Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GPwxoStRdD3kqEFbGSqogLNZU-A.roa
File: GPwxoStRdD3kqEFbGSqogLNZU-A.roa (raw, json)
Hash identifier: lAP10kOGbAhkl9lKWYVCZRpVLgfgEUarRocUKBEW5LA=
Subject key identifier: 18:FC:31:A1:2B:51:74:3D:E4:A8:41:5B:19:2A:A8:80:B3:59:53:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2ADDEA802A50358A973E329912849FCD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GPwxoStRdD3kqEFbGSqogLNZU-A.roa
Signing time: Mon 11 Mar 2024 00:16:10 +0000
ROA not before: Mon 11 Mar 2024 00:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2a:dd:ea:80:2a:50:35:8a:97:3e:32:99:12:84:9f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 00:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18fc31a12b51743de4a8415b192aa880b35953e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:10:ac:7e:6a:f6:b8:69:47:97:3e:e4:4a:54:
e0:17:d3:b9:96:b4:ed:29:d3:35:14:cd:2b:67:b7:
be:40:5d:92:9a:9e:36:e1:d1:c6:34:a5:39:6e:4f:
85:2e:5c:a2:30:ff:f9:4c:85:cf:0a:7d:ee:cd:18:
66:54:46:80:e9:3b:76:4d:f0:ad:f5:ce:5e:c9:55:
c5:8f:99:2b:12:7f:b6:3e:15:bf:da:41:9d:c8:83:
d7:5c:a2:39:54:10:2a:cc:d5:8e:82:d3:ab:88:e5:
73:86:b2:f3:1b:d4:ab:9f:93:9d:9b:a2:70:b6:60:
1c:3e:8c:fc:3d:76:6e:0f:23:3c:09:00:fd:e6:51:
cd:ee:e7:da:19:54:4d:7b:64:07:fb:1e:e6:b0:d7:
30:e9:ed:b7:30:7b:db:ae:43:3b:c6:e8:17:44:82:
67:23:1d:15:fb:14:07:cc:b4:9a:da:15:5a:37:a1:
40:f7:a6:b9:9a:53:fd:0b:a5:6c:21:f5:f9:28:9c:
94:03:49:cb:16:36:19:86:25:53:c2:f1:9b:e3:36:
9c:47:77:f9:a5:cc:5d:ef:1b:02:66:56:2a:31:aa:
bc:ae:ab:d5:e3:d3:54:46:48:f1:6c:ca:10:87:f0:
b3:50:d3:7e:c5:45:02:d9:d2:0e:ed:03:55:7e:bb:
82:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FC:31:A1:2B:51:74:3D:E4:A8:41:5B:19:2A:A8:80:B3:59:53:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GPwxoStRdD3kqEFbGSqogLNZU-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:fd:2a:1b:ec:12:83:f7:31:15:c8:a2:91:f0:5a:dd:34:48:
9e:7d:97:41:64:67:65:3f:80:25:6f:d2:5e:9f:b1:a5:1d:d9:
1b:ce:79:17:99:49:09:91:f5:90:5e:12:c5:9d:2e:92:41:a5:
3f:e0:95:c6:4e:19:1d:b4:5d:d6:1b:c5:32:f3:ba:80:ba:63:
63:a2:4e:e5:ac:c7:c8:08:27:10:92:ab:ef:d7:9a:f7:d5:c7:
af:76:00:89:c1:01:6c:e5:79:87:7a:a8:e9:e3:86:a7:b0:a6:
90:f1:98:8f:f2:cd:23:46:f5:31:5e:85:cb:ca:f2:68:26:7f:
88:62:2d:d6:e1:4d:f2:2e:4f:0f:2f:8a:b4:77:fc:7f:1b:4c:
83:94:2c:b5:46:a1:0e:7a:a2:55:3a:2b:3e:a8:45:d9:6a:be:
33:f7:8b:ad:37:16:c1:bf:62:81:04:75:c2:ea:87:40:ef:2d:
06:9e:04:63:ec:a1:4d:94:4e:3e:49:5e:cc:0b:32:f6:d9:de:
e1:c2:16:a9:20:37:3e:c0:cb:e2:e6:c8:74:17:c5:5f:e2:8d:
d8:8a:cf:e1:75:85:f4:ec:8b:16:0d:d3:7d:21:ec:cc:e1:75:
4a:fc:7b:44:3a:70:4f:24:f1:61:2c:ac:06:b6:37:c4:21:f5:
78:a7:05:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4q3eqAKlA1ipc+MpkShJ/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMDAxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGZjMzFhMTJiNTE3NDNkZTRhODQxNWIxOTJhYTg4MGIzNTk1M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRCsfmr2uGlHlz7kSlTgF9O5lrTt
KdM1FM0rZ7e+QF2Smp424dHGNKU5bk+FLlyiMP/5TIXPCn3uzRhmVEaA6Tt2TfCt
9c5eyVXFj5krEn+2PhW/2kGdyIPXXKI5VBAqzNWOgtOriOVzhrLzG9Srn5Odm6Jw
tmAcPoz8PXZuDyM8CQD95lHN7ufaGVRNe2QH+x7msNcw6e23MHvbrkM7xugXRIJn
Ix0V+xQHzLSa2hVaN6FA96a5mlP9C6VsIfX5KJyUA0nLFjYZhiVTwvGb4zacR3f5
pcxd7xsCZlYqMaq8rqvV49NURkjxbMoQh/CzUNN+xUUC2dIO7QNVfruCYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBj8MaErUXQ95KhBWxkqqICzWVPgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR1B3eG9TdFJkRDNrcUVGYkdTcW9nTE5aVS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAH9KhvsEoP3MRXIopHw
Wt00SJ59l0FkZ2U/gCVv0l6fsaUd2RvOeReZSQmR9ZBeEsWdLpJBpT/glcZOGR20
XdYbxTLzuoC6Y2OiTuWsx8gIJxCSq+/XmvfVx692AInBAWzleYd6qOnjhqewppDx
mI/yzSNG9TFehcvK8mgmf4hiLdbhTfIuTw8virR3/H8bTIOULLVGoQ56olU6Kz6o
RdlqvjP3i603FsG/YoEEdcLqh0DvLQaeBGPsoU2UTj5JXswLMvbZ3uHCFqkgNz7A
y+LmyHQXxV/ijdiKz+F1hfTsixYN030h7MzhdUr8e0Q6cE8k8WEsrAa2N8Qh9Xin
BQY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:27 2025 by rpki-client