Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gd9ek5sPh8lWNR2GJ5omRzIEeN8.roa
File: Gd9ek5sPh8lWNR2GJ5omRzIEeN8.roa (raw, json)
Hash identifier: N9QG5PIgqzmioUuukPYXW77kbVH7P5veSYC1re73TCI=
Subject key identifier: 19:DF:5E:93:9B:0F:87:C9:56:35:1D:86:27:9A:26:47:32:04:78:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBEEE01D2DA089B15E0566E2943038E79
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gd9ek5sPh8lWNR2GJ5omRzIEeN8.roa
Signing time: Sun 31 Dec 2023 08:11:58 +0000
ROA not before: Sun 31 Dec 2023 08:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:ee:01:d2:da:08:9b:15:e0:56:6e:29:43:03:8e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 08:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19df5e939b0f87c956351d86279a2647320478df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:60:4e:bb:52:b1:ed:1c:25:9c:e4:bf:d2:34:
86:54:82:be:b4:9a:4e:ec:5a:6b:52:32:4d:6c:13:
db:f5:6f:68:c5:0c:39:8f:ee:a3:96:6b:df:eb:e9:
aa:40:da:40:48:eb:83:9f:f5:45:83:33:d3:5d:3f:
db:2a:38:c7:80:4a:39:f3:aa:03:c2:e1:9c:b5:be:
aa:ca:48:87:02:16:09:58:b2:0e:e4:64:bd:5a:3a:
69:69:4f:9c:f3:cc:1a:27:be:91:77:ab:80:ee:a6:
ec:f6:02:2f:bb:6f:d1:c0:82:d6:be:79:7a:4c:0b:
75:1e:88:62:31:b6:5c:8b:4d:af:5c:13:08:ae:23:
cd:0a:d2:4b:44:41:23:0a:12:b8:46:22:33:7b:82:
29:69:e1:74:48:22:61:8c:c4:cc:77:80:ca:48:26:
83:64:40:32:50:c1:10:df:7d:74:53:41:1b:cf:7b:
f0:29:f2:20:c0:fc:94:3d:65:b3:f6:0c:f6:7d:0a:
aa:13:8c:82:1e:6b:c5:c6:6f:26:89:ec:2f:22:e3:
f6:4c:05:e3:93:4f:87:07:5e:58:23:21:36:3e:3a:
75:4d:62:58:c0:94:06:63:13:ad:14:3b:63:e3:ee:
e9:8a:f6:3d:02:ec:6f:72:ba:95:e4:87:5d:20:c6:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:DF:5E:93:9B:0F:87:C9:56:35:1D:86:27:9A:26:47:32:04:78:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gd9ek5sPh8lWNR2GJ5omRzIEeN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:b6:61:e9:a0:ed:8a:36:f1:b5:bb:22:1d:6d:50:81:2b:33:
93:74:56:6f:58:4e:2d:c6:cb:41:7b:49:89:6f:45:1e:4b:28:
a6:0a:d7:2d:9e:88:d8:b3:74:ff:67:a5:c9:d1:91:54:14:22:
c4:e1:b3:44:ed:a2:62:6c:52:61:01:8e:75:c5:41:21:19:2b:
ec:3f:7e:3c:fc:dd:14:10:46:f9:b7:2c:88:2e:7a:ce:e5:a4:
01:e6:6c:84:97:ac:50:ac:ff:5c:ec:54:65:1e:bb:88:be:4b:
af:56:3a:ff:8d:3b:e4:fa:11:dc:5c:b4:a7:c3:d5:cf:f7:57:
db:41:2d:1e:70:6d:3c:66:4c:2d:d3:e9:0f:c8:e4:2f:14:fb:
91:6c:c5:15:e2:bc:c6:39:d7:fa:62:1a:be:95:a7:02:e5:3a:
5d:a3:25:98:7c:f6:6f:31:2f:a0:a5:cc:aa:30:a1:d3:60:1d:
5d:8c:d0:b5:76:c4:7e:f5:28:9a:41:19:2f:0e:f3:4a:30:21:
23:8e:3d:16:29:58:4f:ef:1d:f7:98:df:cc:98:bc:7d:29:e8:
df:e9:0b:44:7f:a6:a2:ea:07:54:67:cd:ad:c6:9b:4f:b8:68:
89:3f:44:9a:ff:d0:98:5a:ea:e7:bc:50:b1:90:93:08:3f:b0:
46:a3:8f:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy+7gHS2gibFeBWbilDA455MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMDgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWRmNWU5MzliMGY4N2M5NTYzNTFkODYyNzlhMjY0NzMyMDQ3OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWBOu1Kx7RwlnOS/0jSGVIK+tJpO
7FprUjJNbBPb9W9oxQw5j+6jlmvf6+mqQNpASOuDn/VFgzPTXT/bKjjHgEo586oD
wuGctb6qykiHAhYJWLIO5GS9WjppaU+c88waJ76Rd6uA7qbs9gIvu2/RwILWvnl6
TAt1HohiMbZci02vXBMIriPNCtJLREEjChK4RiIze4IpaeF0SCJhjMTMd4DKSCaD
ZEAyUMEQ3310U0Ebz3vwKfIgwPyUPWWz9gz2fQqqE4yCHmvFxm8miewvIuP2TAXj
k0+HB15YIyE2Pjp1TWJYwJQGYxOtFDtj4+7pivY9AuxvcrqV5IddIMZEGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBnfXpObD4fJVjUdhieaJkcyBHjfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR2Q5ZWs1c1BoOGxXTlIyR0o1b21SeklFZU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG+2Yemg7Yo28bW7Ih1t
UIErM5N0Vm9YTi3Gy0F7SYlvRR5LKKYK1y2eiNizdP9npcnRkVQUIsThs0TtomJs
UmEBjnXFQSEZK+w/fjz83RQQRvm3LIgues7lpAHmbISXrFCs/1zsVGUeu4i+S69W
Ov+NO+T6EdxctKfD1c/3V9tBLR5wbTxmTC3T6Q/I5C8U+5FsxRXivMY51/piGr6V
pwLlOl2jJZh89m8xL6ClzKowodNgHV2M0LV2xH71KJpBGS8O80owISOOPRYpWE/v
HfeY38yYvH0p6N/pC0R/pqLqB1Rnza3Gm0+4aIk/RJr/0Jha6ue8ULGQkwg/sEaj
j2E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org