Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtz8PRr7IT7s-kKxGLJ9HDX8w6s.roa
File: gtz8PRr7IT7s-kKxGLJ9HDX8w6s.roa (raw, json)
Hash identifier: K1Syl/FW0mmM89Zc+nxE+biEsHJuYLFE0vYYHn7844k=
Subject key identifier: 82:DC:FC:3D:1A:FB:21:3E:EC:FA:42:B1:18:B2:7D:1C:35:FC:C3:AB
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194F11F3248301456EF2D5D10857DDB6FDB
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtz8PRr7IT7s-kKxGLJ9HDX8w6s.roa
Signing time: Mon 10 Feb 2025 18:29:01 +0000
ROA not before: Mon 10 Feb 2025 18:29:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 64.188.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:1f:32:48:30:14:56:ef:2d:5d:10:85:7d:db:6f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 10 18:29:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82dcfc3d1afb213eecfa42b118b27d1c35fcc3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e2:49:51:2f:65:85:ce:68:a0:b6:c9:3e:dd:
98:67:71:4a:79:f5:9a:3d:4a:fa:1c:cb:6a:8f:8b:
7e:66:23:7c:2d:72:b0:d0:10:86:e9:04:48:a5:03:
52:52:1d:96:5d:2c:74:75:47:c2:35:27:45:3b:3d:
3d:50:4a:2b:80:11:f7:26:14:b9:56:ca:b4:96:fa:
f8:5f:96:bb:d2:94:41:14:f2:6f:9a:55:a4:fd:2d:
1a:37:68:6f:98:07:02:b6:9a:2c:da:2b:af:94:ef:
46:b9:36:cc:b3:ad:8b:84:74:b4:e3:77:c1:3e:f7:
94:98:12:dd:66:cd:8d:cc:0f:3a:31:c9:f1:0c:e8:
fb:b1:1d:3c:12:84:c9:27:42:fd:95:8e:7a:7d:d5:
bd:4b:c2:e1:21:07:41:1b:2f:b3:8b:42:95:2c:52:
36:73:42:cd:4c:0c:bb:6d:9a:d8:47:20:b8:68:36:
fc:17:6e:d8:3a:c1:48:37:be:c3:4e:a6:69:7c:70:
bf:78:8a:5e:59:0d:b1:92:16:0c:56:a8:3f:fa:af:
c4:73:7f:53:85:61:e8:6d:e9:8a:f8:df:d0:f4:2d:
ff:e2:a3:5c:6c:e4:84:60:17:aa:46:2c:c9:4d:f4:
ed:8e:46:83:a1:fc:4a:d1:51:05:6b:5e:1e:57:f1:
9b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DC:FC:3D:1A:FB:21:3E:EC:FA:42:B1:18:B2:7D:1C:35:FC:C3:AB
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtz8PRr7IT7s-kKxGLJ9HDX8w6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.68.0/22
Signature Algorithm: sha256WithRSAEncryption
91:4f:64:73:c0:ed:5e:62:81:49:91:96:1a:75:e9:de:4b:bb:
b6:59:b5:82:5f:ff:d0:bd:02:b8:9c:39:ce:54:d4:3b:64:68:
47:51:84:25:19:ee:6b:39:81:a7:82:c4:5a:f2:14:89:b1:4e:
2f:10:30:ee:96:5d:24:d6:b5:0f:e6:da:fd:8c:ec:78:a4:08:
39:10:c7:6b:56:9e:6e:5e:30:76:c6:45:b1:b3:6b:71:92:fe:
d2:18:4a:fe:c2:48:dd:dc:9c:2f:43:4e:d0:dc:97:d2:e8:fe:
83:79:82:84:92:ec:83:ab:f0:be:f6:6f:0e:7b:7c:5c:38:4a:
32:c4:71:96:ee:04:b4:70:41:4d:6b:ae:cd:23:d0:75:9c:61:
15:92:39:d5:b6:b4:fc:8e:66:ba:70:26:bb:d6:d6:47:f0:55:
16:ea:e5:80:8f:4a:fd:5d:37:13:78:aa:3b:76:2c:93:29:1d:
7f:90:56:21:e3:d7:89:03:10:ba:3b:17:21:82:bc:d3:ce:d5:
39:c4:06:2d:bd:0c:c2:16:7a:84:6a:d0:8c:b5:7a:92:13:2d:
bb:fc:e8:d0:54:5e:96:cd:78:f9:2a:4a:56:4e:b9:01:fb:de:
fb:0f:e3:48:76:0d:c9:6c:9f:e0:fd:a1:e3:65:de:05:dc:65:
b6:cb:be:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTxHzJIMBRW7y1dEIV922/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEwMTgyOTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmRjZmMzZDFhZmIyMTNlZWNmYTQyYjExOGIyN2QxYzM1ZmNjM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+JJUS9lhc5ooLbJPt2YZ3FKefWa
PUr6HMtqj4t+ZiN8LXKw0BCG6QRIpQNSUh2WXSx0dUfCNSdFOz09UEorgBH3JhS5
Vsq0lvr4X5a70pRBFPJvmlWk/S0aN2hvmAcCtpos2iuvlO9GuTbMs62LhHS043fB
PveUmBLdZs2NzA86McnxDOj7sR08EoTJJ0L9lY56fdW9S8LhIQdBGy+zi0KVLFI2
c0LNTAy7bZrYRyC4aDb8F27YOsFIN77DTqZpfHC/eIpeWQ2xkhYMVqg/+q/Ec39T
hWHobemK+N/Q9C3/4qNcbOSEYBeqRizJTfTtjkaDofxK0VEFa14eV/GbJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILc/D0a+yE+7PpCsRiyfRw1/MOrMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZ3R6OFBScjdJVDdzLWtLeEdMSjlIRFg4dzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCQLxEMA0G
CSqGSIb3DQEBCwUAA4IBAQCRT2RzwO1eYoFJkZYadeneS7u2WbWCX//QvQK4nDnO
VNQ7ZGhHUYQlGe5rOYGngsRa8hSJsU4vEDDull0k1rUP5tr9jOx4pAg5EMdrVp5u
XjB2xkWxs2txkv7SGEr+wkjd3JwvQ07Q3JfS6P6DeYKEkuyDq/C+9m8Oe3xcOEoy
xHGW7gS0cEFNa67NI9B1nGEVkjnVtrT8jma6cCa71tZH8FUW6uWAj0r9XTcTeKo7
diyTKR1/kFYh49eJAxC6OxchgrzTztU5xAYtvQzCFnqEatCMtXqSEy27/OjQVF6W
zXj5KkpWTrkB+977D+NIdg3JbJ/g/aHjZd4F3GW2y77g
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:38 2025 by rpki-client