Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hmmnuEz4rzW4jjQ7-8KNqpxJf8M.roa
File: hmmnuEz4rzW4jjQ7-8KNqpxJf8M.roa (raw, json)
Hash identifier: UsLxnj0nHteK6UtevXOPucfRVZWZV1BeH+nO7ybSLDU=
Subject key identifier: 86:69:A7:B8:4C:F8:AF:35:B8:8E:34:3B:FB:C2:8D:AA:9C:49:7F:C3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF5A85DAE13270323FBB0C67A88C615CA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hmmnuEz4rzW4jjQ7-8KNqpxJf8M.roa
Signing time: Thu 29 Feb 2024 16:17:48 +0000
ROA not before: Thu 29 Feb 2024 16:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:a8:5d:ae:13:27:03:23:fb:b0:c6:7a:88:c6:15:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 16:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8669a7b84cf8af35b88e343bfbc28daa9c497fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b5:55:c1:0d:d2:af:5d:f5:82:d1:c5:8b:61:
f4:44:55:7a:a0:ce:42:aa:79:6d:0d:91:23:19:3b:
85:31:29:ad:38:45:49:96:cf:15:40:a5:55:f8:8a:
ff:69:36:20:f4:bd:24:52:b1:07:45:8f:6b:91:6b:
cf:1f:b7:13:40:07:91:ca:11:0b:9e:f2:7a:71:98:
8b:41:97:3d:ec:a0:11:b3:30:96:c8:58:4c:d6:ef:
fb:76:b2:20:a3:ed:76:e9:c1:6b:b8:8e:c3:41:9c:
0c:43:1b:28:b6:eb:60:3d:f5:5d:c6:bb:fa:be:4d:
f9:4e:08:3b:b1:c8:95:fd:ea:bb:00:9d:88:96:f3:
eb:32:08:ab:0e:ff:f9:27:88:cc:f2:9b:ad:95:39:
92:de:32:02:f0:19:36:e3:a9:f7:b3:cb:b9:37:2f:
fa:e7:86:01:66:6b:4b:5e:13:1a:91:09:e2:6b:18:
46:74:b6:ab:b0:4d:15:67:18:3a:c1:22:fe:03:00:
38:57:9b:ce:14:a3:52:ea:ec:ba:4e:ff:2c:10:64:
10:cb:1f:44:d6:b4:9c:b6:12:ce:3a:e1:fa:d2:d9:
47:85:b5:98:59:25:be:94:ae:f0:f5:58:46:d1:34:
8a:0a:05:44:2d:4b:1c:e6:d6:f2:80:07:6c:2c:1a:
92:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:69:A7:B8:4C:F8:AF:35:B8:8E:34:3B:FB:C2:8D:AA:9C:49:7F:C3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hmmnuEz4rzW4jjQ7-8KNqpxJf8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:1c:96:15:53:e4:c7:e6:89:57:e4:b7:b5:ca:00:2b:2b:5f:
2f:62:d3:b5:aa:08:95:25:82:dc:ac:98:20:f2:34:f1:aa:cc:
c3:1c:1b:c0:ad:52:10:7a:47:7d:45:54:1a:ff:b4:76:52:17:
6e:fb:e5:0b:cf:4e:26:28:8f:0f:d6:be:74:c7:0f:23:b8:89:
75:07:35:1d:31:e5:37:b3:70:6f:ed:44:a4:07:b4:fc:df:a0:
19:30:9e:7f:02:84:e2:24:24:ec:20:41:f2:95:65:7b:9f:06:
17:86:b4:0b:de:b5:d1:24:b7:52:4f:d7:9e:66:f9:92:fb:c3:
3d:73:c4:e2:12:1a:34:ab:6c:fc:33:bf:28:b6:1c:1b:f2:6b:
a4:f6:c6:15:54:28:ce:22:5c:ad:63:f2:b8:93:1e:77:b9:e3:
16:0d:d4:ee:8c:df:80:11:73:3f:7e:e6:81:dd:19:78:4c:bf:
29:9d:4a:85:92:0c:92:eb:89:a7:63:83:6e:9f:bc:a8:84:67:
62:7f:6f:74:67:cf:f0:33:79:97:5f:23:ad:d4:09:ba:a1:16:
58:ba:d4:14:d4:f9:c2:92:b4:96:47:cc:af:aa:6a:12:3b:b8:
a1:c1:54:d3:ae:a4:10:f5:e4:03:b7:6d:c2:4b:7c:50:d3:13:
d5:28:52:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY31qF2uEycDI/uwxnqIxhXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MTYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY5YTdiODRjZjhhZjM1Yjg4ZTM0M2JmYmMyOGRhYTljNDk3ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7VVwQ3Sr131gtHFi2H0RFV6oM5C
qnltDZEjGTuFMSmtOEVJls8VQKVV+Ir/aTYg9L0kUrEHRY9rkWvPH7cTQAeRyhEL
nvJ6cZiLQZc97KARszCWyFhM1u/7drIgo+126cFruI7DQZwMQxsotutgPfVdxrv6
vk35Tgg7sciV/eq7AJ2IlvPrMgirDv/5J4jM8putlTmS3jIC8Bk246n3s8u5Ny/6
54YBZmtLXhMakQniaxhGdLarsE0VZxg6wSL+AwA4V5vOFKNS6uy6Tv8sEGQQyx9E
1rScthLOOuH60tlHhbWYWSW+lK7w9VhG0TSKCgVELUsc5tbygAdsLBqSTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZpp7hM+K81uI40O/vCjaqcSX/DMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaG1tbnVFejRyelc0ampRNy04S05xcHhKZjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIMclhVT5MfmiVfkt7XK
ACsrXy9i07WqCJUlgtysmCDyNPGqzMMcG8CtUhB6R31FVBr/tHZSF2775QvPTiYo
jw/WvnTHDyO4iXUHNR0x5TezcG/tRKQHtPzfoBkwnn8ChOIkJOwgQfKVZXufBheG
tAvetdEkt1JP155m+ZL7wz1zxOISGjSrbPwzvyi2HBvya6T2xhVUKM4iXK1j8riT
Hne54xYN1O6M34ARcz9+5oHdGXhMvymdSoWSDJLriadjg26fvKiEZ2J/b3Rnz/Az
eZdfI63UCbqhFli61BTU+cKStJZHzK+qahI7uKHBVNOupBD15AO3bcJLfFDTE9Uo
UoY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:22 2025 by rpki-client