Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GKNJY-La4mx3w6X2_EreyMiFc4s.roa
File: GKNJY-La4mx3w6X2_EreyMiFc4s.roa (raw, json)
Hash identifier: P/UOAQe1skVvrIkMr4jdcJ3UMaySzsPKOvYDlKe/jcQ=
Subject key identifier: 18:A3:49:63:E2:DA:E2:6C:77:C3:A5:F6:FC:4A:DE:C8:C8:85:73:8B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1CB46919D6F86DF05A07F8F4D2057645
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GKNJY-La4mx3w6X2_EreyMiFc4s.roa
Signing time: Tue 22 Aug 2023 10:04:59 +0000
ROA not before: Tue 22 Aug 2023 10:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:1cb3:e661/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:b4:69:19:d6:f8:6d:f0:5a:07:f8:f4:d2:05:76:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 10:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18a34963e2dae26c77c3a5f6fc4adec8c885738b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bb:a4:2e:74:1d:c3:8f:ca:c8:df:37:5d:3a:
df:e3:a6:96:a4:4a:be:4f:5e:2a:ff:6a:f3:52:b3:
75:a9:7e:1f:ae:05:f0:99:65:4f:d3:2d:6f:79:25:
54:de:4f:9d:8d:29:5e:3f:66:2f:72:91:60:23:b0:
b0:8c:73:bd:12:a4:c0:b3:ea:59:40:5e:1b:c4:61:
5b:51:aa:85:a3:5e:b6:6e:9d:bb:1c:1d:81:89:35:
e9:7b:f8:8a:4d:65:a1:7d:75:73:fe:d7:f1:82:4d:
68:86:3b:7c:d0:ab:73:6c:ff:e7:4b:77:43:7c:60:
53:2b:11:25:2e:6a:8a:82:34:51:c1:04:62:be:e0:
3b:de:3c:1b:39:cc:32:34:79:85:43:2e:eb:d0:36:
a6:3e:d6:65:5d:25:a7:80:b4:d7:d2:dd:e6:d3:a2:
5d:ae:ad:6f:29:27:a0:95:a7:9a:03:c9:eb:1b:c3:
35:a5:ff:4d:cb:bc:a8:81:a9:ba:5c:b5:95:2e:3e:
35:d3:4d:0f:a1:82:26:e2:4b:3b:88:1a:78:70:a2:
86:fe:e4:0f:51:28:79:e8:d5:38:4c:bd:0f:72:ec:
36:2a:3f:40:2c:2c:a9:f4:db:6d:9f:4a:0d:09:a8:
f9:44:84:53:34:5f:5e:61:ef:26:3f:c8:54:80:f8:
2f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A3:49:63:E2:DA:E2:6C:77:C3:A5:F6:FC:4A:DE:C8:C8:85:73:8B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GKNJY-La4mx3w6X2_EreyMiFc4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:8e:a1:05:da:64:c6:a2:3f:9d:2e:a1:44:eb:04:2c:13:03:
29:03:f5:d0:eb:c5:06:bc:7f:c7:b6:9c:b3:71:ee:b3:02:67:
61:43:30:96:8b:96:65:55:51:02:ee:ce:92:7a:f0:f9:af:92:
3b:d0:ed:7b:97:64:10:9e:d8:67:65:08:c8:54:33:5f:d7:5c:
66:85:5a:f8:d5:0e:d3:94:86:ac:6f:bb:71:71:f0:c2:16:a6:
b2:c5:60:25:b6:e4:a4:d6:35:3e:89:fb:54:3c:4b:3b:d5:2b:
09:22:35:4c:37:fc:e0:fb:98:3b:bf:02:d4:0c:9e:2e:61:44:
6b:d7:3a:51:e7:76:68:7e:62:7b:55:c0:8a:33:50:74:5f:2f:
a3:1e:b5:e6:5b:44:97:59:a3:06:63:52:1a:6b:d9:cd:2b:ec:
51:9a:74:80:5c:41:b5:98:be:b0:7a:dd:7f:f1:f7:31:b0:8e:
65:b3:ab:8d:ac:14:64:85:45:e8:67:e2:17:16:31:38:f9:4b:
ce:2f:f1:f2:3d:c2:49:87:4e:39:16:77:e9:75:5f:d9:4f:5e:
b6:b3:88:32:b0:32:bf:08:d6:49:81:c2:f8:6f:ff:a5:a5:c4:
1a:03:47:89:e1:17:12:6e:63:ae:30:ef:ce:b4:9b:68:85:f4:
6a:36:f0:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoctGkZ1vht8FoH+PTSBXZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMTAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGEzNDk2M2UyZGFlMjZjNzdjM2E1ZjZmYzRhZGVjOGM4ODU3MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybukLnQdw4/KyN83XTrf46aWpEq+
T14q/2rzUrN1qX4frgXwmWVP0y1veSVU3k+djSleP2YvcpFgI7CwjHO9EqTAs+pZ
QF4bxGFbUaqFo162bp27HB2BiTXpe/iKTWWhfXVz/tfxgk1ohjt80KtzbP/nS3dD
fGBTKxElLmqKgjRRwQRivuA73jwbOcwyNHmFQy7r0DamPtZlXSWngLTX0t3m06Jd
rq1vKSeglaeaA8nrG8M1pf9Ny7yogam6XLWVLj41000PoYIm4ks7iBp4cKKG/uQP
USh56NU4TL0Pcuw2Kj9ALCyp9Nttn0oNCaj5RIRTNF9eYe8mP8hUgPgvSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBijSWPi2uJsd8Ol9vxK3sjIhXOLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR0tOSlktTGE0bXgzdzZYMl9FcmV5TWlGYzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByOoQXaZMaiP50uoUTr
BCwTAykD9dDrxQa8f8e2nLNx7rMCZ2FDMJaLlmVVUQLuzpJ68PmvkjvQ7XuXZBCe
2GdlCMhUM1/XXGaFWvjVDtOUhqxvu3Fx8MIWprLFYCW25KTWNT6J+1Q8SzvVKwki
NUw3/OD7mDu/AtQMni5hRGvXOlHndmh+YntVwIozUHRfL6MeteZbRJdZowZjUhpr
2c0r7FGadIBcQbWYvrB63X/x9zGwjmWzq42sFGSFRehn4hcWMTj5S84v8fI9wkmH
TjkWd+l1X9lPXraziDKwMr8I1kmBwvhv/6WlxBoDR4nhFxJuY64w7860m2iF9Go2
8Eo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:01:13 2025 by rpki-client