Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTiDxCSsVoKr_au7IkvHvwP4OqA.roa
File: gTiDxCSsVoKr_au7IkvHvwP4OqA.roa (raw, json)
Hash identifier: FfJpS5X6oIm//mJuk6Rn1xxkasnY9d/j+V+3mLFArHw=
Subject key identifier: 81:38:83:C4:24:AC:56:82:AB:FD:AB:BB:22:4B:C7:BF:03:F8:3A:A0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED1C49C4BC0F98840A4A64F7C44CFC444
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTiDxCSsVoKr_au7IkvHvwP4OqA.roa
Signing time: Fri 12 Apr 2024 10:05:06 +0000
ROA not before: Fri 12 Apr 2024 10:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:d1c4:4fb7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:c4:9c:4b:c0:f9:88:40:a4:a6:4f:7c:44:cf:c4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 10:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=813883c424ac5682abfdabbb224bc7bf03f83aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0e:a3:a9:cb:34:73:33:81:94:00:89:68:65:
76:40:28:11:c3:3e:cc:f7:f0:1a:a7:69:56:a9:ed:
86:5f:b0:4b:8a:a8:be:f5:16:c6:48:e8:cd:54:2c:
3d:ac:7a:18:ad:c5:e0:21:07:35:6c:58:3d:07:94:
7c:09:27:b4:c7:f3:24:fb:74:5e:ae:ec:82:2b:35:
e5:09:71:f9:88:c1:93:bc:94:08:48:76:b5:d0:0e:
42:3a:3c:ba:8f:d0:24:cf:06:24:f0:f2:03:f2:ea:
52:0c:ac:3a:39:03:d4:b1:41:d9:a8:20:ab:ca:df:
05:b6:43:b5:ac:63:fb:53:07:bd:75:24:b4:ca:e7:
7b:34:55:42:ec:35:ef:b0:ec:06:13:76:82:23:a5:
c5:64:1d:12:34:aa:ab:13:51:53:ac:93:d2:77:92:
db:9d:22:15:22:7a:11:85:0d:29:c9:d1:19:98:43:
6f:32:fd:72:46:f9:32:f7:e4:80:f0:db:7e:e8:99:
aa:49:3b:95:53:53:b4:04:e7:f0:32:da:ee:c1:5b:
60:e9:50:75:1c:19:5c:ea:90:cf:d9:d0:8e:66:fa:
71:7f:78:1e:68:e4:f6:fc:9b:27:e8:92:5f:1a:13:
65:13:0b:f0:ec:48:19:20:54:e9:44:d1:38:7c:f7:
f0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:38:83:C4:24:AC:56:82:AB:FD:AB:BB:22:4B:C7:BF:03:F8:3A:A0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gTiDxCSsVoKr_au7IkvHvwP4OqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:45:31:05:90:7e:41:e6:4b:33:07:f1:f7:6c:16:fd:43:b9:
7a:4f:6b:a7:8f:34:42:59:55:d6:fe:43:f9:e7:a2:dd:98:8d:
f6:17:2f:0e:3d:df:b2:32:0b:ca:bb:8c:ab:2c:04:d0:42:54:
62:22:c1:ad:59:9f:37:ec:40:33:a8:e1:88:81:c1:82:c2:72:
ee:73:4c:51:28:4c:8d:f0:ac:a9:7a:6e:6b:de:08:67:a1:df:
12:2a:2a:b6:86:88:5b:12:ed:69:4b:3b:30:eb:fa:33:57:9c:
b9:1a:9a:6e:69:83:cf:16:84:50:d3:ae:87:18:14:1f:14:30:
05:df:be:1e:4f:c0:63:d9:3e:e0:0e:e9:dc:41:71:b7:20:19:
e9:b4:f7:f9:8c:ec:91:22:1f:37:be:25:3d:ec:0b:66:9b:29:
49:66:6c:48:fd:3d:ee:94:62:f2:f2:1b:8e:1a:a3:70:d6:78:
da:f8:d5:7e:ea:bc:35:a4:cb:26:51:05:4f:ab:b4:51:e0:98:
57:91:dd:c7:1c:8a:11:89:71:44:c2:73:b0:a1:0b:44:71:3b:
3f:13:44:a6:5d:3e:5d:f0:8a:98:05:53:e0:92:d2:c9:0e:b8:
ba:fc:7a:87:00:e5:23:4f:43:f3:47:87:0e:62:9f:20:01:1b:
19:02:83:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7RxJxLwPmIQKSmT3xEz8REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMTAwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM4ODNjNDI0YWM1NjgyYWJmZGFiYmIyMjRiYzdiZjAzZjgzYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ6jqcs0czOBlACJaGV2QCgRwz7M
9/Aap2lWqe2GX7BLiqi+9RbGSOjNVCw9rHoYrcXgIQc1bFg9B5R8CSe0x/Mk+3Re
ruyCKzXlCXH5iMGTvJQISHa10A5COjy6j9AkzwYk8PID8upSDKw6OQPUsUHZqCCr
yt8FtkO1rGP7Uwe9dSS0yud7NFVC7DXvsOwGE3aCI6XFZB0SNKqrE1FTrJPSd5Lb
nSIVInoRhQ0pydEZmENvMv1yRvky9+SA8Nt+6JmqSTuVU1O0BOfwMtruwVtg6VB1
HBlc6pDP2dCOZvpxf3geaOT2/Jsn6JJfGhNlEwvw7EgZIFTpRNE4fPfw8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIE4g8QkrFaCq/2ruyJLx78D+DqgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ1RpRHhDU3NWb0tyX2F1N0lrdkh2d1A0T3FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJBFMQWQfkHmSzMH8fds
Fv1DuXpPa6ePNEJZVdb+Q/nnot2YjfYXLw4937IyC8q7jKssBNBCVGIiwa1Znzfs
QDOo4YiBwYLCcu5zTFEoTI3wrKl6bmveCGeh3xIqKraGiFsS7WlLOzDr+jNXnLka
mm5pg88WhFDTrocYFB8UMAXfvh5PwGPZPuAO6dxBcbcgGem09/mM7JEiHze+JT3s
C2abKUlmbEj9Pe6UYvLyG44ao3DWeNr41X7qvDWkyyZRBU+rtFHgmFeR3cccihGJ
cUTCc7ChC0RxOz8TRKZdPl3wipgFU+CS0skOuLr8eocA5SNPQ/NHhw5inyABGxkC
g80=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:59:00 2025 by rpki-client