Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/GXcig42wS1Lvyqi8awzkwbsoa9I.roa
File: GXcig42wS1Lvyqi8awzkwbsoa9I.roa (raw, json)
Hash identifier: C/ErnUQUGP9rl5sRaNbZv645zpYFTu1lhGXCSKdUAC8=
Subject key identifier: 19:77:22:83:8D:B0:4B:52:EF:CA:A8:BC:6B:0C:E4:C1:BB:28:6B:D2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F878A14B9441432AB66D7D4FB8EAD9615
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/GXcig42wS1Lvyqi8awzkwbsoa9I.roa
Signing time: Fri 17 May 2024 17:12:04 +0000
ROA not before: Fri 17 May 2024 17:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:87:8a:14:b9:44:14:32:ab:66:d7:d4:fb:8e:ad:96:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 17 17:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=197722838db04b52efcaa8bc6b0ce4c1bb286bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cb:07:8e:09:72:d4:92:f2:e4:06:f1:ed:47:
50:d7:72:0b:a8:b3:85:2a:f5:53:06:53:87:58:8a:
43:64:67:f1:ee:d9:5a:63:1d:39:5b:d8:b9:37:7b:
3d:6c:6b:67:a2:db:6e:9f:ec:64:8a:e4:8e:a1:a9:
9d:60:e5:27:c6:24:40:95:4d:39:87:e5:2f:6b:17:
db:86:c6:a2:ba:82:66:dd:2d:71:b2:d8:4b:43:9a:
34:6e:4d:c4:56:3a:dc:ce:22:bb:84:45:f3:01:76:
e3:fe:44:0a:d8:83:b4:4f:7f:53:0a:8b:bc:0c:52:
ac:e2:9e:b9:10:6a:e5:28:57:42:8a:18:30:5b:75:
33:1f:66:69:c2:41:aa:b2:45:d8:9d:a6:d7:55:b4:
ab:f8:a0:bd:1d:10:ac:e2:e1:56:67:b8:6f:cc:da:
9d:e1:8a:6b:6d:aa:69:06:67:d5:27:a7:49:7e:f6:
62:b2:95:eb:a1:c5:f6:2a:90:56:00:9a:55:d2:f9:
9c:a8:58:6b:68:71:d9:22:f0:30:b4:ee:32:b9:a5:
ce:90:8b:f2:03:10:d6:b3:f2:a7:d8:9d:d0:7e:0d:
bc:47:ef:a5:16:a6:45:e9:33:1e:30:28:8b:e3:e6:
ba:99:2d:39:56:f6:d0:4d:5b:88:e8:27:40:a4:b1:
d4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:77:22:83:8D:B0:4B:52:EF:CA:A8:BC:6B:0C:E4:C1:BB:28:6B:D2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/GXcig42wS1Lvyqi8awzkwbsoa9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:f9:2a:f3:93:1e:64:07:97:fb:84:c5:db:60:49:9b:08:b3:
36:cf:1f:b6:f7:91:22:bc:b1:15:70:f0:b9:a6:1c:51:14:4c:
0d:b5:3b:31:64:f0:4f:ae:8f:48:94:27:a6:1e:5d:18:35:cd:
2a:20:af:32:c4:c6:dc:22:f9:5c:b4:63:13:a2:bd:3d:ba:8f:
15:ff:55:90:69:14:7e:94:2f:51:ec:a5:a1:d2:9e:26:f7:5e:
8d:1e:bb:32:48:f2:9b:55:32:7f:ed:3b:ef:08:3e:51:43:77:
ea:69:6d:67:d0:ff:20:7c:2e:d2:a5:87:d1:2c:d0:4e:e1:94:
69:34:b6:1b:11:40:18:e7:c9:fc:f2:40:f5:6b:ad:0f:87:f7:
d7:b8:01:09:c5:ef:72:ef:d1:9d:17:7e:1a:45:74:a8:36:3b:
80:30:df:52:4a:f2:cb:58:c1:82:39:3b:54:c1:4b:a1:ed:63:
b7:21:cc:13:08:a2:03:73:cf:f0:74:7c:ec:ea:51:d7:1a:e7:
d7:a8:60:5a:bf:7f:a5:4b:76:7a:a4:06:bb:8f:0d:82:f4:70:
2f:2c:4c:78:2e:3e:2c:a0:dd:f9:67:67:1b:0c:e2:43:8f:ca:
66:fb:a6:95:cd:97:3f:66:d0:b1:39:ef:50:1c:6e:34:c1:0d:
63:b3:53:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+HihS5RBQyq2bX1PuOrZYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE3MTcxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTc3MjI4MzhkYjA0YjUyZWZjYWE4YmM2YjBjZTRjMWJiMjg2YmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMsHjgly1JLy5Abx7UdQ13ILqLOF
KvVTBlOHWIpDZGfx7tlaYx05W9i5N3s9bGtnottun+xkiuSOoamdYOUnxiRAlU05
h+UvaxfbhsaiuoJm3S1xsthLQ5o0bk3EVjrcziK7hEXzAXbj/kQK2IO0T39TCou8
DFKs4p65EGrlKFdCihgwW3UzH2ZpwkGqskXYnabXVbSr+KC9HRCs4uFWZ7hvzNqd
4YprbappBmfVJ6dJfvZispXrocX2KpBWAJpV0vmcqFhraHHZIvAwtO4yuaXOkIvy
AxDWs/Kn2J3Qfg28R++lFqZF6TMeMCiL4+a6mS05VvbQTVuI6CdApLHUcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBl3IoONsEtS78qovGsM5MG7KGvSMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvR1hjaWc0MndTMUx2eXFpOGF3emt3YnNvYTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHj5KvOTHmQHl/uExdtg
SZsIszbPH7b3kSK8sRVw8LmmHFEUTA21OzFk8E+uj0iUJ6YeXRg1zSogrzLExtwi
+Vy0YxOivT26jxX/VZBpFH6UL1HspaHSnib3Xo0euzJI8ptVMn/tO+8IPlFDd+pp
bWfQ/yB8LtKlh9Es0E7hlGk0thsRQBjnyfzyQPVrrQ+H99e4AQnF73Lv0Z0XfhpF
dKg2O4Aw31JK8stYwYI5O1TBS6HtY7chzBMIogNzz/B0fOzqUdca59eoYFq/f6VL
dnqkBruPDYL0cC8sTHguPiyg3flnZxsM4kOPymb7ppXNlz9m0LE571AcbjTBDWOz
U84=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:32 2025 by rpki-client