Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GHwT0QUYApxM7KMJAUsktlXdEXE.roa
File: GHwT0QUYApxM7KMJAUsktlXdEXE.roa (raw, json)
Hash identifier: CpNYH51ad2BcwkiNG4AUe3CcSOYR5nUdkkS4zclSVmA=
Subject key identifier: 18:7C:13:D1:05:18:02:9C:4C:EC:A3:09:01:4B:24:B6:55:DD:11:71
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6F48C475568CE7EEF4A15E93239D7A62
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GHwT0QUYApxM7KMJAUsktlXdEXE.roa
Signing time: Sat 03 Feb 2024 14:04:16 +0000
ROA not before: Sat 03 Feb 2024 14:04:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:6f48:bbbf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6f:48:c4:75:56:8c:e7:ee:f4:a1:5e:93:23:9d:7a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 14:04:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=187c13d10518029c4ceca309014b24b655dd1171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:b9:cb:ae:77:ae:ef:92:21:f4:3a:97:d2:
13:89:10:5d:1c:55:62:e5:1b:9c:6f:a0:8b:29:cd:
20:de:89:5f:73:0d:08:ec:b8:6f:cd:63:92:0a:2a:
8d:ec:22:fd:d3:f6:09:ec:94:54:a2:de:cc:8f:29:
28:aa:bf:31:5e:d5:1b:57:f0:ec:8e:66:c5:36:df:
3d:95:52:a9:8d:d9:61:b2:02:49:77:20:59:a1:36:
6b:43:96:48:2a:ed:74:94:e8:b1:e3:74:d9:d9:c2:
6b:44:4c:12:8d:07:5e:1e:fe:2c:ef:27:93:b1:55:
36:0c:8a:b7:c5:cc:b6:33:ce:85:4a:5a:0f:d0:db:
be:60:b1:ba:ed:ad:e5:be:82:ee:e0:e6:3d:cf:86:
f6:ab:ed:f0:4d:f3:95:11:ce:9c:e1:b0:8b:46:6b:
a6:63:f8:52:67:06:88:51:e5:10:b4:36:dc:a4:79:
f7:3d:5c:3e:4e:06:8e:66:4b:9a:86:fc:3d:d8:39:
3c:c5:17:1f:68:d7:38:7d:73:62:36:2b:df:1e:49:
ef:41:49:b2:80:34:68:80:79:63:d2:d1:d3:63:c7:
54:3e:25:6b:6e:db:dc:cf:8b:9e:ae:64:56:36:b7:
8e:b1:52:e5:07:96:9f:58:fc:76:66:55:86:71:c1:
5f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7C:13:D1:05:18:02:9C:4C:EC:A3:09:01:4B:24:B6:55:DD:11:71
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GHwT0QUYApxM7KMJAUsktlXdEXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:2f:55:c2:46:d6:13:9d:bc:eb:2d:8d:2c:7c:5d:bb:bf:4b:
b6:10:4f:f4:3a:77:1f:ef:77:65:b2:19:e1:73:0c:28:69:90:
08:dd:c4:33:02:ee:f6:01:1c:9f:f7:86:94:59:06:6c:82:fb:
0e:53:01:0a:71:ee:05:11:5e:df:8e:01:8b:11:c3:cb:2c:8a:
2c:cd:cb:57:6f:29:6f:d0:ce:35:4d:63:2d:a3:6b:f6:d4:0f:
fa:17:61:29:f2:87:64:13:6c:f8:39:f6:e2:3c:c5:8b:f8:86:
fa:dd:5b:3c:0e:76:57:da:80:b9:4a:bb:92:57:c6:7f:1f:bd:
20:3d:a4:74:42:56:a2:d7:68:a2:ff:02:52:f5:57:2e:05:16:
d5:c5:8f:26:b0:2f:ae:2a:76:d9:a8:ec:69:c6:e8:58:e9:93:
b8:ac:62:ae:8b:ef:6d:33:1b:4e:97:d4:4b:3f:ef:27:63:66:
9b:53:c2:e9:a9:49:ac:bb:91:e2:6a:e1:7f:ea:29:04:33:0b:
59:55:4f:f5:f4:3f:29:cd:e3:cb:06:13:8f:4b:35:15:bc:be:
d8:bb:0c:75:fa:81:ce:5d:34:49:06:b0:35:c1:0f:cf:b4:d9:
ca:2f:f2:d5:b5:db:63:df:15:7e:0f:a3:22:3f:8c:50:6a:cd:
8e:0c:a3:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1vSMR1Vozn7vShXpMjnXpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMTQwNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdjMTNkMTA1MTgwMjljNGNlY2EzMDkwMTRiMjRiNjU1ZGQxMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlm5y653ru+SIfQ6l9ITiRBdHFVi
5Rucb6CLKc0g3olfcw0I7LhvzWOSCiqN7CL90/YJ7JRUot7Mjykoqr8xXtUbV/Ds
jmbFNt89lVKpjdlhsgJJdyBZoTZrQ5ZIKu10lOix43TZ2cJrREwSjQdeHv4s7yeT
sVU2DIq3xcy2M86FSloP0Nu+YLG67a3lvoLu4OY9z4b2q+3wTfOVEc6c4bCLRmum
Y/hSZwaIUeUQtDbcpHn3PVw+TgaOZkuahvw92Dk8xRcfaNc4fXNiNivfHknvQUmy
gDRogHlj0tHTY8dUPiVrbtvcz4uermRWNreOsVLlB5afWPx2ZlWGccFfUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBh8E9EFGAKcTOyjCQFLJLZV3RFxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR0h3VDBRVVlBcHhNN0tNSkFVc2t0bFhkRVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACAvVcJG1hOdvOstjSx8
Xbu/S7YQT/Q6dx/vd2WyGeFzDChpkAjdxDMC7vYBHJ/3hpRZBmyC+w5TAQpx7gUR
Xt+OAYsRw8ssiizNy1dvKW/QzjVNYy2ja/bUD/oXYSnyh2QTbPg59uI8xYv4hvrd
WzwOdlfagLlKu5JXxn8fvSA9pHRCVqLXaKL/AlL1Vy4FFtXFjyawL64qdtmo7GnG
6Fjpk7isYq6L720zG06X1Es/7ydjZptTwumpSay7keJq4X/qKQQzC1lVT/X0PynN
48sGE49LNRW8vti7DHX6gc5dNEkGsDXBD8+02cov8tW122PfFX4PoyI/jFBqzY4M
o1o=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:39:08 2025 by rpki-client