Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoxaMfwdULCvxCFZRncpW9kdMf0.roa
File: hoxaMfwdULCvxCFZRncpW9kdMf0.roa (raw, json)
Hash identifier: LxAoT/HRXa+Ai1JDbh+4lv+SgJ8/x7P4gsMpVDqFFq4=
Subject key identifier: 86:8C:5A:31:FC:1D:50:B0:AF:C4:21:59:46:77:29:5B:D9:1D:31:FD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6C1516C8EDB391C12E691CFF9203149A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoxaMfwdULCvxCFZRncpW9kdMf0.roa
Signing time: Sat 23 Mar 2024 16:11:45 +0000
ROA not before: Sat 23 Mar 2024 16:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6c:15:16:c8:ed:b3:91:c1:2e:69:1c:ff:92:03:14:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 16:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=868c5a31fc1d50b0afc421594677295bd91d31fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:48:ec:68:34:51:3b:f7:2e:bd:0e:0d:17:
af:4b:01:65:d1:9e:87:3d:69:ac:3e:a3:c8:80:67:
f3:1d:48:3e:ec:53:81:e2:ea:15:ee:da:e7:4e:84:
f1:8e:69:f8:67:b5:7d:15:e6:84:9c:54:92:28:34:
42:41:47:da:d8:6b:76:9e:3a:22:43:ec:9f:52:ab:
b1:16:1d:3e:5a:8f:9d:f2:cf:9d:96:13:8c:fb:1e:
ab:0f:ef:1f:51:d8:42:50:96:2c:e6:ab:b9:4d:e5:
b9:08:25:ea:7f:e8:7b:64:39:d6:5a:6e:b3:7c:30:
61:60:d4:0f:02:f1:85:88:2f:63:3c:c8:02:fa:83:
05:f9:bd:ea:f9:7f:db:5a:ed:60:04:7e:e4:e9:6c:
39:cb:99:31:cf:92:38:a4:81:04:b5:ba:65:68:01:
b5:4c:06:66:f2:5b:d9:d4:bf:b4:57:80:ee:6b:7f:
fd:81:20:71:d9:1e:8f:71:3c:fe:cf:ff:4d:aa:1e:
4f:5e:cf:eb:de:32:ad:bd:28:59:fd:f1:bb:44:b9:
ef:a4:b5:5f:dd:12:43:11:76:bb:27:73:72:f1:dc:
f0:1b:de:39:a1:8b:8a:84:a7:72:2e:3c:53:65:66:
bf:4e:0c:07:e4:7f:67:15:61:26:3f:40:1d:c0:33:
39:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8C:5A:31:FC:1D:50:B0:AF:C4:21:59:46:77:29:5B:D9:1D:31:FD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hoxaMfwdULCvxCFZRncpW9kdMf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:73:52:bc:29:40:c2:88:ea:5c:44:c2:cc:b4:c5:72:2e:ab:
d5:32:14:f0:0e:56:96:f4:18:79:f6:5b:3e:e1:26:f4:86:2f:
05:85:e3:67:d3:04:ec:ce:fd:41:ea:cf:e1:0e:ab:cc:35:68:
d8:78:39:d1:dc:1b:8b:eb:86:23:5b:90:3d:ef:32:9c:59:90:
c6:a3:06:26:7c:75:1e:d1:65:10:39:61:0c:57:0a:e7:c4:ad:
0e:83:97:0f:a3:a1:b6:7b:07:9d:4f:d7:f3:0f:27:6f:96:24:
19:43:9b:00:47:3a:23:93:b9:dc:91:99:92:8e:d3:56:79:d3:
11:52:eb:4e:1e:fc:e5:0d:4c:a0:03:40:cd:65:f1:49:cf:c3:
70:be:21:12:37:80:3b:97:31:10:e6:92:b8:04:fa:0b:80:de:
5b:b7:5c:fe:f5:8a:6b:5b:61:19:82:20:de:6c:aa:f4:e3:39:
47:ce:fd:c9:1e:08:bb:2e:17:3c:07:bb:88:f6:ac:55:b9:64:
20:a3:69:36:bd:b3:86:21:3c:27:13:32:7c:08:fb:57:46:16:
74:ef:50:e2:3e:77:5e:81:28:01:61:db:5c:85:c3:a8:40:60:
28:5d:3c:e9:6b:b7:f1:72:aa:f4:e3:6d:54:12:2f:ff:10:b1:
0e:4b:d2:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5sFRbI7bORwS5pHP+SAxSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMTYxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhjNWEzMWZjMWQ1MGIwYWZjNDIxNTk0Njc3Mjk1YmQ5MWQzMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6BI7Gg0UTv3Lr0ODRevSwFl0Z6H
PWmsPqPIgGfzHUg+7FOB4uoV7trnToTxjmn4Z7V9FeaEnFSSKDRCQUfa2Gt2njoi
Q+yfUquxFh0+Wo+d8s+dlhOM+x6rD+8fUdhCUJYs5qu5TeW5CCXqf+h7ZDnWWm6z
fDBhYNQPAvGFiC9jPMgC+oMF+b3q+X/bWu1gBH7k6Ww5y5kxz5I4pIEEtbplaAG1
TAZm8lvZ1L+0V4Dua3/9gSBx2R6PcTz+z/9Nqh5PXs/r3jKtvShZ/fG7RLnvpLVf
3RJDEXa7J3Ny8dzwG945oYuKhKdyLjxTZWa/TgwH5H9nFWEmP0AdwDM58wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIaMWjH8HVCwr8QhWUZ3KVvZHTH9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaG94YU1md2RVTEN2eENGWlJuY3BXOWtkTWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJzUrwpQMKI6lxEwsy0
xXIuq9UyFPAOVpb0GHn2Wz7hJvSGLwWF42fTBOzO/UHqz+EOq8w1aNh4OdHcG4vr
hiNbkD3vMpxZkMajBiZ8dR7RZRA5YQxXCufErQ6Dlw+jobZ7B51P1/MPJ2+WJBlD
mwBHOiOTudyRmZKO01Z50xFS604e/OUNTKADQM1l8UnPw3C+IRI3gDuXMRDmkrgE
+guA3lu3XP71imtbYRmCIN5sqvTjOUfO/ckeCLsuFzwHu4j2rFW5ZCCjaTa9s4Yh
PCcTMnwI+1dGFnTvUOI+d16BKAFh21yFw6hAYChdPOlrt/FyqvTjbVQSL/8QsQ5L
0oM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org