Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HtSXqVS02Mw3Sb_en1s29SWdJeM.roa
File: HtSXqVS02Mw3Sb_en1s29SWdJeM.roa (raw, json)
Hash identifier: Ap2Ho3dVTSq2lgadvdMzdSpNHEGfi6DfWAQm3J3dKuc=
Subject key identifier: 1E:D4:97:A9:54:B4:D8:CC:37:49:BF:DE:9F:5B:36:F5:25:9D:25:E3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFD5F288612387466097748B935D68B74
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HtSXqVS02Mw3Sb_en1s29SWdJeM.roa
Signing time: Sat 02 Mar 2024 04:14:48 +0000
ROA not before: Sat 02 Mar 2024 04:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fd:5f:28:86:12:38:74:66:09:77:48:b9:35:d6:8b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 04:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed497a954b4d8cc3749bfde9f5b36f5259d25e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:93:49:1a:a0:24:67:07:92:40:c8:ba:2a:
52:6c:28:5f:4a:14:d4:e7:f6:48:52:99:15:2e:82:
7e:2d:e7:d1:aa:48:0f:79:01:5c:6a:02:ee:85:03:
c4:22:3f:27:47:89:53:20:29:ec:20:1c:da:ba:cf:
be:ca:d9:a4:49:87:55:77:6d:52:c8:a9:e4:9a:44:
ee:6a:b9:8f:b5:59:5b:5c:5a:af:05:fe:bd:b9:49:
ea:23:31:45:a8:fb:e0:80:1e:fb:bd:c6:d8:3b:d5:
64:43:73:11:65:82:d0:57:d5:53:92:a1:b4:0c:8f:
bb:1b:41:5c:24:72:7c:ee:52:7d:75:4a:44:bb:a9:
61:21:88:7d:82:b7:fc:6d:b0:be:e3:0f:7b:c9:0f:
67:17:72:43:a6:b0:02:5d:f6:b3:0e:29:9e:c4:71:
f6:16:f3:04:32:4e:41:55:cd:21:1e:2b:a9:69:f1:
43:2f:bc:b0:59:84:01:d3:63:18:5d:4c:94:8c:9b:
7d:73:00:7d:3b:c8:57:ca:c4:e6:3f:3e:b0:20:46:
41:6f:76:85:58:be:02:f0:79:3a:fc:3a:ec:98:46:
b0:b6:ed:3a:df:56:ae:7c:c4:8b:eb:15:68:78:65:
c5:0f:67:da:11:9d:50:39:bd:8e:a6:b3:c9:4f:57:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D4:97:A9:54:B4:D8:CC:37:49:BF:DE:9F:5B:36:F5:25:9D:25:E3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/HtSXqVS02Mw3Sb_en1s29SWdJeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:95:91:af:b8:7e:3d:9c:25:85:d3:89:52:8d:38:1b:82:4b:
70:46:9f:bc:01:81:fa:e7:45:7b:85:16:ce:fb:3e:2c:07:12:
0a:bc:eb:8f:d1:a3:5c:2b:c8:e6:02:6e:44:65:ca:02:3b:c3:
ba:75:23:1d:31:2f:40:b8:25:62:aa:2a:c2:a2:6f:a2:be:7d:
36:54:57:37:7d:e9:25:1b:32:f9:2c:63:54:8f:95:2e:8f:0b:
fa:9f:28:eb:3b:b1:8e:09:bc:cd:06:7b:f1:90:0a:11:6c:dd:
1b:53:20:4a:a8:23:b3:1f:fb:a6:48:bf:86:fb:1a:a1:ab:0d:
46:33:ec:3d:4f:f7:67:23:de:ae:60:d1:ba:db:96:86:56:15:
fd:8b:1f:fa:4e:89:0c:5b:2d:45:d9:8b:7e:02:2b:9b:78:c8:
6f:8b:67:a9:c0:be:06:72:9f:92:28:76:5c:10:6a:57:12:ef:
40:bb:57:25:8d:75:2e:ee:ae:05:cc:98:b6:23:a1:0f:8f:0b:
05:db:ae:28:8f:d5:07:41:ae:4b:77:da:02:97:fc:b6:2f:d0:
3a:5d:f6:df:a3:86:73:e8:1e:36:fc:90:f8:e6:28:8b:3b:69:
fa:21:4f:f8:e2:92:82:b0:b8:46:fd:63:25:e8:e7:c4:af:91:
a2:52:b7:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY39XyiGEjh0Zgl3SLk11ot0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDQxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ0OTdhOTU0YjRkOGNjMzc0OWJmZGU5ZjViMzZmNTI1OWQyNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8KTSRqgJGcHkkDIuipSbChfShTU
5/ZIUpkVLoJ+LefRqkgPeQFcagLuhQPEIj8nR4lTICnsIBzaus++ytmkSYdVd21S
yKnkmkTuarmPtVlbXFqvBf69uUnqIzFFqPvggB77vcbYO9VkQ3MRZYLQV9VTkqG0
DI+7G0FcJHJ87lJ9dUpEu6lhIYh9grf8bbC+4w97yQ9nF3JDprACXfazDimexHH2
FvMEMk5BVc0hHiupafFDL7ywWYQB02MYXUyUjJt9cwB9O8hXysTmPz6wIEZBb3aF
WL4C8Hk6/DrsmEawtu0631aufMSL6xVoeGXFD2faEZ1QOb2OprPJT1edcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB7Ul6lUtNjMN0m/3p9bNvUlnSXjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSHRTWHFWUzAyTXczU2JfZW4xczI5U1dkSmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGyVka+4fj2cJYXTiVKN
OBuCS3BGn7wBgfrnRXuFFs77PiwHEgq864/Ro1wryOYCbkRlygI7w7p1Ix0xL0C4
JWKqKsKib6K+fTZUVzd96SUbMvksY1SPlS6PC/qfKOs7sY4JvM0Ge/GQChFs3RtT
IEqoI7Mf+6ZIv4b7GqGrDUYz7D1P92cj3q5g0brbloZWFf2LH/pOiQxbLUXZi34C
K5t4yG+LZ6nAvgZyn5IodlwQalcS70C7VyWNdS7urgXMmLYjoQ+PCwXbriiP1QdB
rkt32gKX/LYv0Dpd9t+jhnPoHjb8kPjmKIs7afohT/jikoKwuEb9YyXo58SvkaJS
twE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:48:13 2025 by rpki-client