Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gql0JktQjygUg55LcBcPies_2ws.roa
File: Gql0JktQjygUg55LcBcPies_2ws.roa (raw, json)
Hash identifier: YAetBdzFyk1TYQ1yJiVIsztmtfd/ITWc9FhGFoe1tRw=
Subject key identifier: 1A:A9:74:26:4B:50:8F:28:14:83:9E:4B:70:17:0F:89:EB:3F:DB:0B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2B15C2FF4D9CFFB19243482D1951CC56
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gql0JktQjygUg55LcBcPies_2ws.roa
Signing time: Mon 11 Mar 2024 01:17:10 +0000
ROA not before: Mon 11 Mar 2024 01:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2b:15:c2:ff:4d:9c:ff:b1:92:43:48:2d:19:51:cc:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 01:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aa974264b508f2814839e4b70170f89eb3fdb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ad:5b:9f:71:d8:2c:5c:87:db:25:7b:1c:83:
06:f8:2d:5c:38:9f:b4:33:98:79:a1:0e:e8:52:35:
66:14:70:e3:2e:88:e0:41:b3:2a:7b:c6:76:2a:7a:
5b:9f:b2:59:0d:e2:86:4e:2a:8c:01:78:6f:7e:a6:
1c:fe:5c:74:71:95:60:6c:5a:a7:79:5d:9d:e7:bd:
15:20:76:db:64:f8:ce:14:b4:9e:e7:9a:24:32:18:
5e:29:27:85:b5:7c:70:03:b2:db:61:fa:c4:9e:da:
8d:24:7b:81:d8:bb:8c:87:97:07:af:9e:86:4b:9a:
a3:47:37:2d:a6:c3:35:66:68:37:9e:f5:e8:44:3a:
a1:72:f3:17:3a:85:96:97:92:fc:9e:fe:9f:8e:d3:
b6:68:4b:e5:6e:5d:a3:3b:e5:51:55:76:33:2e:ae:
2e:82:28:f8:70:13:c1:79:a6:ea:e0:a5:1c:d8:90:
3c:7d:02:fe:3e:67:8d:0c:2c:35:77:f4:21:59:02:
b0:ac:b9:88:18:6e:85:bd:b3:be:f2:f5:ac:6f:e7:
a5:a6:74:37:c5:f4:33:6e:c8:7f:c7:6f:92:b4:5b:
62:c6:69:6a:84:12:74:ad:94:31:2a:df:12:46:12:
51:68:87:49:9d:51:dd:84:f4:fc:53:df:f6:b1:17:
67:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A9:74:26:4B:50:8F:28:14:83:9E:4B:70:17:0F:89:EB:3F:DB:0B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Gql0JktQjygUg55LcBcPies_2ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:19:18:3a:1f:e2:94:b8:0e:ac:be:6e:56:a2:b3:a2:51:be:
3a:df:a5:af:06:bf:dd:c3:09:e9:96:c5:06:c2:6b:d6:85:56:
08:6b:5d:0f:22:0d:1d:4a:ec:98:28:8c:e8:c0:69:10:99:d2:
1a:77:8a:4d:ef:5d:33:36:19:7e:b8:82:9d:92:dd:14:57:da:
1b:9c:a8:71:00:01:11:62:8b:7e:da:1e:46:35:0f:f2:9d:55:
c4:b1:bc:a0:7e:43:b0:fa:84:5a:ae:a2:d8:e2:91:b4:5a:3d:
d8:1c:2a:3d:5b:23:65:3d:75:64:95:67:9a:cd:5b:48:bb:98:
d4:2e:06:9a:cd:6b:8d:b0:1e:33:1a:4f:a5:bd:ed:36:65:5c:
8a:16:f2:58:6a:35:55:31:c5:1a:61:e3:a6:eb:2e:86:90:18:
e2:80:3d:d6:18:9e:68:8f:d5:84:a0:7d:b1:1f:ce:c8:8e:80:
70:0e:d2:80:82:bd:01:10:d8:dc:4f:c8:95:84:84:67:8a:9a:
0a:75:de:d6:f3:64:0d:cc:b5:73:15:31:cc:78:31:3d:fd:10:
37:88:92:82:e2:1b:c0:4a:c3:ea:87:76:3d:dc:1b:02:37:5a:
e3:cd:e9:b0:f0:5e:f0:b3:b7:a5:39:76:0d:f9:a9:57:4b:5f:
49:f9:c0:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4rFcL/TZz/sZJDSC0ZUcxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMDExNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWE5NzQyNjRiNTA4ZjI4MTQ4MzllNGI3MDE3MGY4OWViM2ZkYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs61bn3HYLFyH2yV7HIMG+C1cOJ+0
M5h5oQ7oUjVmFHDjLojgQbMqe8Z2Knpbn7JZDeKGTiqMAXhvfqYc/lx0cZVgbFqn
eV2d570VIHbbZPjOFLSe55okMhheKSeFtXxwA7LbYfrEntqNJHuB2LuMh5cHr56G
S5qjRzctpsM1Zmg3nvXoRDqhcvMXOoWWl5L8nv6fjtO2aEvlbl2jO+VRVXYzLq4u
gij4cBPBeabq4KUc2JA8fQL+PmeNDCw1d/QhWQKwrLmIGG6FvbO+8vWsb+elpnQ3
xfQzbsh/x2+StFtixmlqhBJ0rZQxKt8SRhJRaIdJnVHdhPT8U9/2sRdniwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBqpdCZLUI8oFIOeS3AXD4nrP9sLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR3FsMEprdFFqeWdVZzU1TGNCY1BpZXNfMndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIQZGDof4pS4Dqy+blai
s6JRvjrfpa8Gv93DCemWxQbCa9aFVghrXQ8iDR1K7JgojOjAaRCZ0hp3ik3vXTM2
GX64gp2S3RRX2hucqHEAARFii37aHkY1D/KdVcSxvKB+Q7D6hFquotjikbRaPdgc
Kj1bI2U9dWSVZ5rNW0i7mNQuBprNa42wHjMaT6W97TZlXIoW8lhqNVUxxRph46br
LoaQGOKAPdYYnmiP1YSgfbEfzsiOgHAO0oCCvQEQ2NxPyJWEhGeKmgp13tbzZA3M
tXMVMcx4MT39EDeIkoLiG8BKw+qHdj3cGwI3WuPN6bDwXvCzt6U5dg35qVdLX0n5
wK0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org