Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GnRSI5FbyNRvJhAIG3YlJzF2gzM.roa
File: GnRSI5FbyNRvJhAIG3YlJzF2gzM.roa (raw, json)
Hash identifier: ac+DfdhsehAxHbHFAr4+Q2rfcIZvUFqt2pQ8NxNjSkM=
Subject key identifier: 1A:74:52:23:91:5B:C8:D4:6F:26:10:08:1B:76:25:27:31:76:83:33
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCDECD0514DAD52677FBC1C01BEE5EB17
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GnRSI5FbyNRvJhAIG3YlJzF2gzM.roa
Signing time: Wed 03 Jan 2024 06:04:58 +0000
ROA not before: Wed 03 Jan 2024 06:04:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:cdec:646c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cd:ec:d0:51:4d:ad:52:67:7f:bc:1c:01:be:e5:eb:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 06:04:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a745223915bc8d46f2610081b76252731768333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ba:34:8d:b5:ce:55:94:c6:a9:fa:0a:cc:59:
01:74:c6:84:20:a0:2c:74:e4:28:d5:b1:7f:0c:4d:
18:5e:73:a8:e9:2b:db:48:7a:e3:2c:1a:c1:60:f8:
7d:92:cb:4f:11:cb:1f:cd:69:68:63:0f:e6:18:c0:
ff:1f:83:2f:0b:53:bc:c4:1f:fc:db:ff:22:59:98:
b2:90:9b:84:c2:e5:4f:c8:ba:c4:14:f0:3b:e6:60:
f9:05:87:51:a3:60:b0:a5:39:06:8d:b5:fe:e6:ae:
70:f2:34:05:25:88:c9:c5:24:4d:35:a4:94:6f:90:
8c:e8:a1:5d:2e:9a:8f:ad:26:5d:d6:e5:d0:09:cd:
80:7c:21:f0:9b:6c:99:01:42:94:b2:07:17:da:21:
e6:e8:18:2f:fa:d0:b5:4b:60:51:18:f1:50:83:98:
0a:09:72:e4:77:81:87:24:11:9a:cc:40:14:e1:6d:
9c:30:96:84:0e:3c:9f:24:1f:b1:7b:5b:4d:8b:b6:
c5:8b:ce:d2:f1:16:c4:37:aa:eb:d5:31:a2:cf:7f:
88:81:b9:36:bf:a2:d4:d7:80:a5:83:af:68:62:c8:
d4:39:06:0d:fb:4d:2a:b5:77:a8:0e:be:e9:aa:4f:
99:d1:c5:8e:a4:3e:a2:e7:27:41:34:63:75:c5:0a:
cd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:74:52:23:91:5B:C8:D4:6F:26:10:08:1B:76:25:27:31:76:83:33
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GnRSI5FbyNRvJhAIG3YlJzF2gzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:53:a5:8e:93:13:a2:5c:a1:6f:cb:8c:24:dd:8d:a4:68:f3:
75:b2:92:29:d0:9a:39:31:ea:63:d2:82:85:ec:13:e4:25:45:
49:3c:c5:4b:4f:f2:f3:2f:84:a2:2a:13:e7:88:a3:4a:a6:c3:
a5:be:56:db:dc:39:f7:04:d1:08:7c:63:66:e4:0f:e6:85:94:
b9:f1:1b:44:56:dd:db:07:38:60:0e:1d:c8:af:55:63:90:d5:
cf:f0:b0:6c:cb:13:79:13:06:d6:14:7f:ff:4d:fe:54:d7:1d:
24:a7:cd:31:57:b9:f9:dd:5d:18:5d:96:08:ac:31:77:bd:0d:
89:cf:c2:fd:37:ac:cc:59:1e:d9:7e:c7:1a:9c:2c:46:11:4c:
fe:dd:62:f2:c5:0c:f3:cc:01:74:bd:a9:f5:b4:bf:0b:51:75:
d0:7d:f8:b1:0c:76:2a:de:55:ae:85:49:74:8d:b4:7d:51:d6:
28:f4:00:99:e5:6e:18:9e:b7:b8:f0:e9:f1:7b:5c:40:52:09:
dd:12:d7:bc:fd:af:ca:34:9e:ab:59:97:23:07:f3:b4:41:85:
6f:86:eb:f9:a0:35:2a:4d:2d:9c:bb:03:f8:6f:51:b1:f0:0b:
6a:1e:e7:ba:29:11:ba:bc:c9:4b:22:63:45:60:34:40:18:d7:
fd:e5:dd:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzN7NBRTa1SZ3+8HAG+5esXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMDYwNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTc0NTIyMzkxNWJjOGQ0NmYyNjEwMDgxYjc2MjUyNzMxNzY4MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbo0jbXOVZTGqfoKzFkBdMaEIKAs
dOQo1bF/DE0YXnOo6SvbSHrjLBrBYPh9kstPEcsfzWloYw/mGMD/H4MvC1O8xB/8
2/8iWZiykJuEwuVPyLrEFPA75mD5BYdRo2CwpTkGjbX+5q5w8jQFJYjJxSRNNaSU
b5CM6KFdLpqPrSZd1uXQCc2AfCHwm2yZAUKUsgcX2iHm6Bgv+tC1S2BRGPFQg5gK
CXLkd4GHJBGazEAU4W2cMJaEDjyfJB+xe1tNi7bFi87S8RbEN6rr1TGiz3+Igbk2
v6LU14Clg69oYsjUOQYN+00qtXeoDr7pqk+Z0cWOpD6i5ydBNGN1xQrNWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBp0UiORW8jUbyYQCBt2JScxdoMzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR25SU0k1RmJ5TlJ2SmhBSUczWWxKekYyZ3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD9TpY6TE6JcoW/LjCTd
jaRo83WykinQmjkx6mPSgoXsE+QlRUk8xUtP8vMvhKIqE+eIo0qmw6W+VtvcOfcE
0Qh8Y2bkD+aFlLnxG0RW3dsHOGAOHcivVWOQ1c/wsGzLE3kTBtYUf/9N/lTXHSSn
zTFXufndXRhdlgisMXe9DYnPwv03rMxZHtl+xxqcLEYRTP7dYvLFDPPMAXS9qfW0
vwtRddB9+LEMdireVa6FSXSNtH1R1ij0AJnlbhiet7jw6fF7XEBSCd0S17z9r8o0
nqtZlyMH87RBhW+G6/mgNSpNLZy7A/hvUbHwC2oe57opEbq8yUsiY0VgNEAY1/3l
3SU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:33 2025 by rpki-client