Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GvZNfl4_AdZvTXITCY-Nk4Fu6h4.roa
File: GvZNfl4_AdZvTXITCY-Nk4Fu6h4.roa (raw, json)
Hash identifier: fDWHVSP6u1e+MwU+/tRgMZsRn3+TwhzdBY2TxQjYr38=
Subject key identifier: 1A:F6:4D:7E:5E:3F:01:D6:6F:4D:72:13:09:8F:8D:93:81:6E:EA:1E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E90579ED481FB7BE09AF454B0A2776688
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GvZNfl4_AdZvTXITCY-Nk4Fu6h4.roa
Signing time: Sat 30 Mar 2024 17:10:45 +0000
ROA not before: Sat 30 Mar 2024 17:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:90:57:9e:d4:81:fb:7b:e0:9a:f4:54:b0:a2:77:66:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 17:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1af64d7e5e3f01d66f4d7213098f8d93816eea1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e1:b1:7f:98:a9:36:f0:54:57:77:73:4d:76:
c4:33:bd:c1:01:44:e0:15:cb:53:15:65:55:38:d7:
38:8e:95:b6:9d:a8:3d:bf:62:b6:51:94:d6:90:40:
7d:e2:7b:31:da:3f:a8:d8:c5:53:de:84:59:25:dd:
be:bb:9d:cb:f5:04:51:39:c7:6f:bc:b2:74:85:41:
48:6f:d7:1f:6a:8b:09:d4:b6:9b:ed:0e:d8:69:ca:
4b:8a:b2:71:ba:46:4a:82:4d:23:3b:e2:12:bc:0f:
3f:33:ca:a6:98:2e:27:5d:87:47:77:41:2d:7a:00:
42:1c:5f:a8:33:94:45:e4:ea:04:91:b7:28:24:ce:
a2:ef:ed:10:07:23:0b:f1:05:cb:a5:c5:ea:99:f6:
ef:d9:22:96:80:c6:39:50:1d:37:84:57:87:5a:d9:
d2:47:f4:ad:6f:aa:23:b1:2c:79:02:0a:37:24:bc:
a8:f0:21:62:9c:0c:93:9a:c9:c9:b4:fe:9e:0f:c6:
51:0c:ca:fe:63:65:90:30:91:45:45:fe:99:14:6b:
c7:91:b0:5d:90:aa:52:9e:3a:95:58:81:16:dc:93:
eb:fd:fe:27:33:d6:7e:a9:16:f0:83:fe:c0:09:02:
6d:6a:5d:74:ff:d7:7a:75:8d:d9:70:c7:49:86:79:
77:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F6:4D:7E:5E:3F:01:D6:6F:4D:72:13:09:8F:8D:93:81:6E:EA:1E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GvZNfl4_AdZvTXITCY-Nk4Fu6h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:2b:b6:47:83:66:4b:02:27:95:07:1d:fc:b3:09:f0:4a:f9:
0a:91:f8:b3:cd:03:11:ba:5b:f3:92:37:af:b9:bc:99:85:31:
3b:d0:a6:b2:67:0c:38:ba:3a:93:8f:00:26:10:95:b2:f3:49:
df:e2:f9:a3:ec:e5:a2:c4:a9:8a:ed:2a:b9:44:6f:ce:10:5b:
1a:75:a9:0e:78:3e:34:15:96:09:36:06:e7:13:e8:34:7e:67:
fc:9f:88:bd:3b:7e:c5:58:0b:61:1d:94:4f:57:e1:b5:96:3c:
5d:bd:ba:45:7c:ad:ec:0d:fa:b4:30:2c:4d:fc:ca:6a:4f:9b:
f9:bd:b2:34:2f:4a:9b:30:2f:62:0d:ef:fd:b2:d4:e4:ac:93:
7b:32:3c:23:e6:b8:9a:c8:b7:75:a4:37:13:6c:b1:e4:42:ef:
6f:76:90:65:39:3b:28:30:97:4d:23:1f:4d:79:7d:2e:84:b9:
20:bd:14:35:f7:56:5e:47:08:70:f1:49:29:65:e6:a5:8c:af:
40:fc:80:26:e4:44:aa:b2:86:6f:c5:88:01:0a:c9:06:9d:ab:
5b:ba:2a:d3:da:38:17:1b:04:fd:50:d2:84:c2:20:84:0e:fc:
e0:73:35:fe:0c:f2:e9:f8:58:72:fd:c2:8b:7d:f7:f3:32:30:
a9:f1:09:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6QV57Ugft74Jr0VLCid2aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMTcxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY2NGQ3ZTVlM2YwMWQ2NmY0ZDcyMTMwOThmOGQ5MzgxNmVlYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOGxf5ipNvBUV3dzTXbEM73BAUTg
FctTFWVVONc4jpW2nag9v2K2UZTWkEB94nsx2j+o2MVT3oRZJd2+u53L9QRROcdv
vLJ0hUFIb9cfaosJ1Lab7Q7YacpLirJxukZKgk0jO+ISvA8/M8qmmC4nXYdHd0Et
egBCHF+oM5RF5OoEkbcoJM6i7+0QByML8QXLpcXqmfbv2SKWgMY5UB03hFeHWtnS
R/Stb6ojsSx5Ago3JLyo8CFinAyTmsnJtP6eD8ZRDMr+Y2WQMJFFRf6ZFGvHkbBd
kKpSnjqVWIEW3JPr/f4nM9Z+qRbwg/7ACQJtal10/9d6dY3ZcMdJhnl3nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBr2TX5ePwHWb01yEwmPjZOBbuoeMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR3ZaTmZsNF9BZFp2VFhJVENZLU5rNEZ1Nmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFErtkeDZksCJ5UHHfyz
CfBK+QqR+LPNAxG6W/OSN6+5vJmFMTvQprJnDDi6OpOPACYQlbLzSd/i+aPs5aLE
qYrtKrlEb84QWxp1qQ54PjQVlgk2BucT6DR+Z/yfiL07fsVYC2EdlE9X4bWWPF29
ukV8rewN+rQwLE38ympPm/m9sjQvSpswL2IN7/2y1OSsk3syPCPmuJrIt3WkNxNs
seRC7292kGU5Oygwl00jH015fS6EuSC9FDX3Vl5HCHDxSSll5qWMr0D8gCbkRKqy
hm/FiAEKyQadq1u6KtPaOBcbBP1Q0oTCIIQO/OBzNf4M8un4WHL9wot99/MyMKnx
CYM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:51 2025 by rpki-client