Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gGQB4e4wWBMamtW5sdPFn7ECtRE.roa
File: gGQB4e4wWBMamtW5sdPFn7ECtRE.roa (raw, json)
Hash identifier: o3eXrl0UHu8kTp+FV5dmJePJ2FK/20/O+40q1H5mWPI=
Subject key identifier: 80:64:01:E1:EE:30:58:13:1A:9A:D5:B9:B1:D3:C5:9F:B1:02:B5:11
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECFA5B3B282E67BCD4702CDAC81D4478A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gGQB4e4wWBMamtW5sdPFn7ECtRE.roa
Signing time: Fri 12 Apr 2024 00:12:06 +0000
ROA not before: Fri 12 Apr 2024 00:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cf:a5:b3:b2:82:e6:7b:cd:47:02:cd:ac:81:d4:47:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 00:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=806401e1ee3058131a9ad5b9b1d3c59fb102b511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6d:33:7e:23:74:1e:26:93:5d:fc:be:26:0f:
88:3d:27:c0:d2:ca:0e:25:8d:4e:ef:7b:97:75:e1:
a9:6e:97:ff:8f:ef:d1:57:b4:0a:d7:f2:ae:03:8b:
7a:36:ec:9d:e5:ae:fb:d5:9d:9e:73:e4:2c:68:1a:
d8:12:9b:f0:65:79:7a:c2:d5:cd:8b:2d:66:92:1a:
0c:db:98:01:44:ca:a1:57:73:44:ab:96:7d:b2:c5:
6c:fd:c0:ad:82:a1:0c:a3:80:13:f0:d5:18:38:1f:
e9:38:fa:52:c9:cc:20:ef:52:b3:2d:d9:d2:02:b9:
13:e5:ad:4b:0f:a8:08:8e:b5:fe:f6:27:47:1f:7a:
cb:55:56:f1:6a:51:a1:4a:50:ec:50:6a:7b:24:e8:
57:d3:de:28:2c:e8:ae:a2:e3:e3:14:49:4b:62:dc:
9f:d8:b4:32:15:93:b2:7e:40:d1:22:dc:4b:3e:66:
bc:a9:fe:af:d7:62:4c:43:d6:98:ee:47:a6:24:a3:
b3:f9:d2:34:46:75:c1:24:9f:76:dc:a4:83:7b:c0:
ee:7d:c2:ff:7b:37:42:66:36:00:13:b7:82:c1:d5:
40:62:fc:f7:13:f3:11:e9:9e:e5:00:70:bf:5a:9b:
0f:de:fa:74:ec:35:78:37:10:b3:d6:94:35:1c:81:
fd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:64:01:E1:EE:30:58:13:1A:9A:D5:B9:B1:D3:C5:9F:B1:02:B5:11
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gGQB4e4wWBMamtW5sdPFn7ECtRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:bb:2c:7c:53:c0:98:02:1c:05:2b:85:4e:4a:53:ec:11:97:
e2:70:8b:3f:f2:72:45:ed:ec:32:13:e0:33:c5:f3:24:0d:63:
1b:cb:e3:ec:ed:a8:fe:c1:6d:91:ec:02:39:df:b9:ed:0f:64:
44:45:12:12:a6:3b:a3:5f:30:12:f2:e9:b9:78:81:f3:3f:6d:
df:c7:5d:bc:65:63:e5:19:26:6c:db:af:e9:fc:ae:b6:bf:4f:
74:a3:45:5a:4b:1b:50:38:9b:0b:4f:1b:bf:f1:90:50:a3:cd:
bb:cd:55:c1:c4:d5:d4:36:8a:86:81:2f:80:26:67:38:89:8e:
cf:4a:a3:fb:4f:9c:0d:bb:1e:65:f0:4c:fe:3e:1f:88:57:fc:
2d:8c:af:a7:d0:53:1d:9a:88:00:0b:5d:6f:c1:37:4d:ab:e0:
61:94:91:b4:4a:dd:a6:e6:e2:8f:0c:0e:b6:bb:36:e7:95:52:
a4:6c:3c:71:7e:4a:bd:9f:fb:5c:6f:05:6b:ce:b2:ae:3f:3c:
55:f7:87:bb:e5:39:97:14:27:b3:76:ea:3b:11:0b:a2:7e:85:
f9:40:aa:c0:e7:13:04:09:bc:18:17:ff:8e:d0:f6:db:9d:d1:
23:40:00:25:5b:9d:a0:d1:4b:21:b7:34:91:23:9b:e7:fd:dc:
55:44:9f:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7PpbOyguZ7zUcCzayB1EeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMDAxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY0MDFlMWVlMzA1ODEzMWE5YWQ1YjliMWQzYzU5ZmIxMDJiNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm0zfiN0HiaTXfy+Jg+IPSfA0soO
JY1O73uXdeGpbpf/j+/RV7QK1/KuA4t6Nuyd5a771Z2ec+QsaBrYEpvwZXl6wtXN
iy1mkhoM25gBRMqhV3NEq5Z9ssVs/cCtgqEMo4AT8NUYOB/pOPpSycwg71KzLdnS
ArkT5a1LD6gIjrX+9idHH3rLVVbxalGhSlDsUGp7JOhX094oLOiuouPjFElLYtyf
2LQyFZOyfkDRItxLPma8qf6v12JMQ9aY7kemJKOz+dI0RnXBJJ923KSDe8DufcL/
ezdCZjYAE7eCwdVAYvz3E/MR6Z7lAHC/WpsP3vp07DV4NxCz1pQ1HIH9WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBkAeHuMFgTGprVubHTxZ+xArURMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ0dRQjRlNHdXQk1hbXRXNXNkUEZuN0VDdFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABW7LHxTwJgCHAUrhU5K
U+wRl+Jwiz/yckXt7DIT4DPF8yQNYxvL4+ztqP7BbZHsAjnfue0PZERFEhKmO6Nf
MBLy6bl4gfM/bd/HXbxlY+UZJmzbr+n8rra/T3SjRVpLG1A4mwtPG7/xkFCjzbvN
VcHE1dQ2ioaBL4AmZziJjs9Ko/tPnA27HmXwTP4+H4hX/C2Mr6fQUx2aiAALXW/B
N02r4GGUkbRK3abm4o8MDra7NueVUqRsPHF+Sr2f+1xvBWvOsq4/PFX3h7vlOZcU
J7N26jsRC6J+hflAqsDnEwQJvBgX/47Q9tud0SNAACVbnaDRSyG3NJEjm+f93FVE
n1A=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:31 2025 by rpki-client