3f:60:4f:e9:a0:97:09:
85:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5E:82:C7:29:05:26:E6:E9:BF:87:AB:6D:31:A8:83:36:78:0E:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hl6CxykFJubpv4erbTGogzZ4Djs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:3b:dc:04:73:1c:61:03:65:41:95:f1:66:0a:41:51:8b:c6:
9d:00:d4:b2:4d:12:f0:cd:b7:4c:96:6f:db:92:84:4a:bb:52:
fc:27:ce:ba:54:3b:ab:bf:b2:fd:37:ab:c1:ba:50:44:16:c0:
b7:fe:90:6b:1c:33:1c:a5:a8:92:33:28:82:c0:47:a1:f5:2f:
01:c1:5c:85:09:c0:fc:1a:ef:6f:a3:48:c2:c9:8a:44:e2:c6:
3a:30:62:28:57:bb:51:43:b3:6a:a2:41:49:45:71:d7:ff:07:
54:bf:5b:84:6f:05:93:c0:c3:c4:99:fb:5a:64:7a:87:fd:1e:
59:f0:38:ab:c7:3b:78:01:52:9b:13:2b:d1:1a:f6:8c:40:1b:
27:d0:cf:77:52:27:6e:13:26:bc:76:bc:76:85:00:33:9c:4a:
4b:78:8b:ba:c6:22:4c:cb:43:0a:ac:3a:65:3b:f5:b1:8c:97:
30:58:ba:7a:1a:65:4f:70:ea:83:1e:9f:19:b0:8d:9a:94:82:
e9:ef:07:cb:f0:a8:ed:e4:17:6f:d6:c4:6f:67:5b:9f:2f:3d:
5b:24:f9:ce:e9:af:01:81:f6:e1:03:95:90:4d:70:63:d7:77:
83:f1:ca:d0:ca:23:07:53:16:f3:67:de:2e:d9:6b:a6:4c:3c:
b2:e5:66:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0f7+Tkc/ic4/HgtUbLpNrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MDQxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVlODJjNzI5MDUyNmU2ZTliZjg3YWI2ZDMxYTg4MzM2NzgwZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1COrYdBmDGY8HVkN3h9sojXzyK/
+km0o81Xa1luFmqDmC8J1ct2cdr8bkgBmY5f2ZFXL2DrEdGovMlY15vjpAhvakK4
oHxtXsZAj0ytBH1YOmenD9hhmpiduYI8mIE6RJNMO4PneHqIFUfhc5dwt1c3y/uB
zl73Giugv7kl1YvPwgXm8ojna2fDeFAiEeSx6PAsaaETXVBAPAL8azlsvG1O6NO/
MufT1QU1aAcSQFTFSJIymYyVrHn/SCf5Q/E+/GITX1xkbXUUsuNPof7EHytVJmBR
N+MJqhTslCrUkEsXcEOVd1oFVrs0MJPqiX8DI8l7kDVliT9gT+mglwmFywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZegscpBSbm6b+Hq20xqIM2eA47MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaGw2Q3h5a0ZKdWJwdjRlcmJUR29nelo0RGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABE73ARzHGEDZUGV8WYK
QVGLxp0A1LJNEvDNt0yWb9uShEq7UvwnzrpUO6u/sv03q8G6UEQWwLf+kGscMxyl
qJIzKILAR6H1LwHBXIUJwPwa72+jSMLJikTixjowYihXu1FDs2qiQUlFcdf/B1S/
W4RvBZPAw8SZ+1pkeof9HlnwOKvHO3gBUpsTK9Ea9oxAGyfQz3dSJ24TJrx2vHaF
ADOcSkt4i7rGIkzLQwqsOmU79bGMlzBYunoaZU9w6oMenxmwjZqUgunvB8vwqO3k
F2/WxG9nW58vPVsk+c7prwGB9uEDlZBNcGPXd4PxytDKIwdTFvNn3i7Za6ZMPLLl
Zmw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:12 2025 by rpki-client