Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/GhdbZGuzA1z36-UUonZ5zaCX38Q.roa
File: GhdbZGuzA1z36-UUonZ5zaCX38Q.roa (raw, json)
Hash identifier: gEgIQ1ixFSRgI4FI7VMbdhgtgY8jLC1wmNutDGTQS80=
Subject key identifier: 1A:17:5B:64:6B:B3:03:5C:F7:EB:E5:14:A2:76:79:CD:A0:97:DF:C4
Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Certificate serial: 01945A1E20E53995C74203E099CFB5878B08
Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/GhdbZGuzA1z36-UUonZ5zaCX38Q.roa
Signing time: Sun 12 Jan 2025 10:45:11 +0000
ROA not before: Sun 12 Jan 2025 10:45:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39307
IP address blocks: 213.109.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:1e:20:e5:39:95:c7:42:03:e0:99:cf:b5:87:8b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Validity
Not Before: Jan 12 10:45:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a175b646bb3035cf7ebe514a27679cda097dfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:f2:02:33:a9:d6:e0:71:6c:56:1a:9b:35:
83:35:dd:d6:3c:80:03:37:af:0d:9f:29:c8:ac:ce:
4b:75:bd:37:24:06:a6:94:b0:be:04:35:2a:21:98:
cf:e4:6b:b8:f6:27:7d:ee:8b:b5:3a:59:fe:d5:85:
0d:22:4f:86:14:df:c4:f5:df:0f:a2:e6:cd:e3:16:
35:cd:0c:e7:d8:80:67:20:03:fd:9d:5a:70:1a:4f:
f5:b1:8f:14:e7:b1:f0:20:ca:98:6e:6c:85:61:b3:
96:2b:b6:f9:88:b9:48:37:13:cb:05:d6:bf:b5:1b:
4d:97:12:8c:0a:83:e5:32:d8:de:e4:c4:74:09:67:
31:d1:68:f3:0f:20:7d:d9:7c:7f:d9:3a:e2:f1:4e:
6f:26:c8:03:75:71:69:61:97:99:94:05:28:a1:36:
88:f9:f9:90:ac:f2:94:ce:22:f3:b3:e2:22:69:68:
95:31:10:d2:e2:5e:68:9e:fe:c0:3e:4f:78:12:c8:
9d:79:63:89:f6:cf:0a:af:47:0b:73:78:e6:da:af:
b3:b1:15:80:c8:70:b3:e2:5f:a3:77:38:30:cc:11:
68:b3:d8:d7:33:d4:b9:83:e7:86:fb:8e:e8:3c:ed:
e6:ef:06:fb:5a:70:37:c9:d4:99:3b:a4:a7:99:5f:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:17:5B:64:6B:B3:03:5C:F7:EB:E5:14:A2:76:79:CD:A0:97:DF:C4
X509v3 Authority Key Identifier:
keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/GhdbZGuzA1z36-UUonZ5zaCX38Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.148.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:1b:0b:c6:9d:ba:2a:0b:53:2b:d2:8c:2b:fc:38:82:83:d2:
66:39:14:20:fd:f0:3d:94:8f:71:a4:d5:6a:23:0f:2a:a1:2f:
66:d1:fc:41:6f:88:95:58:e7:85:f3:6b:27:bf:64:90:d4:ce:
4b:07:a8:66:99:da:0c:13:87:bd:52:0f:32:87:0e:21:93:54:
03:54:06:c3:3e:39:8d:9b:9d:c5:5d:24:d3:d8:c7:e2:e1:c5:
d4:34:e6:84:bd:ff:8f:df:df:c8:a4:11:e1:ee:72:15:4d:46:
a7:e0:4a:2b:93:93:15:4b:cb:fa:9c:ec:d0:db:8a:5b:30:eb:
d3:3b:68:c1:95:99:a9:7d:92:b7:d4:a3:65:2a:7f:77:21:a8:
09:a0:49:e7:4c:e7:a3:ca:5b:81:a4:1b:8f:f3:54:84:63:f8:
6a:e8:a4:ce:a2:46:48:b0:52:1c:21:00:1b:f7:0e:05:f8:36:
63:4c:07:98:93:f5:41:38:32:28:fb:75:41:25:ca:ce:20:da:
44:3c:27:df:91:9b:ca:5a:fb:db:e1:f3:2e:99:1d:17:f9:73:
54:40:ed:be:88:63:18:a4:89:e5:d0:b5:38:24:a6:46:c0:9c:
aa:36:15:ab:c4:52:52:9f:06:1e:ad:91:3d:90:c4:70:19:cb:
d7:90:3d:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRaHiDlOZXHQgPgmc+1h4sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTNkZjg3N2JmMmYwY2YwMWE5NzE4OTczZWFlZWU4N2Iw
Njk3ZDkwHhcNMjUwMTEyMTA0NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTE3NWI2NDZiYjMwMzVjZjdlYmU1MTRhMjc2NzljZGEwOTdkZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso7yAjOp1uBxbFYamzWDNd3WPIAD
N68NnynIrM5Ldb03JAamlLC+BDUqIZjP5Gu49id97ou1Oln+1YUNIk+GFN/E9d8P
oubN4xY1zQzn2IBnIAP9nVpwGk/1sY8U57HwIMqYbmyFYbOWK7b5iLlINxPLBda/
tRtNlxKMCoPlMtje5MR0CWcx0WjzDyB92Xx/2Tri8U5vJsgDdXFpYZeZlAUooTaI
+fmQrPKUziLzs+IiaWiVMRDS4l5onv7APk94EsideWOJ9s8Kr0cLc3jm2q+zsRWA
yHCz4l+jdzgwzBFos9jXM9S5g+eG+47oPO3m7wb7WnA3ydSZO6SnmV/KaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoXW2RrswNc9+vlFKJ2ec2gl9/EMB8GA1UdIwQY
MBaAFLOT34d78vDPAalxiXPq7uh7BpfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYt
Mzk2YmM3MjBlMmI0LzEvR2hkYlpHdXpBMXozNi1VVW9uWjV6YUNYMzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYtMzk2YmM3MjBlMmI0
LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W2UMA0G
CSqGSIb3DQEBCwUAA4IBAQDWGwvGnboqC1Mr0owr/DiCg9JmORQg/fA9lI9xpNVq
Iw8qoS9m0fxBb4iVWOeF82snv2SQ1M5LB6hmmdoME4e9Ug8yhw4hk1QDVAbDPjmN
m53FXSTT2Mfi4cXUNOaEvf+P39/IpBHh7nIVTUan4Eork5MVS8v6nOzQ24pbMOvT
O2jBlZmpfZK31KNlKn93IagJoEnnTOejyluBpBuP81SEY/hq6KTOokZIsFIcIQAb
9w4F+DZjTAeYk/VBODIo+3VBJcrOINpEPCffkZvKWvvb4fMumR0X+XNUQO2+iGMY
pInl0LU4JKZGwJyqNhWrxFJSnwYerZE9kMRwGcvXkD19
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:37:44 2025 by rpki-client