Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i-hodpHA7226oy7WaaxPgUkUs84.roa
File: i-hodpHA7226oy7WaaxPgUkUs84.roa (raw, json)
Hash identifier: 0N8w/MG1R207fn6HICGf/ICn9NZSOjul8TUXmjwrxco=
Subject key identifier: 8B:E8:68:76:91:C0:EF:6D:BA:A3:2E:D6:69:AC:4F:81:49:14:B3:CE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0A762E7D01075FD6C2D8D62C399ED29F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i-hodpHA7226oy7WaaxPgUkUs84.roa
Signing time: Mon 04 Mar 2024 17:15:01 +0000
ROA not before: Mon 04 Mar 2024 17:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:76:2e:7d:01:07:5f:d6:c2:d8:d6:2c:39:9e:d2:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 17:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8be8687691c0ef6dbaa32ed669ac4f814914b3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:d4:f0:90:45:7b:ec:e3:fa:d0:43:9b:78:
bf:d0:b6:57:02:eb:ed:10:02:84:d1:07:06:ce:dc:
70:cd:be:45:d0:f5:8b:0c:0c:9f:2b:6e:4c:94:40:
ff:6f:7c:91:b9:2e:e9:07:91:3d:bd:a5:bc:5e:2e:
f8:cb:68:8d:31:cc:5d:d9:c0:f2:c4:2a:d1:ae:03:
81:6e:c8:0d:36:6d:7d:a7:fe:87:69:b9:73:26:c7:
f6:57:90:24:c0:66:fa:c7:cb:87:e4:3a:17:85:9e:
d3:a1:15:88:3a:2c:fb:b5:01:a2:c0:a5:10:08:57:
a1:cf:8e:e1:fc:03:d8:5a:41:0a:ef:2e:d5:58:1b:
ed:e9:ae:c6:18:f3:b4:2e:68:18:4c:13:41:86:a1:
3b:df:02:ea:2a:4d:d0:2d:5a:22:2b:b7:a5:a6:21:
da:15:1b:cb:ea:5a:f5:d0:83:73:1a:e4:bb:e5:d2:
d2:72:a7:80:17:d9:76:51:32:0d:7c:af:6c:b3:e4:
ed:d5:42:62:2a:28:e3:32:f7:14:71:35:37:62:d8:
e7:33:15:d5:bc:d4:cf:f6:0f:38:85:28:bd:0f:a2:
fe:ba:20:ac:76:89:04:46:0f:f9:ea:de:c0:cd:ad:
ae:48:d8:8b:9d:67:0c:50:7f:00:4a:71:c9:b1:31:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E8:68:76:91:C0:EF:6D:BA:A3:2E:D6:69:AC:4F:81:49:14:B3:CE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i-hodpHA7226oy7WaaxPgUkUs84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:46:12:89:e9:ca:99:65:f3:d6:68:4e:9b:a1:ca:7d:3d:4f:
52:41:27:61:97:4a:0d:c6:6a:df:c7:a2:b2:72:ef:15:34:78:
9a:96:64:22:4a:f0:7e:7d:8f:1c:01:09:35:1d:3f:d1:14:6b:
16:02:55:ee:bd:4e:f4:5d:83:04:1c:48:49:9a:26:fc:fe:ef:
a6:83:f2:89:da:05:fd:e1:7e:11:2e:82:8a:be:29:cd:51:c6:
ed:68:0e:bb:b9:fe:cc:62:ec:d3:c2:b8:b7:43:f4:fb:e9:a9:
8a:1d:7d:58:f5:38:d5:49:42:42:cb:cc:53:59:21:5a:06:45:
94:8a:62:2d:89:b3:8d:65:15:4c:65:3f:f8:f8:53:7f:60:54:
9a:73:78:b0:39:42:4b:58:96:07:3c:28:b0:5d:44:8a:7e:0d:
f4:a7:b8:2d:f0:d1:dc:e2:76:94:f0:e4:33:1a:7b:0c:f1:6c:
38:83:3e:56:fa:c9:48:90:69:97:3c:86:50:ed:1b:b4:1b:9e:
7f:73:9f:d8:54:b0:b4:8a:ef:16:cd:32:cd:06:66:8a:f4:e9:
22:74:5d:ab:0c:54:d9:9c:37:40:a2:b8:6d:72:13:67:4d:af:
f1:3a:37:93:51:07:1e:58:61:dc:cc:d3:ac:cd:8e:61:eb:73:
5a:bf:c5:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Kdi59AQdf1sLY1iw5ntKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MTcxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU4Njg3NjkxYzBlZjZkYmFhMzJlZDY2OWFjNGY4MTQ5MTRiM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4fU8JBFe+zj+tBDm3i/0LZXAuvt
EAKE0QcGztxwzb5F0PWLDAyfK25MlED/b3yRuS7pB5E9vaW8Xi74y2iNMcxd2cDy
xCrRrgOBbsgNNm19p/6HablzJsf2V5AkwGb6x8uH5DoXhZ7ToRWIOiz7tQGiwKUQ
CFehz47h/APYWkEK7y7VWBvt6a7GGPO0LmgYTBNBhqE73wLqKk3QLVoiK7elpiHa
FRvL6lr10INzGuS75dLScqeAF9l2UTINfK9ss+Tt1UJiKijjMvcUcTU3YtjnMxXV
vNTP9g84hSi9D6L+uiCsdokERg/56t7Aza2uSNiLnWcMUH8ASnHJsTGo8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvoaHaRwO9tuqMu1mmsT4FJFLPOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaS1ob2RwSEE3MjI2b3k3V2FheFBnVWtVczg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC1GEonpypll89ZoTpuh
yn09T1JBJ2GXSg3Gat/HorJy7xU0eJqWZCJK8H59jxwBCTUdP9EUaxYCVe69TvRd
gwQcSEmaJvz+76aD8onaBf3hfhEugoq+Kc1Rxu1oDru5/sxi7NPCuLdD9PvpqYod
fVj1ONVJQkLLzFNZIVoGRZSKYi2Js41lFUxlP/j4U39gVJpzeLA5QktYlgc8KLBd
RIp+DfSnuC3w0dzidpTw5DMaewzxbDiDPlb6yUiQaZc8hlDtG7Qbnn9zn9hUsLSK
7xbNMs0GZor06SJ0XasMVNmcN0CiuG1yE2dNr/E6N5NRBx5YYdzM06zNjmHrc1q/
xW0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:55:26 2025 by rpki-client