Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/GsgBqUerkRLRUcbs_Ls-LQF-79g.roa
File: GsgBqUerkRLRUcbs_Ls-LQF-79g.roa (raw, json)
Hash identifier: o+byKU/lMI3gKI/hl2xDgwzjDY3NcVCYFP3p/RabszM=
Subject key identifier: 1A:C8:01:A9:47:AB:91:12:D1:51:C6:EC:FC:BB:3E:2D:01:7E:EF:D8
Certificate issuer: /CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Certificate serial: 01941FFA12974FB404C648BF3A0A1F22260A
Authority key identifier: CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/GsgBqUerkRLRUcbs_Ls-LQF-79g.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9092
IP address blocks: 213.156.224.0/20 maxlen: 20
213.156.240.0/21 maxlen: 21
2a00:db0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:12:97:4f:b4:04:c6:48:bf:3a:0a:1f:22:26:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ac801a947ab9112d151c6ecfcbb3e2d017eefd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:b8:fc:84:fa:de:bd:3d:8b:44:60:87:38:
0f:2a:0b:6a:93:a8:f0:54:ca:60:bd:11:37:be:38:
80:b9:a2:8a:fe:6a:89:3d:ac:b9:c8:0d:e8:b1:d1:
83:0e:05:1a:9e:ed:4f:75:6e:51:3b:d1:ae:d9:b8:
a2:5d:09:82:93:3b:22:33:20:d5:f1:44:49:e3:23:
b1:d5:56:da:58:4a:3c:a0:f3:b3:cb:be:60:6b:0b:
8e:7a:38:42:e4:2c:b8:bb:38:7f:e8:db:2a:0f:10:
a5:a9:f1:51:dc:c8:20:d8:b9:5e:e6:ce:52:36:c3:
27:61:da:1b:d3:34:27:a4:cb:7a:1b:42:9f:22:77:
bd:8e:8f:3b:a6:2f:37:08:45:a3:9c:f2:16:50:4b:
4f:c7:eb:3a:d4:ca:c6:0d:7a:e6:b3:5c:b0:7a:5b:
0c:bb:c8:3d:0a:1f:a5:a0:bc:c6:4e:fd:44:2f:c4:
da:ce:1c:de:67:95:78:68:5a:fe:f8:ab:92:d6:c5:
e6:85:d6:21:5a:4d:b4:77:8c:7c:a7:94:dc:35:6f:
67:00:f1:51:84:98:74:aa:3a:9c:8f:03:54:4e:93:
ab:94:9d:6a:05:62:a2:15:22:1e:9a:60:61:10:49:
fa:37:ce:81:a1:e5:a2:41:71:50:64:de:3f:dc:2b:
6f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C8:01:A9:47:AB:91:12:D1:51:C6:EC:FC:BB:3E:2D:01:7E:EF:D8
X509v3 Authority Key Identifier:
keyid:CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/GsgBqUerkRLRUcbs_Ls-LQF-79g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.156.224.0-213.156.247.255
IPv6:
2a00:db0::/32
Signature Algorithm: sha256WithRSAEncryption
08:6c:50:ad:02:ab:48:ee:7a:98:ef:75:7b:2b:5d:85:15:be:
f2:8c:bd:4e:fa:3e:63:c8:8f:ee:bd:c6:65:44:65:f7:dd:61:
1e:14:7d:63:0f:8c:85:cd:61:22:9e:8a:b4:4d:62:f2:b1:6b:
1a:65:4f:64:f4:69:0b:9a:9d:99:cb:22:1d:0d:fd:6f:f5:d2:
aa:58:ef:05:56:92:fc:0a:9f:7b:0c:80:9d:c6:bd:b6:88:9b:
db:f8:b2:e4:6f:71:17:74:fc:74:5b:4a:85:c4:a5:bf:38:c0:
6a:d1:e4:8b:15:b0:06:be:00:51:30:2c:36:29:a3:06:4e:6d:
d3:cc:9b:7e:e6:4d:88:d4:92:07:67:b4:23:92:fc:12:d3:17:
34:ca:74:d6:05:c2:78:af:2c:c2:28:cb:ea:d5:73:79:3f:03:
ed:ab:93:1c:d0:fe:74:db:a8:c2:38:d9:91:af:7c:96:28:3b:
a7:c0:ff:e8:db:de:e2:a5:89:cd:a9:c9:5b:4e:30:91:44:11:
1c:0e:bf:c3:ed:59:32:30:30:67:ba:21:b6:b7:47:46:82:2b:
f3:14:8d:36:95:c4:9c:c3:e4:c5:ef:b1:4d:97:08:ad:18:23:
a1:6e:86:47:08:04:f3:9c:ea:47:54:ef:41:17:6c:fd:b3:09:
c5:49:18:8b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQf+hKXT7QExki/OgofIiYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzRiMTMzODdmYWIxZGNmOGI2N2YxNmEwYTQzNzYwODYw
MGM0YzIwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM4MDFhOTQ3YWI5MTEyZDE1MWM2ZWNmY2JiM2UyZDAxN2VlZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1C4/IT63r09i0RghzgPKgtqk6jw
VMpgvRE3vjiAuaKK/mqJPay5yA3osdGDDgUanu1PdW5RO9Gu2biiXQmCkzsiMyDV
8URJ4yOx1VbaWEo8oPOzy75gawuOejhC5Cy4uzh/6NsqDxClqfFR3Mgg2Lle5s5S
NsMnYdob0zQnpMt6G0KfIne9jo87pi83CEWjnPIWUEtPx+s61MrGDXrms1ywelsM
u8g9Ch+loLzGTv1EL8TazhzeZ5V4aFr++KuS1sXmhdYhWk20d4x8p5TcNW9nAPFR
hJh0qjqcjwNUTpOrlJ1qBWKiFSIemmBhEEn6N86BoeWiQXFQZN4/3CtvMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBrIAalHq5ES0VHG7Py7Pi0Bfu/YMB8GA1UdIwQY
MBaAFMo0sTOH+rHc+LZ/FqCkN2CGAMTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYt
MDQwNTIzNGFiM2YxLzEvR3NnQnFVZXJrUkxSVWNic19Mcy1MUUYtNzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYtMDQwNTIzNGFiM2Yx
LzEveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAXVnOAD
BAPVnPAwDQQCAAIwBwMFACoADbAwDQYJKoZIhvcNAQELBQADggEBAAhsUK0Cq0ju
epjvdXsrXYUVvvKMvU76PmPIj+69xmVEZffdYR4UfWMPjIXNYSKeirRNYvKxaxpl
T2T0aQuanZnLIh0N/W/10qpY7wVWkvwKn3sMgJ3GvbaIm9v4suRvcRd0/HRbSoXE
pb84wGrR5IsVsAa+AFEwLDYpowZObdPMm37mTYjUkgdntCOS/BLTFzTKdNYFwniv
LMIoy+rVc3k/A+2rkxzQ/nTbqMI42ZGvfJYoO6fA/+jb3uKlic2pyVtOMJFEERwO
v8PtWTIwMGe6Iba3R0aCK/MUjTaVxJzD5MXvsU2XCK0YI6FuhkcIBPOc6kdU70EX
bP2zCcVJGIs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:18:43 2025 by rpki-client