Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GW9o0TO1UMFs2pMZ33mkHlwzMB4.roa
File: GW9o0TO1UMFs2pMZ33mkHlwzMB4.roa (raw, json)
Hash identifier: zAT4Y0wPUB7hT8gDjuCiVC69ZykIJVS9X8Ab+uVS6tY=
Subject key identifier: 19:6F:68:D1:33:B5:50:C1:6C:DA:93:19:DF:79:A4:1E:5C:33:30:1E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE4069E5B2CB43E7932F07DF6F4998362
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GW9o0TO1UMFs2pMZ33mkHlwzMB4.roa
Signing time: Sun 07 Jan 2024 13:04:48 +0000
ROA not before: Sun 07 Jan 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:e406:14bc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:06:9e:5b:2c:b4:3e:79:32:f0:7d:f6:f4:99:83:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=196f68d133b550c16cda9319df79a41e5c33301e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:af:03:d3:1b:60:7e:4f:80:2d:27:0e:b0:52:
aa:b3:6e:73:91:7d:22:6e:19:d5:b9:64:2b:02:a8:
64:88:32:87:eb:d1:96:30:29:b4:61:9a:43:c8:2e:
d4:64:9c:d4:86:b5:6d:61:d3:5f:7a:b8:62:e8:5e:
89:a1:87:70:1d:ab:8f:32:01:83:34:11:f3:a1:8e:
10:eb:41:83:b2:88:3e:2c:c5:da:71:c8:5c:a2:e5:
1a:aa:c8:f2:37:49:b1:96:c2:44:0e:88:f6:3a:36:
3e:ef:50:b2:ae:c8:bf:9f:c5:37:d4:ff:39:15:c8:
67:62:52:8d:78:d9:6d:77:75:f8:27:42:ee:4d:67:
d5:42:f3:e8:1c:e0:a6:13:26:92:d0:c4:ba:13:3f:
f1:29:49:af:98:c7:80:0e:11:9a:3c:26:f6:37:8b:
9d:00:38:03:c5:cd:e9:16:5d:c8:8a:50:ab:84:c4:
9f:1f:6c:29:c5:db:24:5d:74:bb:f0:4c:46:08:b5:
65:88:5f:ed:73:e1:b5:74:8c:84:1f:2b:4d:e5:95:
2f:c1:ac:81:36:dc:3a:fb:ea:6c:3b:84:a3:79:eb:
d1:8d:f8:64:70:da:0a:39:a4:2d:2b:b1:0e:7d:e9:
f7:4f:21:3f:61:9a:64:28:9e:34:7b:dc:a2:95:fc:
82:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6F:68:D1:33:B5:50:C1:6C:DA:93:19:DF:79:A4:1E:5C:33:30:1E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/GW9o0TO1UMFs2pMZ33mkHlwzMB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:d6:93:30:17:c6:ee:22:77:4a:b0:09:0b:e8:ff:0e:e0:8a:
96:28:c3:c2:cc:ef:7a:c0:af:2a:87:d5:b8:3c:b1:9a:67:e6:
e3:83:f8:63:a2:4d:1a:f6:9f:ef:fb:da:b2:b3:72:91:b9:d0:
73:ba:a7:7a:c4:f6:a3:cf:0e:d6:e3:1e:ab:16:a9:19:b6:5b:
22:a6:30:3d:63:4d:c3:cf:3d:9b:e7:29:ca:ed:d3:15:53:0f:
84:a8:04:da:f5:33:d8:14:1e:d4:e5:66:9a:11:c9:cf:10:81:
25:3c:be:88:cc:da:4c:64:4d:3c:da:43:3d:d2:15:26:bb:2e:
00:d6:30:06:66:9e:32:d3:a6:cd:4e:fc:0d:e8:32:4d:50:10:
83:78:63:e6:5e:51:1e:8c:e1:26:c3:bf:7e:81:5a:ff:c4:1c:
52:fb:9a:e9:e0:cd:a5:a1:b3:57:49:70:0d:04:8e:e3:6c:5f:
ec:ac:34:39:57:c3:6a:18:93:b1:68:56:1f:bf:dd:0f:b4:de:
01:f4:79:8c:eb:7d:b0:06:32:77:16:1e:27:2a:90:88:a9:56:
9a:e9:1b:03:ac:d4:60:70:62:17:53:00:90:37:0e:be:4c:07:
7c:fc:6d:90:37:be:31:e8:ab:db:92:5a:3b:4c:6b:9e:52:3a:
b0:98:3e:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzkBp5bLLQ+eTLwffb0mYNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZmNjhkMTMzYjU1MGMxNmNkYTkzMTlkZjc5YTQxZTVjMzMzMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK8D0xtgfk+ALScOsFKqs25zkX0i
bhnVuWQrAqhkiDKH69GWMCm0YZpDyC7UZJzUhrVtYdNferhi6F6JoYdwHauPMgGD
NBHzoY4Q60GDsog+LMXacchcouUaqsjyN0mxlsJEDoj2OjY+71Cyrsi/n8U31P85
FchnYlKNeNltd3X4J0LuTWfVQvPoHOCmEyaS0MS6Ez/xKUmvmMeADhGaPCb2N4ud
ADgDxc3pFl3IilCrhMSfH2wpxdskXXS78ExGCLVliF/tc+G1dIyEHytN5ZUvwayB
Ntw6++psO4SjeevRjfhkcNoKOaQtK7EOfen3TyE/YZpkKJ40e9yilfyCAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBlvaNEztVDBbNqTGd95pB5cMzAeMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvR1c5bzBUTzFVTUZzMnBNWjMzbWtIbHd6TUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnWkzAXxu4id0qwCQvo
/w7gipYow8LM73rAryqH1bg8sZpn5uOD+GOiTRr2n+/72rKzcpG50HO6p3rE9qPP
DtbjHqsWqRm2WyKmMD1jTcPPPZvnKcrt0xVTD4SoBNr1M9gUHtTlZpoRyc8QgSU8
vojM2kxkTTzaQz3SFSa7LgDWMAZmnjLTps1O/A3oMk1QEIN4Y+ZeUR6M4SbDv36B
Wv/EHFL7mungzaWhs1dJcA0EjuNsX+ysNDlXw2oYk7FoVh+/3Q+03gH0eYzrfbAG
MncWHicqkIipVprpGwOs1GBwYhdTAJA3Dr5MB3z8bZA3vjHoq9uSWjtMa55SOrCY
Pkw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:57:54 2025 by rpki-client