Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1h_PhoJGq1alPmzGyI50B3oW5dk.roa
File: 1h_PhoJGq1alPmzGyI50B3oW5dk.roa (raw, json)
Hash identifier: A0EZe1wyEXv5JXIoPfpuuVdfSAn/ZLOUb3ff8wU7JFU=
Subject key identifier: D6:1F:CF:86:82:46:AB:56:A5:3E:6C:C6:C8:8E:74:07:7A:16:E5:D9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF266ED006258F2EF3212E127F578724D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1h_PhoJGq1alPmzGyI50B3oW5dk.roa
Signing time: Wed 10 Jan 2024 08:04:40 +0000
ROA not before: Wed 10 Jan 2024 08:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:f266:66df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:66:ed:00:62:58:f2:ef:32:12:e1:27:f5:78:72:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 08:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d61fcf868246ab56a53e6cc6c88e74077a16e5d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:10:1d:79:58:42:2f:2b:4c:c9:a5:c7:71:71:
79:9d:f4:2d:6d:f5:26:bf:ae:58:fb:9d:d8:84:0a:
dd:f8:d2:69:90:7a:63:31:fb:3d:f7:4c:f7:82:cb:
1c:fb:5d:15:44:c7:93:cb:b0:99:64:46:e9:47:cb:
0a:19:ec:0b:b4:58:c2:30:ca:83:a4:50:46:b9:ef:
43:be:86:42:ae:b8:57:33:f2:78:e9:7e:63:74:f4:
4f:11:84:6a:62:a4:f1:fb:81:25:b6:56:c9:7a:14:
d9:0d:f2:b4:9c:09:81:c5:74:af:ac:a4:4f:73:0f:
8c:79:59:9d:5e:66:70:14:fc:ad:4e:80:7d:9d:9a:
6c:46:a3:fd:85:d5:30:62:b4:d0:52:b4:18:45:7f:
43:bb:37:f3:fc:85:02:c8:8c:70:91:44:06:5d:a0:
7b:87:5f:c0:0c:1a:7d:81:4d:ef:fc:57:57:d3:3d:
8c:0b:32:da:bb:3b:af:e7:b0:50:e9:68:00:15:6f:
50:ae:1f:5b:b7:ec:d6:c5:76:b4:3b:23:07:b3:ee:
94:c3:8e:13:c4:c1:b4:0b:79:ba:71:d5:58:1b:b9:
cb:84:b6:dc:f5:e9:be:5a:6e:34:43:4b:f7:ea:82:
5f:51:10:fe:a6:0e:06:61:ba:d8:f9:b4:c2:05:3f:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1F:CF:86:82:46:AB:56:A5:3E:6C:C6:C8:8E:74:07:7A:16:E5:D9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1h_PhoJGq1alPmzGyI50B3oW5dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:7d:f2:12:d3:c4:8d:5e:43:98:08:54:ad:17:ea:ee:a4:de:
cf:f6:b0:b8:1d:f7:20:ee:66:43:59:a7:b0:90:c1:d8:11:0f:
9f:7d:33:a2:c0:5f:a1:a3:fb:59:8f:27:8b:b7:af:42:5c:36:
cb:c6:c9:32:f0:80:87:44:ae:cb:5d:df:37:42:34:b6:e0:dd:
f6:ea:ec:f2:c0:1e:ba:db:b8:bc:21:48:69:c8:af:6f:32:8d:
f2:c1:3e:5c:9a:49:1e:95:02:46:8f:e5:f6:ac:23:d3:97:8c:
f2:09:b2:5c:93:39:14:a5:f7:cf:a8:91:ac:e2:32:05:06:3c:
6d:1d:96:1f:3e:4f:4c:78:e7:be:e6:a0:f1:9c:a2:e2:3d:79:
e6:32:33:54:69:05:65:bb:1c:dc:59:e0:b8:c0:50:e4:e3:5c:
47:55:99:a8:13:d8:b2:bd:fc:3b:1e:88:5a:a4:c5:2c:48:c3:
2c:f6:f4:f8:2e:df:bc:fe:a5:d8:f5:df:81:41:4b:85:ed:82:
c6:f5:24:b3:62:51:f2:36:04:ac:bf:1c:29:12:af:73:21:fa:
6d:69:7b:ad:72:9a:cd:cd:98:a0:9a:31:1c:bb:1a:7d:21:cc:
a3:42:49:01:d8:e7:40:0e:74:83:bd:ae:ce:fe:1f:98:55:b6:
0e:40:a6:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzyZu0AYljy7zIS4Sf1eHJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMDgwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFmY2Y4NjgyNDZhYjU2YTUzZTZjYzZjODhlNzQwNzdhMTZlNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRAdeVhCLytMyaXHcXF5nfQtbfUm
v65Y+53YhArd+NJpkHpjMfs990z3gssc+10VRMeTy7CZZEbpR8sKGewLtFjCMMqD
pFBGue9DvoZCrrhXM/J46X5jdPRPEYRqYqTx+4EltlbJehTZDfK0nAmBxXSvrKRP
cw+MeVmdXmZwFPytToB9nZpsRqP9hdUwYrTQUrQYRX9Duzfz/IUCyIxwkUQGXaB7
h1/ADBp9gU3v/FdX0z2MCzLauzuv57BQ6WgAFW9Qrh9bt+zWxXa0OyMHs+6Uw44T
xMG0C3m6cdVYG7nLhLbc9em+Wm40Q0v36oJfURD+pg4GYbrY+bTCBT+GZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYfz4aCRqtWpT5sxsiOdAd6FuXZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMWhfUGhvSkdxMWFsUG16R3lJNTBCM29XNWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF598hLTxI1eQ5gIVK0X
6u6k3s/2sLgd9yDuZkNZp7CQwdgRD599M6LAX6Gj+1mPJ4u3r0JcNsvGyTLwgIdE
rstd3zdCNLbg3fbq7PLAHrrbuLwhSGnIr28yjfLBPlyaSR6VAkaP5fasI9OXjPIJ
slyTORSl98+okaziMgUGPG0dlh8+T0x4577moPGcouI9eeYyM1RpBWW7HNxZ4LjA
UOTjXEdVmagT2LK9/DseiFqkxSxIwyz29Pgu37z+pdj134FBS4Xtgsb1JLNiUfI2
BKy/HCkSr3Mh+m1pe61yms3NmKCaMRy7Gn0hzKNCSQHY50AOdIO9rs7+H5hVtg5A
piY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:03 2025 by rpki-client