Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GUQbRiDB-rDFpWexMRfibabROoI.roa
File: GUQbRiDB-rDFpWexMRfibabROoI.roa (raw, json)
Hash identifier: hBvXeeGEhlm6UJrJ9DGMiLIoH1yG+SuZfAzgTe1QcRg=
Subject key identifier: 19:44:1B:46:20:C1:FA:B0:C5:A5:67:B1:31:17:E2:6D:A6:D1:3A:82
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E71D9D526F1C8F7B914B0DEF9EB6EBEA8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GUQbRiDB-rDFpWexMRfibabROoI.roa
Signing time: Sun 24 Mar 2024 19:04:45 +0000
ROA not before: Sun 24 Mar 2024 19:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:71d9:8a0a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:71:d9:d5:26:f1:c8:f7:b9:14:b0:de:f9:eb:6e:be:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 19:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19441b4620c1fab0c5a567b13117e26da6d13a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:2a:ec:75:65:9b:63:42:51:04:97:ed:10:
25:01:5a:d4:f4:a8:bc:74:c2:c3:a5:77:a6:e6:1d:
33:98:ef:89:5f:cc:52:86:9e:76:a9:79:99:81:90:
b5:53:26:5f:09:da:48:b7:48:c9:93:ca:dd:b9:f6:
81:ea:01:15:89:54:8e:38:a5:d9:7e:70:0d:7f:1f:
90:f2:46:6c:bc:c1:4b:12:c0:6d:74:78:02:20:9f:
55:e1:06:ed:d4:81:f5:dc:8d:39:e7:f0:99:fc:d7:
82:76:23:92:1a:12:0e:bb:e4:5e:c7:f4:3d:2e:31:
df:49:a1:d3:64:95:36:d7:53:b9:86:10:83:9e:ed:
fa:25:aa:67:8c:51:e0:c1:30:53:d5:7a:76:67:55:
76:13:a3:db:95:e9:cf:19:32:13:fb:92:13:18:e1:
c8:65:97:90:f6:07:52:c8:24:df:43:cc:97:6c:d9:
c0:1f:55:5b:6b:a2:75:b2:d1:cf:12:4d:10:1a:f0:
0d:53:25:9e:30:2e:bd:db:94:da:ea:ea:02:4c:d0:
2d:25:55:f7:f2:bf:4b:98:5d:f7:59:11:d3:e3:7b:
15:22:5a:5b:da:27:6a:6a:40:02:fa:13:af:2f:f0:
00:b8:1f:8c:d6:f9:0d:0e:4a:c6:a7:e1:25:12:70:
82:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:44:1B:46:20:C1:FA:B0:C5:A5:67:B1:31:17:E2:6D:A6:D1:3A:82
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GUQbRiDB-rDFpWexMRfibabROoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:dd:e1:20:ed:e5:4e:0d:fc:73:85:23:05:61:40:28:c5:0e:
a2:e8:24:13:98:31:82:73:4e:a5:43:cd:b7:d6:2d:76:2c:65:
0a:89:2c:09:cc:15:68:2a:98:5f:f8:54:b3:0a:35:ab:b3:9f:
ee:d4:5e:1f:ae:58:1c:42:20:fe:55:91:88:b8:d1:84:85:e2:
e2:e0:53:39:65:a2:5c:d0:9e:ef:e1:88:b0:9a:ef:28:c1:f1:
8f:b9:43:03:96:6b:2c:17:26:96:db:96:5d:d0:82:86:f6:91:
78:21:3a:ff:4f:28:9f:c3:21:2c:8a:68:58:be:6c:3e:08:3e:
a8:37:c7:ab:cd:4b:44:07:a2:7c:85:8c:27:4f:17:8b:e6:c5:
ee:40:52:d3:d2:ac:7d:a9:d9:d7:ac:81:af:c2:ba:d2:9d:c1:
da:1d:27:95:ed:91:17:14:73:1c:c7:32:2e:63:59:70:16:a6:
eb:a0:79:07:44:42:5f:94:2c:48:28:77:24:de:5c:5a:68:bd:
d2:83:e4:08:b0:4a:dd:68:79:b4:51:a1:9c:db:c5:a0:01:4d:
ba:e9:b0:22:7f:bf:50:07:94:29:03:33:54:d6:ad:dd:35:cb:
e3:10:f2:61:98:d7:6e:95:b9:4b:7f:e8:9a:8b:89:f0:e9:eb:
90:9a:3b:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5x2dUm8cj3uRSw3vnrbr6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MTkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQ0MWI0NjIwYzFmYWIwYzVhNTY3YjEzMTE3ZTI2ZGE2ZDEzYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKUq7HVlm2NCUQSX7RAlAVrU9Ki8
dMLDpXem5h0zmO+JX8xShp52qXmZgZC1UyZfCdpIt0jJk8rdufaB6gEViVSOOKXZ
fnANfx+Q8kZsvMFLEsBtdHgCIJ9V4Qbt1IH13I055/CZ/NeCdiOSGhIOu+Rex/Q9
LjHfSaHTZJU211O5hhCDnu36JapnjFHgwTBT1Xp2Z1V2E6PblenPGTIT+5ITGOHI
ZZeQ9gdSyCTfQ8yXbNnAH1Vba6J1stHPEk0QGvANUyWeMC6925Ta6uoCTNAtJVX3
8r9LmF33WRHT43sVIlpb2idqakAC+hOvL/AAuB+M1vkNDkrGp+ElEnCCpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBlEG0YgwfqwxaVnsTEX4m2m0TqCMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR1VRYlJpREItckRGcFdleE1SZmliYWJST29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPd4SDt5U4N/HOFIwVh
QCjFDqLoJBOYMYJzTqVDzbfWLXYsZQqJLAnMFWgqmF/4VLMKNauzn+7UXh+uWBxC
IP5VkYi40YSF4uLgUzllolzQnu/hiLCa7yjB8Y+5QwOWaywXJpbbll3Qgob2kXgh
Ov9PKJ/DISyKaFi+bD4IPqg3x6vNS0QHonyFjCdPF4vmxe5AUtPSrH2p2desga/C
utKdwdodJ5XtkRcUcxzHMi5jWXAWpuugeQdEQl+ULEgodyTeXFpovdKD5AiwSt1o
ebRRoZzbxaABTbrpsCJ/v1AHlCkDM1TWrd01y+MQ8mGY126VuUt/6JqLifDp65Ca
O5A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:46 2025 by rpki-client