Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/GsKBgI8lYmP0cI7ycjnfp1LAj9o.roa
File: GsKBgI8lYmP0cI7ycjnfp1LAj9o.roa (raw, json)
Hash identifier: 9lU+JN5bPtyLYt9wb9fe5l31O4mXq26LUc53M7LCnUQ=
Subject key identifier: 1A:C2:81:80:8F:25:62:63:F4:70:8E:F2:72:39:DF:A7:52:C0:8F:DA
Certificate issuer: /CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Certificate serial: 018C7291CA4875A20EE3D55B62F4034EF3E9
Authority key identifier: 4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/GsKBgI8lYmP0cI7ycjnfp1LAj9o.roa
Signing time: Sat 16 Dec 2023 12:20:06 +0000
ROA not before: Sat 16 Dec 2023 12:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48937
IP address blocks: 213.5.175.0/24 maxlen: 24
213.5.174.0/23 maxlen: 23
213.5.172.0/23 maxlen: 23
213.5.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:91:ca:48:75:a2:0e:e3:d5:5b:62:f4:03:4e:f3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Validity
Not Before: Dec 16 12:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ac281808f256263f4708ef27239dfa752c08fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:85:b3:7d:33:9f:dd:1c:bd:c0:06:14:0e:
62:e2:72:9e:24:78:44:1b:be:9b:17:a4:a0:04:ac:
a1:17:fd:43:ae:c8:90:52:15:a3:11:9f:86:6a:20:
46:d3:0a:8b:dd:ac:b9:f7:88:59:ca:e1:95:05:43:
5f:9b:e8:d7:58:8c:bd:b8:19:b6:2b:f8:2f:d0:62:
7d:89:cc:ee:ce:0c:f0:e4:44:95:93:18:3e:f7:d5:
fa:c2:e6:40:7b:f5:ec:40:87:84:df:61:3c:d9:4d:
ec:d7:78:8a:b5:8c:d1:9e:82:0b:9e:5d:4f:1b:9c:
7c:25:f3:ab:23:c3:5f:7d:9b:24:07:91:66:e9:f3:
f7:18:8f:8d:1b:b4:06:76:79:5f:73:ee:9f:4a:8d:
1d:79:92:78:ca:bd:c4:ff:fa:39:0e:9b:93:c4:09:
69:82:39:e8:ed:7a:41:3d:f2:d5:4d:5a:16:2f:01:
60:de:6b:b5:a3:fb:82:80:fb:12:84:f8:87:09:3a:
43:83:88:3e:95:f9:2c:dc:c1:ed:09:4a:99:a4:f0:
67:9d:79:27:4a:06:47:19:be:d4:70:e8:54:4a:0c:
26:9d:f0:7f:fa:8b:9d:b5:54:88:09:ae:ec:f1:96:
22:02:8d:a4:9c:52:4e:78:65:0a:18:42:13:42:07:
d8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C2:81:80:8F:25:62:63:F4:70:8E:F2:72:39:DF:A7:52:C0:8F:DA
X509v3 Authority Key Identifier:
keyid:4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/GsKBgI8lYmP0cI7ycjnfp1LAj9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.172.0/22
Signature Algorithm: sha256WithRSAEncryption
74:85:c3:b6:82:7e:90:40:1c:c0:94:40:be:2c:7e:f8:01:78:
9b:3b:d0:58:fe:e0:52:98:ea:c7:3c:3e:b2:ef:95:c6:31:bb:
5e:de:31:15:4e:ff:ba:99:29:41:b0:50:47:8d:ab:fb:b3:b2:
e9:cc:7e:0f:32:30:ae:e5:28:6a:9d:6b:50:0e:f6:09:ea:06:
39:64:08:fe:30:64:a3:b4:5b:26:df:c1:cf:f7:77:99:3c:a8:
3b:a8:98:9f:e7:ec:03:1a:08:f3:36:b4:08:83:6a:65:91:25:
18:c0:d1:15:aa:ad:2d:31:fe:00:5c:a0:b7:72:bf:70:ec:55:
18:4e:02:40:b0:17:b1:e1:90:e2:40:b9:3a:83:b4:c4:97:fe:
0b:66:b3:64:6d:d3:29:4f:2c:bb:1a:aa:c8:7d:c8:91:98:0a:
99:23:7a:7a:d3:f8:db:f3:d1:df:89:dd:ea:92:36:d3:cf:48:
85:85:3b:91:09:e3:6e:56:48:13:bb:eb:fb:c3:08:c4:68:ef:
08:7a:7f:7b:ba:d7:32:07:2e:82:e8:62:9e:46:fb:6b:cc:43:
56:ff:dc:b2:99:8a:40:e9:ee:2e:89:0b:29:08:20:b8:6e:5d:
e0:64:4e:30:35:99:b7:77:8e:a4:37:a0:e2:e8:c8:e6:9a:1e:
24:a1:37:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxykcpIdaIO49VbYvQDTvPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTM4MTE2MGQ2NTk0MDQ5YTMxM2E1YjdiZDUzMTYyOGQ3
ZGRlMWIwHhcNMjMxMjE2MTIyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWMyODE4MDhmMjU2MjYzZjQ3MDhlZjI3MjM5ZGZhNzUyYzA4ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0SFs30zn90cvcAGFA5i4nKeJHhE
G76bF6SgBKyhF/1DrsiQUhWjEZ+GaiBG0wqL3ay594hZyuGVBUNfm+jXWIy9uBm2
K/gv0GJ9iczuzgzw5ESVkxg+99X6wuZAe/XsQIeE32E82U3s13iKtYzRnoILnl1P
G5x8JfOrI8NffZskB5Fm6fP3GI+NG7QGdnlfc+6fSo0deZJ4yr3E//o5DpuTxAlp
gjno7XpBPfLVTVoWLwFg3mu1o/uCgPsShPiHCTpDg4g+lfks3MHtCUqZpPBnnXkn
SgZHGb7UcOhUSgwmnfB/+oudtVSICa7s8ZYiAo2knFJOeGUKGEITQgfYHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrCgYCPJWJj9HCO8nI536dSwI/aMB8GA1UdIwQY
MBaAFE6TgRYNZZQEmjE6W3vVMWKNfd4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQt
OTY0MTExYTllYjIyLzEvR3NLQmdJOGxZbVAwY0k3eWNqbmZwMUxBajlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQtOTY0MTExYTllYjIy
LzEvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1QWsMA0G
CSqGSIb3DQEBCwUAA4IBAQB0hcO2gn6QQBzAlEC+LH74AXibO9BY/uBSmOrHPD6y
75XGMbte3jEVTv+6mSlBsFBHjav7s7LpzH4PMjCu5ShqnWtQDvYJ6gY5ZAj+MGSj
tFsm38HP93eZPKg7qJif5+wDGgjzNrQIg2plkSUYwNEVqq0tMf4AXKC3cr9w7FUY
TgJAsBex4ZDiQLk6g7TEl/4LZrNkbdMpTyy7GqrIfciRmAqZI3p60/jb89Hfid3q
kjbTz0iFhTuRCeNuVkgTu+v7wwjEaO8Ien97utcyBy6C6GKeRvtrzENW/9yymYpA
6e4uiQspCCC4bl3gZE4wNZm3d46kN6Di6Mjmmh4koTea
-----END CERTIFICATE-----
Generated at Mon May 12 22:26:55 2025 by rpki-client