Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/glDkr_2pvGM9Mc2G5wgnMsSzkZI.roa
File: glDkr_2pvGM9Mc2G5wgnMsSzkZI.roa (raw, json)
Hash identifier: uYdSqPoe1XLNXrMjnklW4XlQXgHxtdgxxpGe7LkN26E=
Subject key identifier: 82:50:E4:AF:FD:A9:BC:63:3D:31:CD:86:E7:08:27:32:C4:B3:91:92
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018DF039ADF79B7570BCDEE1EB40D71B53C9
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/glDkr_2pvGM9Mc2G5wgnMsSzkZI.roa
Signing time: Wed 28 Feb 2024 14:58:48 +0000
ROA not before: Wed 28 Feb 2024 14:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213183
IP address blocks: 194.42.98.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:39:ad:f7:9b:75:70:bc:de:e1:eb:40:d7:1b:53:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Feb 28 14:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8250e4affda9bc633d31cd86e7082732c4b39192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c1:b0:db:8e:63:de:0f:01:2b:d4:3c:64:e7:
ba:6b:68:96:7e:c2:cf:e3:80:7d:33:82:e0:35:d3:
35:df:63:b5:45:07:e8:22:c5:5f:19:11:d7:2a:98:
6b:ff:2d:85:24:8f:09:d1:4f:34:c6:71:19:8e:a8:
88:bd:e5:4b:75:be:9b:f2:f6:49:7a:55:80:92:0f:
44:a0:5d:4d:14:f3:7f:b4:fc:ba:4e:f2:b0:e0:e4:
1e:ed:11:cd:1d:75:33:18:5c:0e:b8:a8:bf:cd:81:
03:c4:75:93:1b:ff:b4:da:45:92:b5:ea:6d:83:98:
a9:ba:ad:38:9b:6b:fa:32:c0:df:0c:98:95:89:e5:
d5:38:e1:10:16:be:ea:ac:26:55:c2:72:50:0d:76:
15:e4:6e:23:0b:7c:98:cc:6e:bd:03:f3:5a:a8:d3:
e4:fc:4b:98:6a:c1:33:79:67:4c:45:6c:95:fc:65:
24:a1:87:b6:b4:d4:64:24:02:e9:57:c1:56:ee:78:
9e:63:f4:d1:be:83:8e:37:04:ea:9e:d4:d5:50:f9:
66:e6:7d:0d:c4:b3:35:9f:2b:b2:59:cd:15:d7:6b:
d0:2c:82:5c:98:c3:7e:67:71:5a:6d:ca:08:90:dd:
a9:ec:22:2c:6c:e2:e0:7e:8f:5c:e8:fd:f8:fb:2a:
e3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:50:E4:AF:FD:A9:BC:63:3D:31:CD:86:E7:08:27:32:C4:B3:91:92
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/glDkr_2pvGM9Mc2G5wgnMsSzkZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.98.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:55:1d:a7:77:ca:f4:93:59:47:54:24:c6:3e:4f:c6:50:bc:
ad:f2:3e:64:b1:89:bd:e6:ad:22:d0:eb:40:ed:07:03:2a:c6:
f4:7a:97:61:72:8b:31:be:a7:37:a6:5a:5a:55:5c:68:29:f1:
71:a1:01:78:79:db:0d:15:e1:6b:c9:35:88:37:db:61:e4:fa:
f8:1c:02:ad:eb:5f:8c:a1:c4:d4:71:07:fd:d6:7a:01:3a:71:
d1:29:0d:86:4f:42:07:2d:dc:41:ef:95:97:a3:d8:99:06:4c:
75:cb:e8:2b:64:9d:17:68:de:a8:d6:89:79:58:22:7b:c1:a1:
c0:de:39:8f:02:67:32:d5:d8:6f:12:49:a1:28:fe:a9:f6:7c:
4e:9e:bd:a4:2c:c6:a7:94:cd:3c:0e:3b:13:5b:22:8c:9e:a7:
46:95:eb:82:ab:e2:0c:b1:4e:54:22:e8:8f:2b:26:1e:fc:1f:
c1:f7:08:24:0e:15:c2:a8:d6:bc:af:39:9c:94:00:4f:5f:b2:
a1:cd:5c:fb:e7:b6:df:79:2d:80:64:f2:d5:f1:c5:58:af:f4:
5a:ce:da:9a:28:e6:12:6f:69:5e:3b:70:fe:7b:b6:40:72:21:
4c:87:c1:e4:85:c8:8d:0a:08:96:9a:b0:b7:12:ea:1a:d2:87:
70:30:71:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3wOa33m3VwvN7h60DXG1PJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMjI4MTQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjUwZTRhZmZkYTliYzYzM2QzMWNkODZlNzA4MjczMmM0YjM5MTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8Gw245j3g8BK9Q8ZOe6a2iWfsLP
44B9M4LgNdM132O1RQfoIsVfGRHXKphr/y2FJI8J0U80xnEZjqiIveVLdb6b8vZJ
elWAkg9EoF1NFPN/tPy6TvKw4OQe7RHNHXUzGFwOuKi/zYEDxHWTG/+02kWStept
g5ipuq04m2v6MsDfDJiVieXVOOEQFr7qrCZVwnJQDXYV5G4jC3yYzG69A/NaqNPk
/EuYasEzeWdMRWyV/GUkoYe2tNRkJALpV8FW7nieY/TRvoOONwTqntTVUPlm5n0N
xLM1nyuyWc0V12vQLIJcmMN+Z3FabcoIkN2p7CIsbOLgfo9c6P34+yrj6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJQ5K/9qbxjPTHNhucIJzLEs5GSMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvZ2xEa3JfMnB2R005TWMyRzV3Z25Nc1N6a1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwipiMA0G
CSqGSIb3DQEBCwUAA4IBAQAfVR2nd8r0k1lHVCTGPk/GULyt8j5ksYm95q0i0OtA
7QcDKsb0epdhcosxvqc3plpaVVxoKfFxoQF4edsNFeFryTWIN9th5Pr4HAKt61+M
ocTUcQf91noBOnHRKQ2GT0IHLdxB75WXo9iZBkx1y+grZJ0XaN6o1ol5WCJ7waHA
3jmPAmcy1dhvEkmhKP6p9nxOnr2kLManlM08DjsTWyKMnqdGleuCq+IMsU5UIuiP
KyYe/B/B9wgkDhXCqNa8rzmclABPX7KhzVz757bfeS2AZPLV8cVYr/RaztqaKOYS
b2leO3D+e7ZAciFMh8HkhciNCgiWmrC3Euoa0odwMHFg
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:53:39 2025 by rpki-client