Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hulO9W7bSTsFPipoqpMObwgM3Ds.roa
File: hulO9W7bSTsFPipoqpMObwgM3Ds.roa (raw, json)
Hash identifier: TYK65s//mRNM2slas9fmAPgba5kZvf5DcvJjZVjhlIg=
Subject key identifier: 86:E9:4E:F5:6E:DB:49:3B:05:3E:2A:68:AA:93:0E:6F:08:0C:DC:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4E7A136ACCF4E32A8ABDD5A7DE704DB3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hulO9W7bSTsFPipoqpMObwgM3Ds.roa
Signing time: Sun 28 Jan 2024 05:10:39 +0000
ROA not before: Sun 28 Jan 2024 05:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4e:7a:13:6a:cc:f4:e3:2a:8a:bd:d5:a7:de:70:4d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 28 05:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86e94ef56edb493b053e2a68aa930e6f080cdc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8c:0f:4b:f4:c7:44:7a:a2:0d:c3:95:41:05:
b3:06:f4:2a:99:e6:5b:53:13:8d:aa:b9:5d:95:cd:
4f:bf:70:e4:8f:00:46:d3:7f:a7:ed:9d:87:4d:f8:
55:ae:e7:5f:6c:57:54:d1:ca:fc:6c:c1:33:5e:a7:
60:b5:cf:e5:1f:20:a9:f3:cd:72:a6:1a:3c:dc:77:
99:c3:75:3e:ea:23:6d:89:14:ca:ac:6b:41:8e:0d:
27:e2:d5:31:d8:73:7d:4c:b1:7f:00:da:b9:7b:01:
20:50:f5:09:c6:4f:39:c1:59:e8:53:8b:dd:a7:1a:
ea:83:c3:bd:b7:9b:06:22:30:d0:37:d3:d2:ff:a3:
54:c7:20:d4:35:1d:fe:a4:63:96:ba:40:33:cb:ec:
7d:69:be:7d:f5:d9:dd:02:58:c2:8d:a1:29:14:52:
66:9a:69:92:80:8c:40:ea:d8:f4:2c:e1:49:e1:81:
0c:53:79:64:64:12:89:da:74:52:6b:cc:6c:be:e8:
df:38:e4:b4:80:6f:7d:0c:a5:e2:34:1a:da:2c:bf:
d2:86:08:90:6a:e0:7a:df:2e:a9:b2:4a:b4:d5:36:
18:fc:53:e7:3f:a0:e8:36:1b:56:46:ca:9e:68:50:
47:d3:53:56:85:a2:07:62:d9:b8:ec:63:a5:7a:ae:
f5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E9:4E:F5:6E:DB:49:3B:05:3E:2A:68:AA:93:0E:6F:08:0C:DC:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hulO9W7bSTsFPipoqpMObwgM3Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ec:0d:0f:9c:68:8e:a0:22:4d:aa:cb:96:44:f1:70:25:dd:
9e:6c:58:63:3c:63:18:54:f4:0a:e2:d1:5f:c0:7e:31:7d:d1:
23:90:3f:b4:31:5b:b1:d4:0d:f7:81:b7:83:d5:6f:28:64:cf:
2f:76:c0:f8:3c:b1:ac:9d:60:26:ac:75:ba:8c:02:14:fd:60:
60:d9:45:cc:2d:36:56:cb:f2:c8:67:23:5e:b1:f0:98:82:2e:
11:6b:d8:b7:b5:8d:f0:b5:6c:82:f5:0a:ea:aa:f8:6c:87:d6:
f0:27:27:a2:45:87:aa:90:18:36:f5:16:93:ad:de:3c:9e:01:
cf:51:f2:ab:4f:a6:44:fa:9c:d4:e5:20:ac:19:18:9e:6d:e6:
cb:05:82:c2:0b:38:ae:68:e4:63:a9:1c:39:0a:90:c9:80:a4:
80:a4:b9:00:6f:8c:cb:9b:ba:7b:f9:a2:64:f7:cb:36:b8:7b:
bb:7c:ad:63:7f:90:fc:6d:73:49:d0:a4:7e:52:cb:a7:59:be:
54:34:ac:7b:c2:88:c3:fd:9f:44:0d:0a:26:69:25:f7:06:01:
41:95:78:3d:e9:7a:e1:b6:95:5c:59:5b:1d:c7:16:9b:27:2e:
8b:81:90:f0:8a:21:97:f9:54:5d:76:7a:31:29:47:2e:ff:54:
24:fa:ea:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1OehNqzPTjKoq91afecE2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI4MDUxMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU5NGVmNTZlZGI0OTNiMDUzZTJhNjhhYTkzMGU2ZjA4MGNkYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsowPS/THRHqiDcOVQQWzBvQqmeZb
UxONqrldlc1Pv3DkjwBG03+n7Z2HTfhVrudfbFdU0cr8bMEzXqdgtc/lHyCp881y
pho83HeZw3U+6iNtiRTKrGtBjg0n4tUx2HN9TLF/ANq5ewEgUPUJxk85wVnoU4vd
pxrqg8O9t5sGIjDQN9PS/6NUxyDUNR3+pGOWukAzy+x9ab599dndAljCjaEpFFJm
mmmSgIxA6tj0LOFJ4YEMU3lkZBKJ2nRSa8xsvujfOOS0gG99DKXiNBraLL/ShgiQ
auB63y6pskq01TYY/FPnP6DoNhtWRsqeaFBH01NWhaIHYtm47GOleq71XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbpTvVu20k7BT4qaKqTDm8IDNw7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaHVsTzlXN2JTVHNGUGlwb3FwTU9id2dNM0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ3sDQ+caI6gIk2qy5ZE
8XAl3Z5sWGM8YxhU9Ari0V/AfjF90SOQP7QxW7HUDfeBt4PVbyhkzy92wPg8sayd
YCasdbqMAhT9YGDZRcwtNlbL8shnI16x8JiCLhFr2Le1jfC1bIL1Cuqq+GyH1vAn
J6JFh6qQGDb1FpOt3jyeAc9R8qtPpkT6nNTlIKwZGJ5t5ssFgsILOK5o5GOpHDkK
kMmApICkuQBvjMubunv5omT3yza4e7t8rWN/kPxtc0nQpH5Sy6dZvlQ0rHvCiMP9
n0QNCiZpJfcGAUGVeD3peuG2lVxZWx3HFpsnLouBkPCKIZf5VF12ejEpRy7/VCT6
6vk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:07 2025 by rpki-client