Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/GcZXvic1_8_iK_74Xa4vi94MvyM.roa
File: GcZXvic1_8_iK_74Xa4vi94MvyM.roa (raw, json)
Hash identifier: gvPt7i11gSQpLgqMY4bGVitWBaKOebsSYItxCOf6Xno=
Subject key identifier: 19:C6:57:BE:27:35:FF:CF:E2:2B:FE:F8:5D:AE:2F:8B:DE:0C:BF:23
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 019423D701C4579D16E8369FAF2545CF8F2B
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/GcZXvic1_8_iK_74Xa4vi94MvyM.roa
Signing time: Wed 01 Jan 2025 21:48:00 +0000
ROA not before: Wed 01 Jan 2025 21:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6135
IP address blocks: 213.238.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:01:c4:57:9d:16:e8:36:9f:af:25:45:cf:8f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Jan 1 21:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19c657be2735ffcfe22bfef85dae2f8bde0cbf23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c0:06:ab:c3:6e:63:b9:74:57:a2:5d:5e:a1:
0d:74:ae:18:2e:1b:06:59:f0:ae:1e:02:9f:75:27:
a4:13:ac:cb:d7:1b:2b:7f:79:cf:57:31:7a:56:89:
db:3d:67:72:0b:4a:3d:78:b8:91:06:48:e6:cf:cb:
b9:ca:e9:ea:fc:92:98:48:a9:8e:35:c7:4a:e0:96:
33:8c:4d:33:c6:2d:fc:81:4d:a8:ac:28:1e:6a:1e:
1f:9e:ab:01:4e:3e:57:23:f9:27:d9:1b:ad:d1:61:
b7:e6:e1:32:ff:6e:4c:cd:32:3b:b6:16:a0:94:be:
46:62:ff:f1:4c:7f:2d:10:ac:f3:ce:02:82:c2:2a:
07:19:34:e4:fe:3a:84:a3:43:d7:12:c3:56:9f:f1:
e6:85:05:96:30:d3:f1:c1:3c:26:e1:d2:8c:ba:15:
06:9e:26:9f:23:cb:fc:71:e7:b2:33:7e:82:09:8a:
54:90:c0:5f:e8:0f:23:df:ba:04:40:b8:bb:dd:4d:
21:73:2e:11:53:4a:e8:14:e3:fa:0c:20:55:7a:43:
29:56:5c:08:5d:b0:90:44:2b:8d:1b:6f:9b:28:73:
51:64:61:5f:1d:fc:4b:a4:88:9e:35:bb:0e:e4:40:
da:6e:c1:95:f3:ff:b5:8a:db:50:61:18:b1:2c:af:
ce:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C6:57:BE:27:35:FF:CF:E2:2B:FE:F8:5D:AE:2F:8B:DE:0C:BF:23
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/GcZXvic1_8_iK_74Xa4vi94MvyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.167.0/24
Signature Algorithm: sha256WithRSAEncryption
44:52:e3:f0:a9:a2:f0:7b:21:35:0c:a0:a1:b8:9f:84:70:6f:
61:3a:61:37:4b:9d:48:ff:01:10:77:a5:8d:4a:79:af:6c:2b:
89:0c:57:c0:6e:98:52:43:62:e7:90:b9:b4:78:45:e0:5c:83:
7a:64:fb:a8:9f:5d:a0:9b:6b:7b:d9:88:b9:11:07:c1:a9:c8:
ea:19:63:29:e4:98:77:ed:00:b9:cb:2a:f6:f6:c8:f4:5a:f8:
eb:95:27:9e:51:02:37:d7:99:95:77:db:d3:db:cb:af:f7:d9:
84:b3:cd:f3:4e:69:bc:30:c4:fe:8e:d9:3c:39:49:a2:c0:0d:
3c:b9:93:ca:60:fa:ff:87:f0:b9:78:a8:e0:ae:26:a3:54:f8:
67:50:1f:ab:b6:8f:4f:8e:b8:27:ec:38:52:ff:56:bf:57:9d:
cb:f7:8b:fd:5c:60:06:e9:5f:5a:7e:1f:9b:9a:ec:8a:2b:ea:
54:6c:38:fb:50:29:70:75:1f:30:8c:7f:16:13:73:3c:cf:8e:
de:b5:b6:f4:a5:9e:c7:07:b2:2c:a4:10:fb:26:e7:55:25:d1:
28:b3:bf:b4:58:3f:69:77:1f:ee:c9:25:b8:6c:7b:d8:99:3b:
f2:ff:93:8a:08:29:a9:23:86:5e:2e:d6:a0:95:48:07:a8:72:
d8:d8:d8:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1wHEV50W6DafryVFz48rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjUwMTAxMjE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWM2NTdiZTI3MzVmZmNmZTIyYmZlZjg1ZGFlMmY4YmRlMGNiZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksAGq8NuY7l0V6JdXqENdK4YLhsG
WfCuHgKfdSekE6zL1xsrf3nPVzF6VonbPWdyC0o9eLiRBkjmz8u5yunq/JKYSKmO
NcdK4JYzjE0zxi38gU2orCgeah4fnqsBTj5XI/kn2Rut0WG35uEy/25MzTI7thag
lL5GYv/xTH8tEKzzzgKCwioHGTTk/jqEo0PXEsNWn/HmhQWWMNPxwTwm4dKMuhUG
niafI8v8ceeyM36CCYpUkMBf6A8j37oEQLi73U0hcy4RU0roFOP6DCBVekMpVlwI
XbCQRCuNG2+bKHNRZGFfHfxLpIieNbsO5EDabsGV8/+1ittQYRixLK/OtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnGV74nNf/P4iv++F2uL4veDL8jMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvR2NaWHZpYzFfOF9pS183NFhhNHZpOTRNdnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1e6nMA0G
CSqGSIb3DQEBCwUAA4IBAQBEUuPwqaLweyE1DKChuJ+EcG9hOmE3S51I/wEQd6WN
SnmvbCuJDFfAbphSQ2LnkLm0eEXgXIN6ZPuon12gm2t72Yi5EQfBqcjqGWMp5Jh3
7QC5yyr29sj0WvjrlSeeUQI315mVd9vT28uv99mEs83zTmm8MMT+jtk8OUmiwA08
uZPKYPr/h/C5eKjgriajVPhnUB+rto9Pjrgn7DhS/1a/V53L94v9XGAG6V9afh+b
muyKK+pUbDj7UClwdR8wjH8WE3M8z47etbb0pZ7HB7IspBD7JudVJdEos7+0WD9p
dx/uySW4bHvYmTvy/5OKCCmpI4ZeLtaglUgHqHLY2Nij
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:34:12 2025 by rpki-client