Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GpH2PzlzJRsNL3FoQRGDX3WQAoQ.roa
File: GpH2PzlzJRsNL3FoQRGDX3WQAoQ.roa (raw, json)
Hash identifier: 1bT7gRZIOdUiXMXHxzu2R0x43xtJpFXNEO4F/dnExww=
Subject key identifier: 1A:91:F6:3F:39:73:25:1B:0D:2F:71:68:41:11:83:5F:75:90:02:84
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D15D5DE80B223F5B1BEB0FAA7ACBF7091
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GpH2PzlzJRsNL3FoQRGDX3WQAoQ.roa
Signing time: Wed 17 Jan 2024 05:12:33 +0000
ROA not before: Wed 17 Jan 2024 05:12:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:15:d5:de:80:b2:23:f5:b1:be:b0:fa:a7:ac:bf:70:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 17 05:12:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a91f63f3973251b0d2f71684111835f75900284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e1:ea:6f:b3:ea:1b:21:1e:44:22:ce:f2:54:
74:13:37:89:e2:1b:b9:cb:cc:cb:9b:84:14:dd:d6:
77:13:9b:39:24:90:3c:f5:ea:ca:1d:95:02:ad:b9:
ba:5e:a1:fe:55:57:c1:45:07:30:17:db:1c:61:6c:
00:2d:dc:0e:ba:50:fe:1c:f7:d2:ff:24:c4:dd:50:
fc:ec:ee:3f:15:72:68:8c:bf:96:8e:a2:4b:5c:94:
5d:d3:1e:33:58:71:65:48:63:35:90:0a:36:88:ed:
6d:55:4f:b7:dd:f1:67:21:3d:b4:90:a6:ad:28:62:
62:48:68:25:e1:5e:46:8c:80:2e:fb:f5:a9:7e:57:
3d:26:f3:e0:ea:e6:c2:2e:69:e8:d5:3c:59:5e:87:
c6:7b:69:c5:d9:01:46:bf:1a:d1:2b:8d:c7:93:40:
55:f1:13:29:a5:a7:35:ef:63:1c:3e:4e:91:66:10:
97:ad:93:64:44:c9:f5:52:25:f8:8c:42:e1:3d:04:
79:05:9c:1a:06:c9:36:da:bd:6a:11:91:10:16:58:
af:f4:e4:92:15:5e:ad:64:72:0a:3e:a8:04:a8:a6:
84:cc:47:d5:ea:48:55:8d:23:b1:da:c1:84:ed:2c:
25:ca:70:75:44:8f:e4:d0:0c:e8:41:67:c3:58:e1:
d5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:91:F6:3F:39:73:25:1B:0D:2F:71:68:41:11:83:5F:75:90:02:84
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GpH2PzlzJRsNL3FoQRGDX3WQAoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:bd:d2:01:f4:71:71:b9:e6:8a:4f:ef:5e:7a:c5:d5:86:b8:
6f:85:f1:18:02:ef:f3:93:3d:64:e0:22:77:9b:09:14:31:8a:
83:c3:68:11:d2:23:b3:13:d7:99:c1:28:04:3b:d7:8a:b5:22:
30:0b:87:a5:a2:39:af:06:5a:47:a3:e0:7e:d2:a0:8c:58:81:
8e:72:e0:60:63:36:b3:3e:27:05:9b:28:5b:4b:a6:dc:db:15:
ed:a3:a0:2d:6d:23:bc:5e:a0:08:57:d4:3e:c5:79:cd:eb:61:
ec:2d:b2:ed:ac:3a:ca:8c:cf:97:fd:a2:a7:e4:77:9f:a6:3b:
cb:e0:89:63:7a:3f:2f:ab:29:37:e9:5e:1a:0d:6a:4c:85:34:
97:bb:81:84:e6:6b:c0:be:2d:64:fa:67:29:70:47:de:a9:67:
a6:78:6c:e0:49:a6:b1:58:27:b6:df:dc:5c:09:ff:b5:bf:96:
5a:2a:58:2f:4b:ad:21:a5:52:9e:2a:89:ed:dc:07:dd:62:72:
c6:28:12:07:16:4e:5e:0b:d9:6e:82:2f:16:0c:1a:ac:ba:f6:
55:3b:49:c0:b3:92:e5:5c:83:1f:c4:f0:86:3f:a4:fb:77:69:
2e:e0:7d:9b:7d:d8:58:c5:37:3a:9f:34:72:db:51:ae:b6:cc:
05:6f:ab:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0V1d6AsiP1sb6w+qesv3CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE3MDUxMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkxZjYzZjM5NzMyNTFiMGQyZjcxNjg0MTExODM1Zjc1OTAwMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruHqb7PqGyEeRCLO8lR0EzeJ4hu5
y8zLm4QU3dZ3E5s5JJA89erKHZUCrbm6XqH+VVfBRQcwF9scYWwALdwOulD+HPfS
/yTE3VD87O4/FXJojL+WjqJLXJRd0x4zWHFlSGM1kAo2iO1tVU+33fFnIT20kKat
KGJiSGgl4V5GjIAu+/Wpflc9JvPg6ubCLmno1TxZXofGe2nF2QFGvxrRK43Hk0BV
8RMppac172McPk6RZhCXrZNkRMn1UiX4jELhPQR5BZwaBsk22r1qEZEQFliv9OSS
FV6tZHIKPqgEqKaEzEfV6khVjSOx2sGE7SwlynB1RI/k0AzoQWfDWOHVzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBqR9j85cyUbDS9xaEERg191kAKEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR3BIMlB6bHpKUnNOTDNGb1FSR0RYM1dRQW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKG90gH0cXG55opP7156
xdWGuG+F8RgC7/OTPWTgInebCRQxioPDaBHSI7MT15nBKAQ714q1IjALh6WiOa8G
Wkej4H7SoIxYgY5y4GBjNrM+JwWbKFtLptzbFe2joC1tI7xeoAhX1D7Fec3rYewt
su2sOsqMz5f9oqfkd5+mO8vgiWN6Py+rKTfpXhoNakyFNJe7gYTma8C+LWT6Zylw
R96pZ6Z4bOBJprFYJ7bf3FwJ/7W/lloqWC9LrSGlUp4qie3cB91icsYoEgcWTl4L
2W6CLxYMGqy69lU7ScCzkuVcgx/E8IY/pPt3aS7gfZt92FjFNzqfNHLbUa62zAVv
q+A=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:24 2025 by rpki-client