Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gvEQAIkwgrqJHcYdxYBgkhacIxg.roa
File: gvEQAIkwgrqJHcYdxYBgkhacIxg.roa (raw, json)
Hash identifier: UWUAQ0C0g41b2eey6+HtoaE+Z6M8yr8/WOWycBf4/2A=
Subject key identifier: 82:F1:10:00:89:30:82:BA:89:1D:C6:1D:C5:80:60:92:16:9C:23:18
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA5314BD59864A92616354C3D27FC8D22
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gvEQAIkwgrqJHcYdxYBgkhacIxg.roa
Signing time: Wed 14 Feb 2024 01:18:07 +0000
ROA not before: Wed 14 Feb 2024 01:18:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a5:31:4b:d5:98:64:a9:26:16:35:4c:3d:27:fc:8d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 01:18:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82f11000893082ba891dc61dc5806092169c2318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b0:6d:42:08:96:14:c7:c6:8e:69:94:80:1c:
a5:a6:71:52:c1:05:12:51:6c:7f:a1:d1:7a:a8:64:
d3:32:23:f4:2e:87:eb:cc:6b:1a:4c:a6:5f:14:66:
70:62:b5:90:7b:56:0d:35:ad:c7:54:a1:11:ad:5d:
b2:78:c5:70:ac:43:71:a7:aa:9f:26:48:c0:b1:9e:
6f:24:74:35:41:bf:3e:a2:fa:5d:03:dc:b7:df:08:
37:bd:1b:14:84:38:78:43:56:6f:f9:86:fa:b6:28:
02:33:f6:17:5d:4e:5e:69:be:65:db:d1:a3:87:8b:
63:20:57:7a:ac:19:06:2b:bb:73:26:93:5a:90:5c:
a1:e4:ca:d6:f7:b9:d0:4e:62:76:48:04:d7:b8:e8:
5d:1b:85:31:0e:a5:fb:d8:fc:60:c8:54:74:04:11:
a3:71:d8:f9:60:7f:2d:4e:9d:03:11:05:77:34:46:
8c:43:3b:e9:81:a9:5a:ee:62:8f:61:82:93:ca:e1:
a6:55:fd:1c:84:cc:2f:fd:6b:57:1c:96:85:6d:3b:
7b:be:99:b6:2b:c0:e4:16:11:e2:9d:63:4b:ce:e4:
cf:61:0f:21:91:dd:9b:87:1b:60:00:03:81:df:e6:
a3:b0:86:5c:39:81:13:52:1d:41:2e:56:70:c2:3f:
ac:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F1:10:00:89:30:82:BA:89:1D:C6:1D:C5:80:60:92:16:9C:23:18
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gvEQAIkwgrqJHcYdxYBgkhacIxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:eb:d0:a7:68:d1:a8:1f:b8:69:35:1a:1c:4a:be:12:16:33:
cf:c7:b7:15:6b:a9:94:cb:ae:ac:de:27:5a:8e:9f:f1:fc:c2:
41:3f:f3:dc:14:e6:0d:c3:c2:10:a4:4c:69:80:d3:87:83:8b:
64:96:2f:f2:b8:f4:e0:e5:db:9a:91:c2:e4:62:e7:34:fc:da:
d1:67:f0:1b:09:79:f5:fe:e6:78:7e:f1:d7:91:81:df:4d:6a:
13:91:6e:8f:6b:0c:2a:50:99:c0:6b:80:f9:91:63:77:51:2a:
f1:21:e4:43:45:16:56:a3:5f:60:b7:37:86:d3:78:ef:e5:7d:
46:29:6e:26:65:24:c6:fb:8a:d7:9f:d4:ea:90:bb:61:41:ce:
21:aa:0d:5c:f4:47:75:a9:03:72:7c:fc:de:08:85:28:9f:72:
43:b1:72:7b:3d:a9:ac:14:53:7e:16:e7:c4:ab:99:77:6d:3c:
ea:8c:7f:dc:f6:67:85:d0:15:99:7f:a9:f3:0e:c4:3b:da:95:
e5:31:39:36:2d:3a:d6:79:71:d0:8c:ab:d7:62:6b:56:72:f5:
2b:76:b0:22:57:41:60:2e:75:63:5f:66:33:d7:87:4d:11:06:
72:a3:79:fb:34:00:64:14:64:90:11:84:91:18:53:91:ea:ad:
98:d0:82:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2lMUvVmGSpJhY1TD0n/I0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MDExODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYxMTAwMDg5MzA4MmJhODkxZGM2MWRjNTgwNjA5MjE2OWMyMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrBtQgiWFMfGjmmUgBylpnFSwQUS
UWx/odF6qGTTMiP0LofrzGsaTKZfFGZwYrWQe1YNNa3HVKERrV2yeMVwrENxp6qf
JkjAsZ5vJHQ1Qb8+ovpdA9y33wg3vRsUhDh4Q1Zv+Yb6tigCM/YXXU5eab5l29Gj
h4tjIFd6rBkGK7tzJpNakFyh5MrW97nQTmJ2SATXuOhdG4UxDqX72PxgyFR0BBGj
cdj5YH8tTp0DEQV3NEaMQzvpgala7mKPYYKTyuGmVf0chMwv/WtXHJaFbTt7vpm2
K8DkFhHinWNLzuTPYQ8hkd2bhxtgAAOB3+ajsIZcOYETUh1BLlZwwj+seQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFILxEACJMIK6iR3GHcWAYJIWnCMYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ3ZFUUFJa3dncnFKSGNZZHhZQmdraGFjSXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXr0Kdo0agfuGk1GhxK
vhIWM8/HtxVrqZTLrqzeJ1qOn/H8wkE/89wU5g3DwhCkTGmA04eDi2SWL/K49ODl
25qRwuRi5zT82tFn8BsJefX+5nh+8deRgd9NahORbo9rDCpQmcBrgPmRY3dRKvEh
5ENFFlajX2C3N4bTeO/lfUYpbiZlJMb7itef1OqQu2FBziGqDVz0R3WpA3J8/N4I
hSifckOxcns9qawUU34W58SrmXdtPOqMf9z2Z4XQFZl/qfMOxDvaleUxOTYtOtZ5
cdCMq9dia1Zy9St2sCJXQWAudWNfZjPXh00RBnKjefs0AGQUZJARhJEYU5HqrZjQ
gpM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:24 2025 by rpki-client