Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5GBPsGiopmqN7oglomdq7QbZZl0.roa
File: 5GBPsGiopmqN7oglomdq7QbZZl0.roa (raw, json)
Hash identifier: 14ai0OFoGYQI0JelyP5pkWW5M2Uatlehjh1LFcNaMK4=
Subject key identifier: E4:60:4F:B0:68:A8:A6:6A:8D:EE:88:25:A2:67:6A:ED:06:D9:66:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0C2E8E978A846CE3807B7039042F390C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5GBPsGiopmqN7oglomdq7QbZZl0.roa
Signing time: Tue 05 Mar 2024 01:16:01 +0000
ROA not before: Tue 05 Mar 2024 01:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0c:2e:8e:97:8a:84:6c:e3:80:7b:70:39:04:2f:39:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 01:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4604fb068a8a66a8dee8825a2676aed06d9665d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d5:a0:65:34:9f:d0:37:e3:9d:56:df:2f:31:
54:04:35:fe:a0:2a:3e:b4:78:34:b2:30:ff:40:58:
3f:37:c2:65:83:b3:70:ec:27:f7:53:b7:16:c1:6f:
d6:bb:60:29:54:ca:d1:f9:5a:64:14:ad:2d:94:f9:
23:bd:7c:ad:86:6d:d7:6e:65:7d:d9:91:e7:cc:0c:
70:c6:40:70:b9:8c:9e:6a:7f:cb:6a:cd:36:79:00:
46:68:c4:ff:c1:f5:46:42:59:e5:2b:60:b3:ce:3b:
9e:e4:ba:2a:f4:59:5f:46:a8:01:71:0d:b0:53:5e:
52:fd:b5:4d:7d:7d:fc:32:a5:cb:67:04:35:34:8a:
f0:e8:a5:ea:9e:66:82:08:e9:c4:10:7d:77:09:96:
7f:e4:f9:dc:3f:2d:fd:df:ad:7c:2f:a0:ec:30:17:
a5:ad:43:6b:fe:3e:d8:10:e4:ac:ea:ed:d9:0a:80:
ba:74:a3:43:cb:63:ae:0b:12:a9:70:b3:b7:21:12:
89:f9:3d:f0:9b:bd:45:d2:0d:1e:45:59:54:9c:d3:
e7:75:0c:2c:87:c6:4a:f9:67:29:43:a8:7a:6c:dc:
34:ad:01:ae:78:84:1e:04:4c:63:cb:4a:6d:b2:26:
c4:fc:68:7b:4d:f4:75:22:cf:fc:49:19:bc:9f:e1:
ef:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:60:4F:B0:68:A8:A6:6A:8D:EE:88:25:A2:67:6A:ED:06:D9:66:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5GBPsGiopmqN7oglomdq7QbZZl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:38:85:f2:4e:36:9b:c2:ff:81:06:88:65:2a:f8:df:5d:26:
77:9b:bf:c1:50:6d:9a:46:b1:af:6e:ee:f1:a5:b3:48:7a:f7:
53:1a:a5:74:b3:e7:8a:53:81:53:ec:3a:6b:cb:2a:7b:bf:c7:
de:68:43:bc:17:f6:79:6b:0e:29:19:9a:9c:aa:dc:47:57:3a:
0b:cb:ca:4d:39:af:0b:90:2c:39:9f:66:79:b2:35:9e:6c:73:
88:29:94:c5:59:20:1e:d5:81:c7:7f:6a:a6:51:18:61:09:99:
c3:45:06:df:52:b8:23:66:bc:bd:ca:7e:7e:7e:10:e9:2b:4e:
56:69:29:ca:6d:c1:01:c8:9f:a9:fa:83:2a:e0:8c:d0:a1:b3:
8a:07:f5:6b:c2:55:b1:c7:97:81:fa:3a:cb:da:cd:54:7b:e5:
68:41:82:0c:bc:ed:79:0b:69:c3:68:db:89:ec:c0:1e:db:1e:
d0:fb:27:0d:0f:74:ce:7e:13:57:2e:c6:6b:d2:7d:d6:d9:03:
82:ad:6d:ef:d9:1a:8a:97:94:c8:fc:75:76:1f:d4:05:66:db:
1c:39:95:72:a4:d9:a5:0c:fd:e1:6c:61:48:0d:1a:10:a1:39:
e6:aa:83:0c:3d:68:79:6b:19:24:e0:0a:1c:19:53:62:52:37:
3a:25:24:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4MLo6XioRs44B7cDkELzkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MDExNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDYwNGZiMDY4YThhNjZhOGRlZTg4MjVhMjY3NmFlZDA2ZDk2NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9WgZTSf0DfjnVbfLzFUBDX+oCo+
tHg0sjD/QFg/N8Jlg7Nw7Cf3U7cWwW/Wu2ApVMrR+VpkFK0tlPkjvXythm3XbmV9
2ZHnzAxwxkBwuYyean/Las02eQBGaMT/wfVGQlnlK2Czzjue5Loq9FlfRqgBcQ2w
U15S/bVNfX38MqXLZwQ1NIrw6KXqnmaCCOnEEH13CZZ/5PncPy393618L6DsMBel
rUNr/j7YEOSs6u3ZCoC6dKNDy2OuCxKpcLO3IRKJ+T3wm71F0g0eRVlUnNPndQws
h8ZK+WcpQ6h6bNw0rQGueIQeBExjy0ptsibE/Gh7TfR1Is/8SRm8n+HvMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFORgT7BoqKZqje6IJaJnau0G2WZdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNUdCUHNHaW9wbXFON29nbG9tZHE3UWJaWmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGc4hfJONpvC/4EGiGUq
+N9dJnebv8FQbZpGsa9u7vGls0h691MapXSz54pTgVPsOmvLKnu/x95oQ7wX9nlr
DikZmpyq3EdXOgvLyk05rwuQLDmfZnmyNZ5sc4gplMVZIB7Vgcd/aqZRGGEJmcNF
Bt9SuCNmvL3Kfn5+EOkrTlZpKcptwQHIn6n6gyrgjNChs4oH9WvCVbHHl4H6Osva
zVR75WhBggy87XkLacNo24nswB7bHtD7Jw0PdM5+E1cuxmvSfdbZA4Ktbe/ZGoqX
lMj8dXYf1AVm2xw5lXKk2aUM/eFsYUgNGhChOeaqgww9aHlrGSTgChwZU2JSNzol
JGA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:58 2025 by rpki-client