Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G2lB67W6IJWUiyrJJzJLBLYpRGY.roa
File: G2lB67W6IJWUiyrJJzJLBLYpRGY.roa (raw, json)
Hash identifier: 1nSvPZRsJ9VKqECg1jO98/BzDStEf6rCjFVduW+NCiE=
Subject key identifier: 1B:69:41:EB:B5:BA:20:95:94:8B:2A:C9:27:32:4B:04:B6:29:44:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0F2586253DC5D24D8E4550B72794455F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G2lB67W6IJWUiyrJJzJLBLYpRGY.roa
Signing time: Tue 05 Mar 2024 15:05:01 +0000
ROA not before: Tue 05 Mar 2024 15:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:f25:3de4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:25:86:25:3d:c5:d2:4d:8e:45:50:b7:27:94:45:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 15:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b6941ebb5ba2095948b2ac927324b04b6294466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:3a:7d:d1:b7:a7:3b:73:0e:78:6b:15:2f:
43:f5:cc:12:73:fa:e8:f3:5e:ea:1d:35:da:c7:e4:
10:c7:d5:fc:d2:91:c6:27:f5:c2:12:75:e0:bd:9d:
a9:25:2b:aa:7e:80:32:8b:6c:d5:be:55:35:6e:ef:
18:89:1e:66:07:32:ab:1d:7f:a0:b2:5c:9e:15:2f:
15:6f:68:6a:d8:45:87:c7:60:0a:ac:bb:cb:cc:f9:
91:90:59:1c:5e:2a:81:0c:85:12:b8:34:11:c4:c2:
b1:ff:c5:74:f4:df:7e:9a:4a:91:5b:1e:7c:15:2b:
68:04:9b:41:ad:7e:b7:a2:a9:75:34:f6:4c:71:30:
d0:e3:d1:fe:10:81:c3:a1:4e:83:db:cb:54:de:bb:
47:16:ae:94:2f:c1:cd:dd:20:92:25:2a:08:a0:76:
11:5a:90:3f:70:5b:4e:a5:f5:00:0d:ef:2f:fe:bb:
7a:d7:f1:9a:ea:56:92:ac:5b:ba:77:37:74:bb:57:
38:13:57:ba:a6:7c:a2:24:67:a2:8a:6f:24:fb:45:
82:a5:35:4b:b0:39:72:f0:f4:ef:cb:c6:5f:63:69:
e9:9b:22:2a:49:37:93:47:1f:e8:6b:a9:e6:6e:a5:
64:ac:ed:8f:f9:47:d1:bd:4f:48:ac:25:7c:2c:65:
89:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:69:41:EB:B5:BA:20:95:94:8B:2A:C9:27:32:4B:04:B6:29:44:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G2lB67W6IJWUiyrJJzJLBLYpRGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:65:cb:a1:87:7c:a6:f3:b0:9c:0c:48:07:5e:26:20:7d:75:
e2:f6:61:97:95:3e:67:c5:80:5d:03:6a:8c:38:8c:a4:6c:97:
ff:0a:0d:7b:17:33:39:bf:57:ff:2f:a2:34:07:54:e0:03:67:
2a:9e:85:e1:5e:b6:a0:41:4a:08:12:10:1f:95:fa:42:4a:b9:
85:c0:df:a0:1a:18:e9:61:1f:f6:c4:6f:f1:10:2a:e1:a3:47:
54:ea:b4:d7:a1:8b:d0:e3:9b:60:c2:0f:39:57:49:42:f3:14:
ee:b7:c3:3f:a0:d9:45:2e:62:16:1e:d9:e3:e8:9a:a5:1c:1c:
60:f9:02:4b:75:a1:25:e5:13:3b:56:0d:85:b6:46:00:74:56:
a3:6b:8f:68:2a:7d:00:7e:d4:9e:05:4c:b7:1a:58:64:69:f5:
b6:8a:6c:5f:55:d9:c0:b1:6b:b9:09:23:4a:93:34:fe:3c:9d:
30:d8:55:01:b0:12:70:60:b0:b3:a9:bb:58:cf:a7:67:16:13:
8e:06:de:c5:37:49:ff:14:81:5d:18:fd:51:c8:c8:a1:9f:b6:
2c:79:f4:87:44:69:de:da:1b:1d:fe:35:7d:0f:b7:70:d6:17:
9b:4f:6c:f5:3c:f5:4f:04:3e:89:7b:b9:23:f1:5e:af:0e:76:
19:43:18:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4PJYYlPcXSTY5FULcnlEVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MTUwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY5NDFlYmI1YmEyMDk1OTQ4YjJhYzkyNzMyNGIwNGI2Mjk0NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4c6fdG3pztzDnhrFS9D9cwSc/ro
817qHTXax+QQx9X80pHGJ/XCEnXgvZ2pJSuqfoAyi2zVvlU1bu8YiR5mBzKrHX+g
slyeFS8Vb2hq2EWHx2AKrLvLzPmRkFkcXiqBDIUSuDQRxMKx/8V09N9+mkqRWx58
FStoBJtBrX63oql1NPZMcTDQ49H+EIHDoU6D28tU3rtHFq6UL8HN3SCSJSoIoHYR
WpA/cFtOpfUADe8v/rt61/Ga6laSrFu6dzd0u1c4E1e6pnyiJGeiim8k+0WCpTVL
sDly8PTvy8ZfY2npmyIqSTeTRx/oa6nmbqVkrO2P+UfRvU9IrCV8LGWJ3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtpQeu1uiCVlIsqyScySwS2KURmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRzJsQjY3VzZJSldVaXlySkp6SkxCTFlwUkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJhly6GHfKbzsJwMSAde
JiB9deL2YZeVPmfFgF0Daow4jKRsl/8KDXsXMzm/V/8vojQHVOADZyqeheFetqBB
SggSEB+V+kJKuYXA36AaGOlhH/bEb/EQKuGjR1TqtNehi9Djm2DCDzlXSULzFO63
wz+g2UUuYhYe2ePomqUcHGD5Akt1oSXlEztWDYW2RgB0VqNrj2gqfQB+1J4FTLca
WGRp9baKbF9V2cCxa7kJI0qTNP48nTDYVQGwEnBgsLOpu1jPp2cWE44G3sU3Sf8U
gV0Y/VHIyKGftix59IdEad7aGx3+NX0Pt3DWF5tPbPU89U8EPol7uSPxXq8OdhlD
GKQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:06:20 2025 by rpki-client