Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jzGVMQ_elpeNvlxl5Wn7Vw9Dk5g.roa
File: jzGVMQ_elpeNvlxl5Wn7Vw9Dk5g.roa (raw, json)
Hash identifier: iQx4y0+4hU8pnUTrYRb6L7tpqjpfvZ8AfmtCqw/qqKg=
Subject key identifier: 8F:31:95:31:0F:DE:96:97:8D:BE:5C:65:E5:69:FB:57:0F:43:93:98
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEFA235FAB0A1B1921A62789EF9831E52
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jzGVMQ_elpeNvlxl5Wn7Vw9Dk5g.roa
Signing time: Mon 02 Oct 2023 09:04:59 +0000
ROA not before: Mon 02 Oct 2023 09:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:efa1:aa7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:a2:35:fa:b0:a1:b1:92:1a:62:78:9e:f9:83:1e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 09:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f3195310fde96978dbe5c65e569fb570f439398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f9:18:66:2e:af:51:f8:71:a2:e0:33:cd:d1:
47:79:57:37:41:49:eb:c0:b6:2f:c7:5b:af:41:13:
b6:7d:0e:44:11:13:c6:a8:a8:9b:6b:e9:8d:1c:ea:
57:a5:7a:34:76:b0:a9:b3:7a:5b:fd:e0:8a:46:30:
7d:70:62:fe:09:9f:37:3b:17:a1:32:e0:05:25:6a:
64:8f:ff:e2:d9:ae:bf:c8:0b:3b:06:3b:ed:54:41:
d4:53:40:59:68:de:cf:7f:d8:e9:9e:a2:3b:f2:31:
a3:6c:7c:b6:6a:03:a3:2a:53:6b:ce:6d:ef:69:ce:
ab:3f:d8:45:cc:d6:7f:a8:08:b2:3a:62:e8:fc:41:
0e:c3:1d:be:ba:28:47:a0:90:23:f7:f0:77:86:0a:
d0:56:74:53:6a:4c:3c:e7:8a:70:cd:10:1f:a7:4b:
30:dc:ed:a6:e1:2c:4b:e2:28:ca:35:67:cc:5b:8b:
52:ce:00:66:ff:eb:c3:45:fe:f6:c8:c0:14:f5:e4:
c1:41:c7:b4:92:59:11:9f:2f:8a:f7:f9:ef:43:7d:
1d:eb:a9:20:ec:f9:59:0b:04:5d:33:7f:28:bd:5c:
dd:8d:5e:04:cf:41:f0:b3:76:c6:78:77:5c:cb:88:
8c:ce:c2:74:4b:ed:fc:6e:fb:18:70:d4:ac:39:25:
4c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:31:95:31:0F:DE:96:97:8D:BE:5C:65:E5:69:FB:57:0F:43:93:98
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jzGVMQ_elpeNvlxl5Wn7Vw9Dk5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:ba:b0:de:57:6f:6a:95:ad:b0:a6:6a:55:1a:0a:ec:02:7e:
27:d5:1a:6c:87:68:bf:40:29:3c:c8:e0:fe:0c:e1:e2:f6:f7:
15:5a:03:78:c6:2f:a2:19:93:1d:14:00:57:70:50:0c:83:c4:
df:c7:81:b9:d4:3f:e2:7a:99:14:f2:38:ce:08:7b:91:90:cc:
dc:f5:69:a3:3e:ab:1e:a2:74:f9:e3:65:32:4a:97:d9:88:fb:
47:8b:3e:c6:6a:f4:7c:cc:7c:ce:39:2a:24:37:d8:7c:cf:07:
3e:fd:27:4f:f4:dc:ae:2a:64:b8:00:62:62:81:0a:e0:4a:7d:
eb:e3:c4:ce:71:2f:e0:33:d2:1e:e6:01:43:b7:23:ad:8b:a3:
ad:81:ed:79:84:4a:9c:20:bb:54:60:0c:1e:18:28:73:b8:a4:
ec:6f:4b:93:41:52:0c:b2:7c:15:5d:9b:2a:06:a8:7e:d3:8a:
2e:98:c9:87:e4:85:91:0f:38:ea:ab:1c:0b:86:ab:75:a8:66:
46:9c:b9:94:9b:0d:6f:5a:2d:b6:54:af:2f:6b:03:37:bc:4b:
c2:dd:98:ad:45:b9:ad:7a:9c:b1:c8:41:1b:12:8a:2d:ad:63:
a8:55:9d:b5:22:a7:7b:af:0d:d5:55:d5:45:b6:2b:e0:af:86:
aa:b7:99:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrvojX6sKGxkhpieJ75gx5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDkwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMxOTUzMTBmZGU5Njk3OGRiZTVjNjVlNTY5ZmI1NzBmNDM5Mzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/kYZi6vUfhxouAzzdFHeVc3QUnr
wLYvx1uvQRO2fQ5EERPGqKiba+mNHOpXpXo0drCps3pb/eCKRjB9cGL+CZ83Oxeh
MuAFJWpkj//i2a6/yAs7BjvtVEHUU0BZaN7Pf9jpnqI78jGjbHy2agOjKlNrzm3v
ac6rP9hFzNZ/qAiyOmLo/EEOwx2+uihHoJAj9/B3hgrQVnRTakw854pwzRAfp0sw
3O2m4SxL4ijKNWfMW4tSzgBm/+vDRf72yMAU9eTBQce0klkRny+K9/nvQ30d66kg
7PlZCwRdM38ovVzdjV4Ez0Hws3bGeHdcy4iMzsJ0S+38bvsYcNSsOSVM7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI8xlTEP3paXjb5cZeVp+1cPQ5OYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvanpHVk1RX2VscGVOdmx4bDVXbjdWdzlEazVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJS6sN5Xb2qVrbCmalUa
CuwCfifVGmyHaL9AKTzI4P4M4eL29xVaA3jGL6IZkx0UAFdwUAyDxN/HgbnUP+J6
mRTyOM4Ie5GQzNz1aaM+qx6idPnjZTJKl9mI+0eLPsZq9HzMfM45KiQ32HzPBz79
J0/03K4qZLgAYmKBCuBKfevjxM5xL+Az0h7mAUO3I62Lo62B7XmESpwgu1RgDB4Y
KHO4pOxvS5NBUgyyfBVdmyoGqH7Tii6YyYfkhZEPOOqrHAuGq3WoZkacuZSbDW9a
LbZUry9rAze8S8LdmK1Fua16nLHIQRsSii2tY6hVnbUip3uvDdVV1UW2K+Cvhqq3
mSY=
-----END CERTIFICATE-----
Generated at Mon Jul 28 21:57:25 2025 by rpki-client