Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qHug5mXVHZH2A7nhS3uTu7jzvfs.roa
File: qHug5mXVHZH2A7nhS3uTu7jzvfs.roa (raw, json)
Hash identifier: h3wnw5bOHdEsrCAntKiBjGZEhuJU+N1mvtJ73lVumUk=
Subject key identifier: A8:7B:A0:E6:65:D5:1D:91:F6:03:B9:E1:4B:7B:93:BB:B8:F3:BD:FB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC1F2091A1D751DB42F1EF185FA9D3EA1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qHug5mXVHZH2A7nhS3uTu7jzvfs.roa
Signing time: Mon 19 Feb 2024 15:18:01 +0000
ROA not before: Mon 19 Feb 2024 15:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:f2:09:1a:1d:75:1d:b4:2f:1e:f1:85:fa:9d:3e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 19 15:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a87ba0e665d51d91f603b9e14b7b93bbb8f3bdfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0a:5f:77:2f:80:2a:21:4c:0e:d3:f5:d1:5b:
01:dd:85:7d:ca:c6:57:8a:3a:d9:29:a0:78:6f:25:
df:80:3c:ba:43:d6:08:f3:6e:7f:0b:fd:c8:94:a7:
56:c4:cb:ba:a7:35:ca:4b:b3:a1:92:08:76:52:9a:
f5:54:2b:4b:98:df:60:2c:4a:7e:c8:db:7c:6c:d1:
a9:78:f7:06:f8:17:0a:60:08:dd:11:31:0e:99:8a:
58:46:14:9e:60:83:b4:fa:50:3c:1d:a4:22:bd:89:
35:d9:3e:bb:db:02:76:81:b8:bb:a2:29:1e:e4:a2:
05:78:42:b9:4d:a7:bc:e7:e7:e3:e6:00:fe:5b:a3:
23:98:cd:3d:8a:2b:c5:37:99:93:b6:0b:fa:7d:43:
ae:d4:98:85:32:11:b5:13:d7:10:09:73:e7:94:a2:
63:30:0e:d1:38:20:38:7c:d1:11:10:18:5c:39:12:
e0:85:9c:8e:37:b5:ef:bf:1c:80:e8:09:07:57:55:
89:b4:93:39:29:dd:18:74:fe:5d:75:36:57:38:9d:
56:fc:eb:ac:bb:61:24:56:ec:a7:10:11:29:54:3b:
42:7a:36:b2:da:d1:11:1f:d9:67:d5:c3:df:40:b9:
27:1a:39:00:ca:13:e7:b0:40:db:0b:a7:70:a5:84:
f0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7B:A0:E6:65:D5:1D:91:F6:03:B9:E1:4B:7B:93:BB:B8:F3:BD:FB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qHug5mXVHZH2A7nhS3uTu7jzvfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:3e:6c:a2:b9:c5:ce:55:e2:fa:28:45:89:08:fc:7d:30:12:
74:d6:b6:c1:d5:d4:04:35:76:65:e1:26:cf:7f:b3:25:3b:fe:
03:48:99:34:9d:2a:2d:6d:ba:f5:72:d1:28:2b:a3:ee:6d:7e:
96:f5:5e:7c:fa:55:ff:ee:54:32:75:fe:1d:f9:40:f1:8d:12:
aa:01:a8:41:f9:c6:ce:b0:c8:7f:19:c1:88:22:b0:aa:a2:3d:
2a:28:d7:2a:72:c7:c8:d9:af:db:46:a9:0b:33:bc:29:a6:3d:
88:c0:24:56:e5:83:96:69:1a:00:66:e8:17:a9:b7:80:5f:25:
80:0c:6c:5e:76:80:7c:cb:73:b8:b8:ea:b5:19:42:20:ba:35:
f4:bd:c3:dc:8f:cb:c6:f1:64:d6:f4:be:92:c2:7a:7e:20:58:
a0:d9:e5:90:7b:ef:33:bc:ce:d9:d2:16:84:9d:8f:af:c0:db:
6b:14:f1:4b:2d:24:9a:d7:a8:9c:9f:c5:9d:ee:ee:29:d1:65:
45:e0:dc:6c:72:ce:39:96:cd:af:2f:c7:10:85:f0:2c:47:7b:
4c:ce:b1:fb:48:c4:ac:5a:90:5b:a6:ef:91:ba:d1:52:49:ce:
8d:39:ef:40:43:e3:e4:f1:90:ef:4c:f8:ae:14:ea:4e:f1:a1:
c0:17:0b:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3B8gkaHXUdtC8e8YX6nT6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE5MTUxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODdiYTBlNjY1ZDUxZDkxZjYwM2I5ZTE0YjdiOTNiYmI4ZjNiZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQpfdy+AKiFMDtP10VsB3YV9ysZX
ijrZKaB4byXfgDy6Q9YI825/C/3IlKdWxMu6pzXKS7Ohkgh2Upr1VCtLmN9gLEp+
yNt8bNGpePcG+BcKYAjdETEOmYpYRhSeYIO0+lA8HaQivYk12T672wJ2gbi7oike
5KIFeEK5Tae85+fj5gD+W6MjmM09iivFN5mTtgv6fUOu1JiFMhG1E9cQCXPnlKJj
MA7ROCA4fNEREBhcORLghZyON7XvvxyA6AkHV1WJtJM5Kd0YdP5ddTZXOJ1W/Ous
u2EkVuynEBEpVDtCejay2tERH9ln1cPfQLknGjkAyhPnsEDbC6dwpYTw+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKh7oOZl1R2R9gO54Ut7k7u48737MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcUh1ZzVtWFZIWkgyQTduaFMzdVR1N2p6dmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABM+bKK5xc5V4vooRYkI
/H0wEnTWtsHV1AQ1dmXhJs9/syU7/gNImTSdKi1tuvVy0Sgro+5tfpb1Xnz6Vf/u
VDJ1/h35QPGNEqoBqEH5xs6wyH8ZwYgisKqiPSoo1ypyx8jZr9tGqQszvCmmPYjA
JFblg5ZpGgBm6Bept4BfJYAMbF52gHzLc7i46rUZQiC6NfS9w9yPy8bxZNb0vpLC
en4gWKDZ5ZB77zO8ztnSFoSdj6/A22sU8UstJJrXqJyfxZ3u7inRZUXg3GxyzjmW
za8vxxCF8CxHe0zOsftIxKxakFum75G60VJJzo0570BD4+TxkO9M+K4U6k7xocAX
C8c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:24 2025 by rpki-client