Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gWgGJir5GB-tLa5-UsuqGOEGe88.roa
File: gWgGJir5GB-tLa5-UsuqGOEGe88.roa (raw, json)
Hash identifier: hTP+zKv/PKnQlkVcOInAjGm5mgy5Uws/6HQFWz5wDf4=
Subject key identifier: 81:68:06:26:2A:F9:18:1F:AD:2D:AE:7E:52:CB:AA:18:E1:06:7B:CF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED3827841746866ABE2FFBD30465EEA9E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gWgGJir5GB-tLa5-UsuqGOEGe88.roa
Signing time: Fri 12 Apr 2024 18:12:06 +0000
ROA not before: Fri 12 Apr 2024 18:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:82:78:41:74:68:66:ab:e2:ff:bd:30:46:5e:ea:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 18:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=816806262af9181fad2dae7e52cbaa18e1067bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:32:54:2f:67:7d:01:c3:0b:37:6f:9a:38:88:
8b:1f:89:dd:d9:18:e6:85:a1:4d:e9:0d:d8:69:dd:
fe:2a:55:be:16:a6:10:2c:00:6d:34:17:c0:7c:c9:
a0:de:2b:8d:f0:db:44:fd:5f:04:b0:ce:aa:14:96:
5b:53:62:e5:8c:fc:b3:ef:81:a2:06:76:fe:48:88:
fd:3c:8e:84:e8:36:51:db:9f:e7:15:6b:34:24:0a:
39:80:de:a5:e4:ac:da:75:43:c3:68:28:d4:e8:13:
b0:66:48:7b:b1:7b:36:59:0e:ca:70:b4:01:bd:3d:
92:17:77:76:51:81:e3:a3:70:fc:8e:57:23:55:49:
ca:fc:65:e8:d8:dc:9e:14:b8:8d:bf:dd:86:7b:1a:
ef:eb:4d:46:68:ec:0f:84:a3:42:b7:20:fb:f1:4b:
15:7d:a1:15:e9:e2:2b:c5:ef:02:3c:d2:06:12:ea:
dc:64:f5:67:9c:ea:8f:fe:a9:87:0c:a6:d0:d1:15:
5b:5f:72:33:b6:b8:a1:51:48:08:0e:f5:bd:57:15:
38:59:75:1b:6e:21:de:f5:dc:27:1a:92:36:ca:db:
40:ba:af:e1:c7:ae:1d:97:dc:d7:5f:cf:b6:12:88:
ad:a1:05:3e:08:9f:f7:4b:d6:15:90:96:de:25:25:
81:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:68:06:26:2A:F9:18:1F:AD:2D:AE:7E:52:CB:AA:18:E1:06:7B:CF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gWgGJir5GB-tLa5-UsuqGOEGe88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:6c:ea:22:3c:e2:39:5a:2b:8c:f8:8d:f5:78:a3:e7:fa:1d:
22:5e:f2:a1:c5:ef:71:85:e8:21:94:18:66:43:cb:d5:41:2c:
1f:b6:b0:20:61:81:8c:3e:d4:9b:7e:c7:49:bf:c6:26:1f:27:
1e:5c:9f:f7:08:38:f8:5d:aa:2e:8b:57:31:c1:82:5c:d4:3a:
5d:59:ac:45:58:c1:96:19:cb:19:97:96:18:71:a6:02:84:c7:
fe:a9:b9:3f:0b:d8:a0:4b:ba:17:47:79:9f:3a:ee:43:a4:02:
a1:b4:6f:b3:b8:c9:14:47:82:7c:37:b0:97:2d:ba:cb:0b:81:
13:87:a9:5f:c1:1b:0b:9f:04:7b:b1:59:2f:38:0d:45:55:35:
76:bb:46:ae:b8:ea:5b:9e:46:27:44:87:79:2d:ef:12:13:d8:
4d:f4:a6:d4:f6:f3:7a:de:4d:f7:1b:2a:db:c2:50:03:34:3d:
8f:71:38:a1:70:e7:c5:2b:e0:da:aa:de:f0:5c:e2:b6:fb:6a:
ae:22:19:20:eb:ab:08:ef:e4:65:85:0c:7e:c1:6c:d9:68:24:
5a:df:c4:48:e4:eb:b6:0f:d8:b1:bd:a5:c2:20:07:bd:b4:12:
c2:e6:41:8d:dc:6a:e9:ff:74:d3:ca:92:b2:6b:53:64:88:4e:
e7:d3:17:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7TgnhBdGhmq+L/vTBGXuqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMTgxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY4MDYyNjJhZjkxODFmYWQyZGFlN2U1MmNiYWExOGUxMDY3YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzJUL2d9AcMLN2+aOIiLH4nd2Rjm
haFN6Q3Yad3+KlW+FqYQLABtNBfAfMmg3iuN8NtE/V8EsM6qFJZbU2LljPyz74Gi
Bnb+SIj9PI6E6DZR25/nFWs0JAo5gN6l5KzadUPDaCjU6BOwZkh7sXs2WQ7KcLQB
vT2SF3d2UYHjo3D8jlcjVUnK/GXo2NyeFLiNv92Gexrv601GaOwPhKNCtyD78UsV
faEV6eIrxe8CPNIGEurcZPVnnOqP/qmHDKbQ0RVbX3IztrihUUgIDvW9VxU4WXUb
biHe9dwnGpI2yttAuq/hx64dl9zXX8+2EoitoQU+CJ/3S9YVkJbeJSWB2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIFoBiYq+RgfrS2uflLLqhjhBnvPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ1dnR0ppcjVHQi10TGE1LVVzdXFHT0VHZTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVs6iI84jlaK4z4jfV4
o+f6HSJe8qHF73GF6CGUGGZDy9VBLB+2sCBhgYw+1Jt+x0m/xiYfJx5cn/cIOPhd
qi6LVzHBglzUOl1ZrEVYwZYZyxmXlhhxpgKEx/6puT8L2KBLuhdHeZ867kOkAqG0
b7O4yRRHgnw3sJctussLgROHqV/BGwufBHuxWS84DUVVNXa7Rq646lueRidEh3kt
7xIT2E30ptT283reTfcbKtvCUAM0PY9xOKFw58Ur4Nqq3vBc4rb7aq4iGSDrqwjv
5GWFDH7BbNloJFrfxEjk67YP2LG9pcIgB720EsLmQY3caun/dNPKkrJrU2SITufT
F3A=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:25:17 2025 by rpki-client