Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huHlFxB1fRzeBfCX06pGYbz_0hU.roa
File: huHlFxB1fRzeBfCX06pGYbz_0hU.roa (raw, json)
Hash identifier: Zjl/aylx64y5E8JPQvQqVr1zHYm/EJcd8y5Gyczdo38=
Subject key identifier: 86:E1:E5:17:10:75:7D:1C:DE:05:F0:97:D3:AA:46:61:BC:FF:D2:15
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C906096C7F88556DC8E221171104CAF5E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huHlFxB1fRzeBfCX06pGYbz_0hU.roa
Signing time: Fri 22 Dec 2023 07:14:58 +0000
ROA not before: Fri 22 Dec 2023 07:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:60:96:c7:f8:85:56:dc:8e:22:11:71:10:4c:af:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 07:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86e1e51710757d1cde05f097d3aa4661bcffd215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8d:cf:4d:f1:95:7b:90:dc:57:e3:04:b8:12:
3d:48:15:60:58:98:af:f1:1e:f1:fe:76:df:fa:56:
4d:84:55:7d:29:be:e9:41:6c:66:fe:91:1d:2d:45:
ba:e6:e8:d1:4f:f8:45:1e:06:06:15:c1:6b:a5:d9:
46:b7:6f:5e:d5:17:70:d3:c2:15:11:4f:7c:7e:b6:
4e:04:34:1c:6a:24:46:5f:17:5b:97:7d:a4:f7:24:
6a:c0:41:03:f6:31:7a:69:4f:70:65:03:59:32:66:
04:53:cb:a0:a4:ae:0e:43:b7:1b:93:e4:a8:9b:44:
49:8b:df:e9:09:d7:49:fa:96:94:f7:54:de:52:3e:
d3:e1:58:09:e9:a0:80:07:64:a8:34:1b:67:3d:4b:
bf:55:c9:6d:eb:52:1c:21:9a:5d:f8:92:9c:53:25:
b3:f6:5b:77:76:85:e8:b1:36:ac:87:49:85:1b:eb:
da:7f:f9:17:a5:1c:ae:9f:9b:e4:26:3a:e8:66:bb:
66:d5:5d:e7:01:9c:14:cf:a2:b2:12:4f:93:80:e3:
76:4e:76:b4:ee:6e:00:b8:02:7c:b0:7b:a1:49:dc:
69:e6:4d:d5:5e:0e:f8:f0:6a:d7:5f:dc:c5:5e:62:
90:ea:7d:29:64:95:a8:64:6b:ba:fe:2e:8c:01:16:
e0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E1:E5:17:10:75:7D:1C:DE:05:F0:97:D3:AA:46:61:BC:FF:D2:15
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/huHlFxB1fRzeBfCX06pGYbz_0hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:09:07:7b:2b:ad:27:88:f9:25:52:f8:39:ab:3c:47:69:54:
1b:fb:f6:03:01:27:5d:30:29:86:85:37:c3:f9:be:bc:11:f4:
23:b1:75:a3:0c:f8:08:4b:76:57:96:ac:b0:19:54:31:e7:84:
f6:4f:d2:6b:59:3f:3a:bd:c4:d0:9b:83:54:16:23:be:0c:45:
bb:68:f8:22:99:da:40:87:7b:a3:39:66:35:86:a4:f8:fa:3f:
00:a2:15:4a:14:f4:f1:a7:7b:93:47:25:62:5d:5b:27:0c:bf:
67:0e:c4:1e:70:f9:a0:3b:04:c5:ab:c1:1f:0b:aa:32:b5:41:
4d:83:fb:de:e0:45:40:25:57:10:76:16:31:e2:a9:48:a1:31:
0b:88:8c:29:ee:07:4c:9f:a6:f4:5e:85:e1:af:6f:bc:0b:83:
77:67:ef:b1:e5:8b:42:e7:6a:b7:c9:e9:4f:08:96:9e:82:d0:
b8:e2:8c:bb:31:5e:12:04:62:89:85:b8:d1:af:db:94:85:79:
47:fe:45:c2:18:4e:fd:cd:91:52:27:64:d0:97:4e:15:dd:bb:
df:28:83:1b:75:19:c7:60:5d:2e:c1:41:d2:45:74:af:f5:d5:
1f:76:2b:aa:be:bf:b7:28:70:0e:5d:c1:7b:b5:28:95:93:89:
b4:9c:e9:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyQYJbH+IVW3I4iEXEQTK9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUxZTUxNzEwNzU3ZDFjZGUwNWYwOTdkM2FhNDY2MWJjZmZkMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt43PTfGVe5DcV+MEuBI9SBVgWJiv
8R7x/nbf+lZNhFV9Kb7pQWxm/pEdLUW65ujRT/hFHgYGFcFrpdlGt29e1Rdw08IV
EU98frZOBDQcaiRGXxdbl32k9yRqwEED9jF6aU9wZQNZMmYEU8ugpK4OQ7cbk+So
m0RJi9/pCddJ+paU91TeUj7T4VgJ6aCAB2SoNBtnPUu/Vclt61IcIZpd+JKcUyWz
9lt3doXosTash0mFG+vaf/kXpRyun5vkJjroZrtm1V3nAZwUz6KyEk+TgON2Tna0
7m4AuAJ8sHuhSdxp5k3VXg748GrXX9zFXmKQ6n0pZJWoZGu6/i6MARbgXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbh5RcQdX0c3gXwl9OqRmG8/9IVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaHVIbEZ4QjFmUnplQmZDWDA2cEdZYnpfMGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEAJB3srrSeI+SVS+Dmr
PEdpVBv79gMBJ10wKYaFN8P5vrwR9COxdaMM+AhLdleWrLAZVDHnhPZP0mtZPzq9
xNCbg1QWI74MRbto+CKZ2kCHe6M5ZjWGpPj6PwCiFUoU9PGne5NHJWJdWycMv2cO
xB5w+aA7BMWrwR8LqjK1QU2D+97gRUAlVxB2FjHiqUihMQuIjCnuB0yfpvReheGv
b7wLg3dn77Hli0LnarfJ6U8Ilp6C0LjijLsxXhIEYomFuNGv25SFeUf+RcIYTv3N
kVInZNCXThXdu98ogxt1GcdgXS7BQdJFdK/11R92K6q+v7cocA5dwXu1KJWTibSc
6VQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org