Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GNy_8tkvxIgOTp7cJi6wa29FEnA.roa
File: GNy_8tkvxIgOTp7cJi6wa29FEnA.roa (raw, json)
Hash identifier: UPNEm9wwPOH+AOYNYaK1qKvik9+cXSOrZ19L9xhyvCk=
Subject key identifier: 18:DC:BF:F2:D9:2F:C4:88:0E:4E:9E:DC:26:2E:B0:6B:6F:45:12:70
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E73C839003F6489A985FD67A55E1B1468
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GNy_8tkvxIgOTp7cJi6wa29FEnA.roa
Signing time: Mon 25 Mar 2024 04:04:45 +0000
ROA not before: Mon 25 Mar 2024 04:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:73c7:b1e7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:73:c8:39:00:3f:64:89:a9:85:fd:67:a5:5e:1b:14:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 25 04:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18dcbff2d92fc4880e4e9edc262eb06b6f451270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:5f:16:dd:1a:f6:a8:b3:bb:72:05:26:fa:
ac:4e:1f:19:79:35:d5:08:08:b4:15:01:4e:f3:71:
3e:a0:aa:5b:c8:94:a9:18:1a:92:21:cd:80:be:2c:
0a:4b:89:23:91:cb:e6:36:1c:c5:1f:92:0e:11:3e:
62:b9:a5:a9:90:ac:10:2c:f4:4b:fe:7a:ed:85:ce:
78:90:36:d0:9c:c0:1a:6e:76:9f:25:2a:e1:1e:93:
a6:e3:34:e9:f7:1e:fb:4e:e1:4b:a2:ec:f9:67:98:
64:9d:ab:e3:65:db:b3:fa:ff:56:d3:95:fc:b8:3e:
5f:01:a5:9c:c1:8c:17:ad:be:73:9b:ff:08:de:50:
2d:1c:47:2b:b9:f1:63:be:e5:e7:cd:f3:a3:1d:cc:
17:fe:a8:b4:92:c6:3b:02:75:8f:97:c7:99:ac:f6:
d2:93:bc:ed:9b:b5:08:b5:94:fe:8c:6c:67:89:47:
d9:33:12:c2:ac:04:fc:51:18:5d:e3:3d:8c:8b:41:
91:03:b7:e3:29:41:39:8d:5b:f1:e2:62:d7:10:af:
ac:68:54:4f:e1:8d:56:9a:4e:fd:e6:cb:29:69:58:
ab:62:f5:16:bc:0a:b5:7c:7e:a8:98:d7:06:48:12:
fb:44:bf:d3:f0:8c:45:88:4e:16:9d:62:c7:7b:b8:
73:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DC:BF:F2:D9:2F:C4:88:0E:4E:9E:DC:26:2E:B0:6B:6F:45:12:70
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GNy_8tkvxIgOTp7cJi6wa29FEnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:35:99:9b:1f:6e:ce:4b:9d:d6:81:77:30:81:d5:22:ed:53:
f6:e7:78:0f:c6:17:c0:45:80:76:42:d9:81:20:77:c7:0e:0c:
73:e0:99:31:ba:a6:cd:48:73:d8:23:c9:b2:17:8f:2e:ae:73:
50:ad:f5:01:5b:fc:ca:0e:7f:8c:60:80:7b:1b:b6:58:8b:7e:
2d:08:ed:5a:4d:46:1e:11:fc:93:74:6a:cf:9b:3f:2d:5f:02:
7f:86:0a:17:01:7b:4c:8f:4a:23:d0:ef:ca:10:40:c3:ef:74:
80:15:ff:58:77:39:4d:12:7d:38:5a:45:37:37:2c:55:5d:a2:
81:1d:8f:e5:a7:2d:56:9e:19:a5:10:41:27:4f:54:0b:b0:b8:
d5:d6:b8:32:4d:bd:7d:0f:26:06:78:ba:3b:45:5d:9c:5d:e1:
0c:be:a2:aa:aa:46:1b:23:47:14:0f:67:7f:16:53:f8:25:f4:
ac:e7:b1:45:44:dc:4e:79:5b:c7:fa:5d:0a:bd:53:6e:2e:bb:
fc:13:4a:d2:bf:75:e9:b3:50:d9:a9:c9:31:fb:4f:b0:dd:b7:
8d:da:1f:1e:a0:51:3f:f5:28:2c:1f:35:a9:d2:2e:1a:6b:23:
1e:cb:ac:4a:e3:a0:4a:df:c4:26:31:30:6b:1c:e9:a6:a8:e2:
33:38:9b:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5zyDkAP2SJqYX9Z6VeGxRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI1MDQwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRjYmZmMmQ5MmZjNDg4MGU0ZTllZGMyNjJlYjA2YjZmNDUxMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL1fFt0a9qizu3IFJvqsTh8ZeTXV
CAi0FQFO83E+oKpbyJSpGBqSIc2AviwKS4kjkcvmNhzFH5IOET5iuaWpkKwQLPRL
/nrthc54kDbQnMAabnafJSrhHpOm4zTp9x77TuFLouz5Z5hknavjZduz+v9W05X8
uD5fAaWcwYwXrb5zm/8I3lAtHEcrufFjvuXnzfOjHcwX/qi0ksY7AnWPl8eZrPbS
k7ztm7UItZT+jGxniUfZMxLCrAT8URhd4z2Mi0GRA7fjKUE5jVvx4mLXEK+saFRP
4Y1Wmk795sspaVirYvUWvAq1fH6omNcGSBL7RL/T8IxFiE4WnWLHe7hzVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBjcv/LZL8SIDk6e3CYusGtvRRJwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR055Xzh0a3Z4SWdPVHA3Y0ppNndhMjlGRW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJo1mZsfbs5LndaBdzCB
1SLtU/bneA/GF8BFgHZC2YEgd8cODHPgmTG6ps1Ic9gjybIXjy6uc1Ct9QFb/MoO
f4xggHsbtliLfi0I7VpNRh4R/JN0as+bPy1fAn+GChcBe0yPSiPQ78oQQMPvdIAV
/1h3OU0SfThaRTc3LFVdooEdj+WnLVaeGaUQQSdPVAuwuNXWuDJNvX0PJgZ4ujtF
XZxd4Qy+oqqqRhsjRxQPZ38WU/gl9KznsUVE3E55W8f6XQq9U24uu/wTStK/demz
UNmpyTH7T7Ddt43aHx6gUT/1KCwfNanSLhprIx7LrErjoErfxCYxMGsc6aao4jM4
m3w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:51 2025 by rpki-client