Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gbGEn9R8XTqi9nPC4a15T7VtV3A.roa
File: gbGEn9R8XTqi9nPC4a15T7VtV3A.roa (raw, json)
Hash identifier: Ae6xU7ESufdlQlahe2eR0r+CCRbmFyq2wR1o9446s1c=
Subject key identifier: 81:B1:84:9F:D4:7C:5D:3A:A2:F6:73:C2:E1:AD:79:4F:B5:6D:57:70
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 01874B0691781A31A527DD03AF43A9C86C7A
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gbGEn9R8XTqi9nPC4a15T7VtV3A.roa
Signing time: Tue 04 Apr 2023 06:48:54 +0000
ROA not before: Tue 04 Apr 2023 06:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200856
IP address blocks: 212.19.58.0/24 maxlen: 32
2a02:2e0:406::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:06:91:78:1a:31:a5:27:dd:03:af:43:a9:c8:6c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Apr 4 06:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81b1849fd47c5d3aa2f673c2e1ad794fb56d5770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5a:fc:9b:63:fb:ba:35:44:19:da:53:c3:74:
37:f2:b1:a2:6a:31:14:06:3c:b6:e5:0d:cd:f6:be:
1f:0f:c6:cb:4c:89:78:7d:14:ea:03:57:87:0f:a0:
eb:f3:62:42:bf:88:7a:d4:e6:26:1c:b4:30:e0:5d:
77:ac:5d:0f:4a:b8:0a:d6:56:8a:86:8f:a8:03:be:
08:13:37:98:3d:ba:5e:ac:35:b7:36:91:78:29:31:
1b:6b:6b:b5:29:67:28:14:d9:c5:5f:a0:06:ec:06:
7f:17:07:ea:0b:f8:3a:47:d3:31:67:4a:de:37:61:
5a:b2:86:02:0c:69:10:64:c9:ec:02:57:a0:b3:77:
3d:46:43:05:8d:33:fa:f2:d5:14:fc:f0:1e:0a:89:
f7:10:83:4c:a2:f7:ff:f7:f8:23:28:f5:16:50:b1:
4a:cd:0f:6b:bf:54:18:4c:e6:96:80:2a:c5:e1:9a:
7e:b5:75:0c:be:39:4f:aa:30:2c:10:20:48:b7:f7:
f5:d9:de:0c:e3:57:cb:b7:d5:24:2d:22:d9:03:03:
a1:ab:d7:ee:f3:40:70:97:52:7b:c3:34:a1:ad:7e:
99:75:68:f5:84:a7:26:7a:24:76:2d:2a:84:f6:ac:
77:18:19:7c:dd:a1:48:b5:15:1f:de:a4:73:3a:e6:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B1:84:9F:D4:7C:5D:3A:A2:F6:73:C2:E1:AD:79:4F:B5:6D:57:70
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/gbGEn9R8XTqi9nPC4a15T7VtV3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.19.58.0/24
IPv6:
2a02:2e0:406::/48
Signature Algorithm: sha256WithRSAEncryption
5f:69:66:3e:5d:4b:4b:57:65:7d:9c:91:ec:f9:51:75:59:ce:
c0:b7:14:d2:5d:6f:2e:35:c9:de:09:78:67:79:9d:b2:f4:12:
55:93:59:ca:be:33:30:a2:8b:89:c1:d7:24:e2:41:17:0d:56:
ac:f9:54:de:e4:67:ec:3c:96:17:ce:ea:69:a4:89:2c:20:ff:
57:3b:3c:c0:76:a9:da:f5:5b:83:e8:d0:3d:e4:6a:ad:1a:c5:
10:24:a8:b6:ea:20:9c:63:c8:33:11:12:b6:8a:6d:f0:d1:ff:
10:a1:95:bf:3c:3a:3e:45:da:35:a7:c0:c5:2a:b4:9c:81:84:
b4:0f:71:09:82:ed:9a:85:a0:94:e7:6f:56:00:35:45:6e:b0:
7e:66:5c:bb:df:d1:70:5f:9b:84:6b:d2:04:b8:66:0a:a0:bd:
dc:7b:8f:6a:bf:71:7a:aa:a5:4c:50:28:23:cb:be:3e:f1:9c:
74:27:37:a6:eb:06:a5:46:80:d6:b6:ee:3b:de:70:7c:4f:10:
a9:fc:2c:61:41:54:20:db:db:c1:3c:f8:c6:6f:6c:5b:78:5a:
7b:0c:f5:87:a2:47:6f:df:ff:1f:6a:fd:b7:35:c1:13:f1:c2:
bc:10:14:33:5e:16:49:87:3f:be:5a:64:3f:c0:01:05:75:9f:
14:0f:02:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdLBpF4GjGlJ90Dr0OpyGx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjMwNDA0MDY0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIxODQ5ZmQ0N2M1ZDNhYTJmNjczYzJlMWFkNzk0ZmI1NmQ1NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlr8m2P7ujVEGdpTw3Q38rGiajEU
Bjy25Q3N9r4fD8bLTIl4fRTqA1eHD6Dr82JCv4h61OYmHLQw4F13rF0PSrgK1laK
ho+oA74IEzeYPbperDW3NpF4KTEba2u1KWcoFNnFX6AG7AZ/FwfqC/g6R9MxZ0re
N2FasoYCDGkQZMnsAlegs3c9RkMFjTP68tUU/PAeCon3EINMovf/9/gjKPUWULFK
zQ9rv1QYTOaWgCrF4Zp+tXUMvjlPqjAsECBIt/f12d4M41fLt9UkLSLZAwOhq9fu
80Bwl1J7wzShrX6ZdWj1hKcmeiR2LSqE9qx3GBl83aFItRUf3qRzOuaOcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIGxhJ/UfF06ovZzwuGteU+1bVdwMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvZ2JHRW45UjhYVHFpOW5QQzRhMTVUN1Z0VjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1BM6MA8E
AgACMAkDBwAqAgLgBAYwDQYJKoZIhvcNAQELBQADggEBAF9pZj5dS0tXZX2ckez5
UXVZzsC3FNJdby41yd4JeGd5nbL0ElWTWcq+MzCii4nB1yTiQRcNVqz5VN7kZ+w8
lhfO6mmkiSwg/1c7PMB2qdr1W4Po0D3kaq0axRAkqLbqIJxjyDMREraKbfDR/xCh
lb88Oj5F2jWnwMUqtJyBhLQPcQmC7ZqFoJTnb1YANUVusH5mXLvf0XBfm4Rr0gS4
Zgqgvdx7j2q/cXqqpUxQKCPLvj7xnHQnN6brBqVGgNa27jvecHxPEKn8LGFBVCDb
28E8+MZvbFt4WnsM9YeiR2/f/x9q/bc1wRPxwrwQFDNeFkmHP75aZD/AAQV1nxQP
Avw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:13 2025 by rpki-client