Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GoTSRurimf7fjHIdkqV4sMRhQpo.roa
File: GoTSRurimf7fjHIdkqV4sMRhQpo.roa (raw, json)
Hash identifier: 4WBw60XoDDlKpzbMqrN6JDUxjaDY0jct19du6c3fkJM=
Subject key identifier: 1A:84:D2:46:EA:E2:99:FE:DF:8C:72:1D:92:A5:78:B0:C4:61:42:9A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDF53CF7D05A8817E202058D5822EB775
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GoTSRurimf7fjHIdkqV4sMRhQpo.roa
Signing time: Sun 25 Feb 2024 08:13:48 +0000
ROA not before: Sun 25 Feb 2024 08:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:df:53:cf:7d:05:a8:81:7e:20:20:58:d5:82:2e:b7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 08:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a84d246eae299fedf8c721d92a578b0c461429a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:48:1f:f9:10:25:40:b5:63:11:4c:b2:20:c6:
99:c7:5f:49:0e:3c:78:41:01:40:78:3a:52:2e:98:
30:8b:b3:c7:19:7b:21:dc:4e:ee:6b:c0:a8:94:ff:
82:e4:60:e6:e3:f2:18:da:05:c4:3e:36:4f:18:f0:
8e:f4:8b:8a:fb:24:9d:f4:a6:c6:68:37:39:20:92:
0e:85:78:6e:bc:92:42:00:34:28:e6:f0:fe:5d:aa:
02:0a:41:d6:1d:5b:4e:57:a2:48:17:48:57:3d:9f:
f3:9e:5a:d9:c1:66:ef:eb:1e:f7:84:d0:16:0a:36:
80:f5:05:5c:57:73:d0:56:88:3b:b3:d9:c7:12:04:
ea:ed:d3:86:65:1b:cc:aa:83:e2:cd:ea:59:f7:c4:
45:a3:2b:47:cb:bf:52:93:b1:97:c4:db:b9:bb:f3:
39:6d:69:ec:c5:06:dc:7d:5d:a9:96:59:9f:af:c1:
0d:98:b6:48:4c:99:be:65:43:86:ea:39:56:2d:94:
8c:d2:f0:59:4b:e3:6c:f4:b4:bd:dc:da:f3:98:8b:
b4:af:f2:e2:8b:94:ae:41:89:75:af:07:60:a1:fb:
8c:f8:0d:0c:25:b3:74:07:a5:88:54:83:dd:a4:79:
0f:a5:0d:87:8a:98:e8:9e:c3:23:96:b3:49:32:a0:
b0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:84:D2:46:EA:E2:99:FE:DF:8C:72:1D:92:A5:78:B0:C4:61:42:9A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GoTSRurimf7fjHIdkqV4sMRhQpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:be:e5:fd:45:bc:78:76:60:13:02:d1:7e:8a:fb:42:10:33:
92:a7:1f:46:4e:ca:64:9d:e4:fc:06:52:71:f7:f2:0d:58:c7:
32:ec:37:36:fe:6a:44:6a:18:63:5f:32:60:4b:16:26:50:81:
05:89:2d:88:e8:6a:60:48:14:25:17:34:69:98:e3:76:f7:36:
22:55:d4:87:5c:95:f6:56:80:d8:06:38:30:ab:6c:09:f8:1d:
16:9b:89:ce:df:61:ec:71:45:a1:04:ae:15:54:5c:24:b1:6f:
f0:2f:8f:6a:68:16:e2:8f:c5:0c:5f:be:eb:40:bf:46:d3:a7:
ca:90:55:ac:3f:c0:7f:dc:f0:bf:f0:3a:79:55:22:db:dc:50:
25:5a:c9:71:39:23:49:44:b5:47:ad:d3:36:fb:00:2c:1c:50:
b9:25:15:de:8a:20:62:ce:e5:c5:a6:cb:e7:54:92:dd:df:34:
7d:ce:7b:c4:7c:c7:a9:21:73:3c:d2:16:3d:b9:13:96:8d:ae:
5f:57:0d:b3:24:26:4b:e6:f1:30:5b:da:b4:e3:40:ed:33:d6:
4e:36:48:5e:67:52:f4:3d:5e:93:17:b8:34:b9:51:c2:04:79:
45:02:15:ae:b6:c5:b6:1d:e2:4d:76:8c:e0:cd:7f:c9:cb:cc:
8c:85:af:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3fU899BaiBfiAgWNWCLrd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDgxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg0ZDI0NmVhZTI5OWZlZGY4YzcyMWQ5MmE1NzhiMGM0NjE0MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0gf+RAlQLVjEUyyIMaZx19JDjx4
QQFAeDpSLpgwi7PHGXsh3E7ua8ColP+C5GDm4/IY2gXEPjZPGPCO9IuK+ySd9KbG
aDc5IJIOhXhuvJJCADQo5vD+XaoCCkHWHVtOV6JIF0hXPZ/znlrZwWbv6x73hNAW
CjaA9QVcV3PQVog7s9nHEgTq7dOGZRvMqoPizepZ98RFoytHy79Sk7GXxNu5u/M5
bWnsxQbcfV2pllmfr8ENmLZITJm+ZUOG6jlWLZSM0vBZS+Ns9LS93NrzmIu0r/Li
i5SuQYl1rwdgofuM+A0MJbN0B6WIVIPdpHkPpQ2HipjonsMjlrNJMqCwaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBqE0kbq4pn+34xyHZKleLDEYUKaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR29UU1J1cmltZjdmakhJZGtxVjRzTVJoUXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGi+5f1FvHh2YBMC0X6K
+0IQM5KnH0ZOymSd5PwGUnH38g1YxzLsNzb+akRqGGNfMmBLFiZQgQWJLYjoamBI
FCUXNGmY43b3NiJV1IdclfZWgNgGODCrbAn4HRabic7fYexxRaEErhVUXCSxb/Av
j2poFuKPxQxfvutAv0bTp8qQVaw/wH/c8L/wOnlVItvcUCVayXE5I0lEtUet0zb7
ACwcULklFd6KIGLO5cWmy+dUkt3fNH3Oe8R8x6khczzSFj25E5aNrl9XDbMkJkvm
8TBb2rTjQO0z1k42SF5nUvQ9XpMXuDS5UcIEeUUCFa62xbYd4k12jODNf8nLzIyF
rwE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:32:16 2025 by rpki-client