Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hlmpCIMfsJUabE1reo3FnrpCftw.roa
File: hlmpCIMfsJUabE1reo3FnrpCftw.roa (raw, json)
Hash identifier: tVz6zskEWo0AZzdq2Gm3LjZ6jIm/RV7C7m5j2CyPdNM=
Subject key identifier: 86:59:A9:08:83:1F:B0:95:1A:6C:4D:6B:7A:8D:C5:9E:BA:42:7E:DC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D28EE70F6989BA2A6DD9C5DE87C7B4DCB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hlmpCIMfsJUabE1reo3FnrpCftw.roa
Signing time: Sat 20 Jan 2024 22:12:11 +0000
ROA not before: Sat 20 Jan 2024 22:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:28:ee:70:f6:98:9b:a2:a6:dd:9c:5d:e8:7c:7b:4d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 22:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8659a908831fb0951a6c4d6b7a8dc59eba427edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:7b:3d:b1:a9:38:0c:4d:53:26:49:88:6f:
80:5f:cd:fe:06:37:84:60:10:11:1d:13:92:a7:99:
51:bc:97:fb:af:f3:97:92:bb:95:72:22:fc:b5:eb:
bd:05:cf:4d:b6:37:21:0b:0a:11:7e:ec:89:76:e0:
a8:b7:1c:fc:0a:b0:ea:69:8e:16:3a:75:f6:f4:9d:
7c:91:c1:7a:9a:d0:01:ed:2a:ba:bf:fb:66:94:9a:
f0:d9:d9:ae:65:97:41:16:6a:db:1d:ea:39:51:58:
8a:d7:49:d9:59:8f:5e:ec:fc:3e:36:60:aa:e1:9c:
3d:91:86:73:b2:67:1c:27:4a:09:6b:c6:8b:36:b8:
29:f7:6f:e9:63:87:1a:f0:5f:8b:c6:75:76:12:a2:
b7:f6:ee:26:4f:ac:f4:53:06:2e:ea:a1:4c:76:4c:
ba:d4:ee:3c:1e:68:1b:1c:1a:1f:fe:a5:66:a8:ea:
24:5d:62:bd:81:f6:a2:2c:75:7b:85:d9:9f:fa:ce:
6d:ba:d0:77:04:33:ba:b1:77:fa:13:e8:4d:66:0d:
51:3a:c3:1e:ae:7a:ef:83:a2:b3:a0:f2:e3:e4:e9:
40:05:4c:cd:1f:5d:82:77:8b:26:f5:d5:8a:2a:f5:
ff:9a:2c:f2:e0:cc:7e:8c:0b:eb:73:86:5a:91:34:
8b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:A9:08:83:1F:B0:95:1A:6C:4D:6B:7A:8D:C5:9E:BA:42:7E:DC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hlmpCIMfsJUabE1reo3FnrpCftw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:4c:d0:dd:e4:4f:c6:fd:b9:24:07:5a:5e:94:29:fe:57:92:
51:fb:54:14:e9:5e:0c:89:62:59:f2:08:53:2b:6d:7c:d1:f3:
07:be:de:bd:df:46:2b:67:69:90:74:a2:99:9e:ff:95:f0:b8:
3a:43:39:a6:f8:25:34:43:0d:21:a0:36:d3:0e:f3:f7:29:1d:
fe:69:5f:a6:8d:8e:59:4c:a0:f0:da:95:65:de:da:a3:3e:5d:
4f:f1:39:a6:c1:a7:5d:7d:f1:40:46:21:36:21:55:68:b1:84:
f0:3a:85:dd:56:c4:e0:59:3f:2b:e8:8d:f7:eb:81:1d:f3:e1:
c5:8e:70:cb:78:ce:5d:0a:d0:b2:46:bf:1c:5f:e8:b3:28:80:
f9:c2:93:2e:96:7c:2f:97:a5:f3:6b:e7:4c:99:ad:f4:9f:9d:
62:bf:08:03:76:4b:1a:9a:46:7e:a5:9f:84:41:9a:d7:61:80:
49:1c:71:2a:c1:5a:c3:4c:8e:7a:7d:ca:98:31:70:c8:7d:80:
ab:18:f8:ad:1c:a5:6e:7e:93:e5:35:07:fb:84:84:d5:df:c6:
da:f3:65:10:f3:ec:a7:b3:c8:2f:d4:68:1f:c3:40:f5:21:dc:
fa:01:0a:4a:01:31:62:f7:92:d4:45:13:82:65:b3:20:aa:d3:
e4:7c:bf:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0o7nD2mJuipt2cXeh8e03LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMjIxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU5YTkwODgzMWZiMDk1MWE2YzRkNmI3YThkYzU5ZWJhNDI3ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBp7PbGpOAxNUyZJiG+AX83+BjeE
YBARHROSp5lRvJf7r/OXkruVciL8teu9Bc9NtjchCwoRfuyJduCotxz8CrDqaY4W
OnX29J18kcF6mtAB7Sq6v/tmlJrw2dmuZZdBFmrbHeo5UViK10nZWY9e7Pw+NmCq
4Zw9kYZzsmccJ0oJa8aLNrgp92/pY4ca8F+LxnV2EqK39u4mT6z0UwYu6qFMdky6
1O48HmgbHBof/qVmqOokXWK9gfaiLHV7hdmf+s5tutB3BDO6sXf6E+hNZg1ROsMe
rnrvg6KzoPLj5OlABUzNH12Cd4sm9dWKKvX/mizy4Mx+jAvrc4ZakTSLvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZZqQiDH7CVGmxNa3qNxZ66Qn7cMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaGxtcENJTWZzSlVhYkUxcmVvM0ZucnBDZnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACFM0N3kT8b9uSQHWl6U
Kf5XklH7VBTpXgyJYlnyCFMrbXzR8we+3r3fRitnaZB0opme/5XwuDpDOab4JTRD
DSGgNtMO8/cpHf5pX6aNjllMoPDalWXe2qM+XU/xOabBp1198UBGITYhVWixhPA6
hd1WxOBZPyvojffrgR3z4cWOcMt4zl0K0LJGvxxf6LMogPnCky6WfC+XpfNr50yZ
rfSfnWK/CAN2SxqaRn6ln4RBmtdhgEkccSrBWsNMjnp9ypgxcMh9gKsY+K0cpW5+
k+U1B/uEhNXfxtrzZRDz7KezyC/UaB/DQPUh3PoBCkoBMWL3ktRFE4JlsyCq0+R8
vxA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:20 2025 by rpki-client