Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTJ85Ol0XQIwSa6vwoSrw5viD3E.roa
File: gTJ85Ol0XQIwSa6vwoSrw5viD3E.roa (raw, json)
Hash identifier: LwKe1FvcJ9zpJVbQ2ruVUnMfK7B8cobr+ay1ahob8KE=
Subject key identifier: 81:32:7C:E4:E9:74:5D:02:30:49:AE:AF:C2:84:AB:C3:9B:E2:0F:71
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9E523ADF2FC70ADABD5FF78D5B6C3B6B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTJ85Ol0XQIwSa6vwoSrw5viD3E.roa
Signing time: Mon 25 Dec 2023 00:13:58 +0000
ROA not before: Mon 25 Dec 2023 00:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9e:52:3a:df:2f:c7:0a:da:bd:5f:f7:8d:5b:6c:3b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 00:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81327ce4e9745d023049aeafc284abc39be20f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b0:6d:b7:5c:5a:8d:b3:83:3c:57:71:c5:13:
9b:a3:7d:a6:52:6c:7d:69:cb:ca:c5:c9:e8:21:ca:
fb:f2:7e:3c:6f:34:05:30:de:55:51:ca:c2:a5:7a:
ea:bc:9d:13:65:80:56:99:1b:18:38:14:a1:5e:b2:
e6:fb:2c:fc:da:14:61:cd:5a:b2:f9:7e:e5:fd:f8:
cf:ed:4f:17:e1:3e:3e:07:a1:b4:7e:1d:b7:01:99:
ca:e8:21:0a:b4:6d:4b:67:61:f0:5b:8b:52:cd:c5:
7b:17:6d:b4:b8:8a:40:4c:9f:06:39:c9:43:75:68:
f4:84:ff:bf:06:2d:96:ed:25:33:6c:bc:ea:a2:ca:
59:d9:6a:bb:7a:94:ce:60:69:52:ad:c2:0d:94:1e:
02:5a:80:0d:6b:6e:88:7f:a0:6d:1f:7e:0b:3f:cf:
ae:b5:85:d6:9a:c6:11:74:ea:35:8c:e5:b2:b7:4c:
f1:39:fc:ff:c2:6b:c9:60:fe:52:9d:e8:eb:0f:b5:
0d:bd:48:de:66:b3:fb:eb:ab:d9:6a:e4:2c:96:e3:
be:19:dd:24:cc:f5:ef:d1:41:0b:40:8d:0c:51:18:
49:80:42:be:c2:46:68:e1:dd:f5:30:8f:65:64:6a:
e9:00:e2:ff:a6:a0:c5:8f:fc:1d:4d:7c:99:60:98:
a5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:32:7C:E4:E9:74:5D:02:30:49:AE:AF:C2:84:AB:C3:9B:E2:0F:71
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTJ85Ol0XQIwSa6vwoSrw5viD3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:1e:5f:eb:e3:70:71:6d:2e:31:7c:27:9e:53:6b:73:c2:02:
9a:a0:7f:57:45:52:43:62:c4:62:4b:b3:53:a4:4c:a4:bd:7c:
af:80:69:25:3a:a9:9a:5a:f0:dc:29:b7:9b:f1:6b:ad:05:15:
9e:ab:c6:a0:29:27:b1:6a:5c:4b:4f:49:7c:81:97:ad:c0:e6:
f3:20:62:49:7c:fb:02:2b:8c:ef:e1:52:59:18:09:a3:d4:aa:
9f:e9:f8:cf:cb:23:f3:fe:5d:0a:63:5c:8d:24:99:a5:ac:37:
82:06:c3:8e:e0:ff:ba:33:1c:8d:80:27:3e:34:cb:f6:23:3d:
4f:d3:31:04:14:f4:9c:de:70:ed:fc:05:10:28:23:5b:8f:9e:
7a:3f:51:93:6e:5d:eb:da:9d:2a:68:9b:05:6e:bb:95:6c:7f:
23:ea:bd:3c:18:ee:a3:a3:0f:fa:fb:31:15:13:b1:69:c0:76:
78:fc:45:38:3d:43:40:7f:02:08:82:99:10:bd:41:92:d9:c2:
c5:7c:29:e5:16:7d:c0:e3:5f:2f:68:66:0f:87:d1:35:08:44:
d2:be:22:33:07:72:94:67:20:22:11:41:e9:4a:22:c0:54:9f:
a7:47:fb:b3:2b:9c:89:1c:60:35:2d:90:a0:80:6f:fd:f8:4d:
40:2a:f2:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyeUjrfL8cK2r1f941bbDtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDAxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTMyN2NlNGU5NzQ1ZDAyMzA0OWFlYWZjMjg0YWJjMzliZTIwZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorBtt1xajbODPFdxxRObo32mUmx9
acvKxcnoIcr78n48bzQFMN5VUcrCpXrqvJ0TZYBWmRsYOBShXrLm+yz82hRhzVqy
+X7l/fjP7U8X4T4+B6G0fh23AZnK6CEKtG1LZ2HwW4tSzcV7F220uIpATJ8GOclD
dWj0hP+/Bi2W7SUzbLzqospZ2Wq7epTOYGlSrcINlB4CWoANa26If6BtH34LP8+u
tYXWmsYRdOo1jOWyt0zxOfz/wmvJYP5SnejrD7UNvUjeZrP766vZauQsluO+Gd0k
zPXv0UELQI0MURhJgEK+wkZo4d31MI9lZGrpAOL/pqDFj/wdTXyZYJilXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIEyfOTpdF0CMEmur8KEq8Ob4g9xMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ1RKODVPbDBYUUl3U2E2dndvU3J3NXZpRDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQeX+vjcHFtLjF8J55T
a3PCApqgf1dFUkNixGJLs1OkTKS9fK+AaSU6qZpa8Nwpt5vxa60FFZ6rxqApJ7Fq
XEtPSXyBl63A5vMgYkl8+wIrjO/hUlkYCaPUqp/p+M/LI/P+XQpjXI0kmaWsN4IG
w47g/7ozHI2AJz40y/YjPU/TMQQU9JzecO38BRAoI1uPnno/UZNuXevanSpomwVu
u5VsfyPqvTwY7qOjD/r7MRUTsWnAdnj8RTg9Q0B/AgiCmRC9QZLZwsV8KeUWfcDj
Xy9oZg+H0TUIRNK+IjMHcpRnICIRQelKIsBUn6dH+7MrnIkcYDUtkKCAb/34TUAq
8nA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:52 2025 by rpki-client