Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hvOfgAveQmIw84JUawZS4SBDDY4.roa
File: hvOfgAveQmIw84JUawZS4SBDDY4.roa (raw, json)
Hash identifier: GvwwNK4XlqkQVFiYqAvgRqIP+WK47lbxKg26E6TDj/w=
Subject key identifier: 86:F3:9F:80:0B:DE:42:62:30:F3:82:54:6B:06:52:E1:20:43:0D:8E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2547DC67B8376E4C73EB3AF16E036314
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hvOfgAveQmIw84JUawZS4SBDDY4.roa
Signing time: Sat 09 Mar 2024 22:14:10 +0000
ROA not before: Sat 09 Mar 2024 22:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:25:47:dc:67:b8:37:6e:4c:73:eb:3a:f1:6e:03:63:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 22:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86f39f800bde426230f382546b0652e120430d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:38:53:65:99:82:0e:5b:46:e1:0f:a4:e0:
2f:a3:3f:89:2d:b7:67:22:fc:c6:e1:45:57:c6:af:
04:88:52:18:8d:5d:a9:5e:c5:1e:70:60:b0:b3:96:
75:a4:24:92:98:22:45:27:60:9b:d0:76:c1:0b:e8:
13:8b:cf:7f:57:bf:2a:74:95:eb:d6:67:46:90:11:
47:9f:ea:22:de:28:12:82:2b:cc:eb:4e:73:3b:92:
3d:05:dd:9d:20:7e:40:20:93:c8:ae:5f:30:29:59:
da:3d:dd:7c:0d:41:58:38:d1:7c:1b:90:dd:81:ad:
bb:be:d7:c7:a6:08:1c:8f:5c:85:14:0f:ad:51:03:
3b:52:c5:68:3a:f8:84:97:24:55:3d:73:31:b8:3b:
3e:d6:f7:ef:69:ae:ea:12:30:36:2a:38:28:bd:06:
bc:53:ac:1f:cd:f6:75:7a:a8:69:d5:63:e4:f7:86:
c8:26:e6:1a:26:78:3a:21:58:d7:eb:ca:de:98:13:
de:7b:d8:c3:f1:60:64:8b:e7:9c:67:98:c0:ee:31:
1a:15:bb:1d:d9:f7:78:4d:3b:a5:67:d4:e6:81:51:
b0:e4:fb:d9:07:9e:93:9c:63:02:9e:79:09:e2:7e:
b8:41:12:b4:15:46:fe:f9:ed:5e:4e:d7:87:f5:0c:
09:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F3:9F:80:0B:DE:42:62:30:F3:82:54:6B:06:52:E1:20:43:0D:8E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hvOfgAveQmIw84JUawZS4SBDDY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:2c:a1:e9:a4:96:26:0e:28:ff:2a:09:fe:93:e5:7d:ff:89:
79:f5:fc:f0:c6:e3:69:3d:26:e7:f2:0f:f9:b2:d7:12:68:93:
7f:e1:59:a5:07:04:94:49:db:e3:c3:27:a4:cc:24:c0:e7:34:
1f:6f:f9:9f:d3:3d:9b:83:3a:0a:65:f1:dc:c4:a3:b7:9e:d2:
f0:74:11:25:47:23:bb:e6:d9:d1:1a:b4:10:e8:4e:ba:6f:fd:
54:c5:9d:b1:b2:10:00:b6:59:f7:63:32:eb:38:50:82:04:55:
e2:ff:f8:0c:5b:b3:88:50:3a:e1:0a:ec:b2:bb:65:9b:3b:9e:
7e:55:ca:bb:6f:a7:29:ed:1a:b4:33:9b:f5:65:2e:a2:20:1b:
a4:ec:ea:b4:14:79:18:74:10:99:06:72:cd:1c:4f:2a:2a:19:
48:0a:47:d5:03:6d:7a:ce:3d:d4:40:82:05:a1:e7:77:4b:16:
fb:c3:0d:99:04:a6:7b:b8:85:86:3e:8b:6d:a2:a1:68:30:3b:
ce:b5:05:05:af:e8:cc:db:40:f8:9c:14:ed:30:b7:01:39:4d:
12:3f:ea:20:00:ad:53:4f:5f:7d:1e:72:c8:2c:d6:c7:b3:19:
42:a9:06:bc:b0:99:01:97:bd:9a:0f:fe:f3:ae:8c:4c:6c:fa:
91:53:5f:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4lR9xnuDduTHPrOvFuA2MUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MjIxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYzOWY4MDBiZGU0MjYyMzBmMzgyNTQ2YjA2NTJlMTIwNDMwZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRw4U2WZgg5bRuEPpOAvoz+JLbdn
IvzG4UVXxq8EiFIYjV2pXsUecGCws5Z1pCSSmCJFJ2Cb0HbBC+gTi89/V78qdJXr
1mdGkBFHn+oi3igSgivM605zO5I9Bd2dIH5AIJPIrl8wKVnaPd18DUFYONF8G5Dd
ga27vtfHpggcj1yFFA+tUQM7UsVoOviElyRVPXMxuDs+1vfvaa7qEjA2KjgovQa8
U6wfzfZ1eqhp1WPk94bIJuYaJng6IVjX68remBPee9jD8WBki+ecZ5jA7jEaFbsd
2fd4TTulZ9TmgVGw5PvZB56TnGMCnnkJ4n64QRK0FUb++e1eTteH9QwJ+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbzn4AL3kJiMPOCVGsGUuEgQw2OMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaHZPZmdBdmVRbUl3ODRKVWF3WlM0U0JERFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACgsoemkliYOKP8qCf6T
5X3/iXn1/PDG42k9JufyD/my1xJok3/hWaUHBJRJ2+PDJ6TMJMDnNB9v+Z/TPZuD
Ogpl8dzEo7ee0vB0ESVHI7vm2dEatBDoTrpv/VTFnbGyEAC2WfdjMus4UIIEVeL/
+Axbs4hQOuEK7LK7ZZs7nn5VyrtvpyntGrQzm/VlLqIgG6Ts6rQUeRh0EJkGcs0c
TyoqGUgKR9UDbXrOPdRAggWh53dLFvvDDZkEpnu4hYY+i22ioWgwO861BQWv6Mzb
QPicFO0wtwE5TRI/6iAArVNPX30ecsgs1sezGUKpBrywmQGXvZoP/vOujExs+pFT
Xx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org