Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GumfwZLyjkl7GrMWJND2tP3EONc.roa
File: GumfwZLyjkl7GrMWJND2tP3EONc.roa (raw, json)
Hash identifier: 7fjJ9qQweskJpYCcYKQLzMpxNThi5FjlMi+G+zqQ5NQ=
Subject key identifier: 1A:E9:9F:C1:92:F2:8E:49:7B:1A:B3:16:24:D0:F6:B4:FD:C4:38:D7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184218629E1DAEB9C06D29F4E50C943280D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GumfwZLyjkl7GrMWJND2tP3EONc.roa
Signing time: Sat 29 Oct 2022 02:15:51 +0000
ROA not before: Sat 29 Oct 2022 02:15:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:21:86:29:e1:da:eb:9c:06:d2:9f:4e:50:c9:43:28:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 29 02:15:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ae99fc192f28e497b1ab31624d0f6b4fdc438d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:23:1b:94:fd:2f:91:ca:e4:5e:32:1a:e1:
8b:1c:c7:71:b7:5c:90:c4:99:af:35:f5:4b:bb:77:
d9:43:7d:36:14:80:fc:57:9a:8a:2b:a4:b2:af:a3:
75:ec:02:02:16:00:1f:49:75:1e:15:3a:1d:51:7f:
d2:52:33:42:86:f8:9b:98:7c:91:36:51:2e:52:51:
74:6f:e0:7f:16:38:1d:6c:ab:7d:f6:6c:f7:9f:13:
ad:00:ed:bf:14:f3:35:ef:9c:cc:79:b3:a1:9f:99:
3f:aa:0f:05:57:7c:b8:97:40:61:bd:6b:9d:8b:da:
5f:0d:4e:dd:21:77:e2:28:f2:53:f2:c7:68:58:cd:
6a:d5:5e:87:6e:44:8a:dc:0b:e1:57:33:14:07:c0:
c0:a5:99:eb:cf:e9:bf:fb:bc:fa:66:1c:a0:d7:1f:
ba:63:1e:25:2a:23:3a:48:a4:ea:6e:f1:f0:f4:ec:
ce:4c:b8:55:2d:f3:53:d5:61:a8:54:b5:ec:45:ab:
f4:4c:fd:20:b5:33:de:22:a8:04:5d:5f:f6:1d:b9:
21:28:e1:6e:db:d8:44:d0:6c:61:4d:0d:46:94:fd:
11:12:44:a0:a5:8a:e6:69:37:ce:04:58:a4:77:15:
a8:f9:97:39:a6:25:1c:a0:ea:64:7c:c2:ab:a5:e7:
7a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E9:9F:C1:92:F2:8E:49:7B:1A:B3:16:24:D0:F6:B4:FD:C4:38:D7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GumfwZLyjkl7GrMWJND2tP3EONc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:d6:cb:1d:4c:b6:bb:4a:c1:4f:1d:75:7a:08:64:fa:44:3c:
10:72:1c:25:59:c7:e2:f9:8b:88:68:83:fc:b9:f9:04:e3:0b:
a4:0c:cf:02:f7:1e:11:0a:4a:21:02:f4:4f:c9:da:7b:8f:a8:
e3:97:31:d3:2e:af:f3:77:62:72:84:0b:72:67:4e:4d:05:0d:
76:f5:e9:47:6c:57:30:17:6d:4b:af:af:b5:8a:cf:15:70:66:
d7:dd:29:22:b8:f8:c1:6b:ee:51:56:d8:cc:21:b7:b0:91:29:
d9:fc:a3:76:e4:d6:09:f5:c9:11:7d:a1:c1:25:7c:1f:af:a9:
20:eb:4a:0b:86:6e:93:6a:bf:86:40:3e:7d:d7:ab:5f:7a:48:
9e:96:8e:95:1d:f5:2d:d6:5b:91:3f:3e:4c:5b:99:09:eb:1f:
5e:e4:bc:94:1d:c2:d3:32:9a:27:be:e7:cd:ab:5a:60:8a:60:
94:72:2d:2e:be:1c:40:be:73:c2:ae:06:7a:e9:3d:69:25:dc:
58:63:0d:5e:96:c4:35:b6:ca:de:cc:94:74:2b:39:b1:97:66:
03:2f:74:44:ae:bf:85:58:7b:66:2f:11:4b:6a:19:03:0c:f6:
1d:0f:7b:43:c2:15:ec:01:f7:4b:10:a5:d5:bc:81:55:42:86:
d0:57:80:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQhhinh2uucBtKfTlDJQygNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI5MDIxNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU5OWZjMTkyZjI4ZTQ5N2IxYWIzMTYyNGQwZjZiNGZkYzQzOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHojG5T9L5HK5F4yGuGLHMdxt1yQ
xJmvNfVLu3fZQ302FID8V5qKK6Syr6N17AICFgAfSXUeFTodUX/SUjNChvibmHyR
NlEuUlF0b+B/FjgdbKt99mz3nxOtAO2/FPM175zMebOhn5k/qg8FV3y4l0BhvWud
i9pfDU7dIXfiKPJT8sdoWM1q1V6HbkSK3AvhVzMUB8DApZnrz+m/+7z6Zhyg1x+6
Yx4lKiM6SKTqbvHw9OzOTLhVLfNT1WGoVLXsRav0TP0gtTPeIqgEXV/2HbkhKOFu
29hE0GxhTQ1GlP0REkSgpYrmaTfOBFikdxWo+Zc5piUcoOpkfMKrped6GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBrpn8GS8o5JexqzFiTQ9rT9xDjXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR3VtZndaTHlqa2w3R3JNV0pORDJ0UDNFT05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG3Wyx1MtrtKwU8ddXoI
ZPpEPBByHCVZx+L5i4hog/y5+QTjC6QMzwL3HhEKSiEC9E/J2nuPqOOXMdMur/N3
YnKEC3JnTk0FDXb16UdsVzAXbUuvr7WKzxVwZtfdKSK4+MFr7lFW2Mwht7CRKdn8
o3bk1gn1yRF9ocElfB+vqSDrSguGbpNqv4ZAPn3Xq196SJ6WjpUd9S3WW5E/Pkxb
mQnrH17kvJQdwtMymie+582rWmCKYJRyLS6+HEC+c8KuBnrpPWkl3FhjDV6WxDW2
yt7MlHQrObGXZgMvdESuv4VYe2YvEUtqGQMM9h0Pe0PCFewB90sQpdW8gVVChtBX
gJA=
-----END CERTIFICATE-----
Generated at Thu May 1 08:30:51 2025 by rpki-client