Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pjnC_-mxbS2PVtDHe1n-8OqafDU.roa
File: pjnC_-mxbS2PVtDHe1n-8OqafDU.roa (raw, json)
Hash identifier: ECP/81F0e6GiW4Blo/6DNj1iPv4j+/Ig+CZ4iznh2w8=
Subject key identifier: A6:39:C2:FF:E9:B1:6D:2D:8F:56:D0:C7:7B:59:FE:F0:EA:9A:7C:35
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2EECD3862C675288FA60CCAED30D1456
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pjnC_-mxbS2PVtDHe1n-8OqafDU.roa
Signing time: Sun 03 Dec 2023 09:05:21 +0000
ROA not before: Sun 03 Dec 2023 09:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:2eec:ee0/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2e:ec:d3:86:2c:67:52:88:fa:60:cc:ae:d3:0d:14:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 09:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a639c2ffe9b16d2d8f56d0c77b59fef0ea9a7c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fc:0d:30:76:74:27:9d:74:2e:a0:5f:c2:a8:
43:07:28:60:3e:52:20:6c:30:e4:2c:97:48:a8:ed:
58:09:e7:5a:65:50:0a:91:cd:4d:bd:a0:26:7f:98:
06:e0:f8:63:cc:a8:36:d9:e2:b4:12:b0:14:54:4b:
61:d2:fa:7f:3d:9c:d5:2a:1a:fa:f4:da:9d:29:34:
83:9b:e9:26:b4:01:ac:7b:f9:3d:02:d9:4a:6a:9c:
b0:0d:14:fe:f6:86:20:f3:72:71:b4:05:08:32:ce:
56:6e:3a:f2:97:e7:29:ac:36:88:88:ed:64:bf:fe:
10:db:90:58:ba:d9:7c:4d:e9:3d:9c:5b:b2:fa:30:
6b:cf:e5:43:50:c2:dc:b6:4b:b5:31:fc:b9:ef:a8:
ea:71:ac:6b:f4:cb:f9:a4:7a:3a:c3:b1:75:98:02:
fb:1f:0c:45:8d:55:87:dc:58:d5:66:9a:c9:07:26:
dc:8f:36:0d:77:52:b0:bd:59:a9:dc:80:ae:25:5a:
ab:0a:51:8d:43:26:01:51:8b:01:05:da:ad:ae:3f:
3b:4c:ad:25:4c:06:95:e6:41:8c:c0:09:62:52:bf:
00:40:a4:51:f8:8b:a9:35:af:de:ee:8c:2a:7b:63:
53:2b:d8:11:1b:cf:1d:17:3b:32:65:d6:74:39:c2:
c0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:39:C2:FF:E9:B1:6D:2D:8F:56:D0:C7:7B:59:FE:F0:EA:9A:7C:35
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pjnC_-mxbS2PVtDHe1n-8OqafDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cd:45:9f:7a:86:d0:f3:77:e6:82:29:cc:b4:24:32:a3:8e:07:
a8:1a:14:b3:0b:ed:2f:da:4e:06:c4:cb:6c:7d:00:6b:0d:10:
f6:9b:b1:21:e5:68:0d:18:42:d8:7e:2c:02:11:02:19:64:e3:
0c:6a:fc:14:0a:23:5f:e5:89:6e:f5:64:5b:7b:20:46:1e:4d:
c2:b5:4f:fa:f3:80:8e:0b:07:ba:6f:09:a5:ec:e9:8e:63:ae:
84:df:af:ee:e7:c2:b1:ad:15:b5:3d:c0:ef:92:64:52:73:39:
c3:99:ea:61:8c:22:fb:c3:cc:36:1a:58:0e:75:2f:46:2d:ff:
3e:0c:a3:d5:80:59:69:56:ac:c7:c3:b0:ac:e2:f3:a0:24:be:
5c:17:cc:c5:96:8a:31:ec:68:2c:9e:64:4a:7a:a6:f9:36:ef:
97:ae:6e:c9:34:28:8e:4c:ed:5d:bc:a7:db:ea:e9:51:c9:80:
99:f4:55:41:66:9b:23:05:d4:95:8c:6f:f8:c8:22:e6:54:bd:
17:89:7a:d3:08:95:f2:70:9a:38:de:e2:23:42:b9:9c:a4:f6:
c1:52:f1:59:31:04:48:76:6d:7b:81:56:ae:23:c2:38:68:a6:
7d:c4:57:31:25:1b:b3:f5:fc:72:66:02:e1:b6:dc:e9:11:f2:
fd:7e:6a:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwu7NOGLGdSiPpgzK7TDRRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMDkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjM5YzJmZmU5YjE2ZDJkOGY1NmQwYzc3YjU5ZmVmMGVhOWE3YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvwNMHZ0J510LqBfwqhDByhgPlIg
bDDkLJdIqO1YCedaZVAKkc1NvaAmf5gG4PhjzKg22eK0ErAUVEth0vp/PZzVKhr6
9NqdKTSDm+kmtAGse/k9AtlKapywDRT+9oYg83JxtAUIMs5Wbjryl+cprDaIiO1k
v/4Q25BYutl8Tek9nFuy+jBrz+VDUMLctku1Mfy576jqcaxr9Mv5pHo6w7F1mAL7
HwxFjVWH3FjVZprJBybcjzYNd1KwvVmp3ICuJVqrClGNQyYBUYsBBdqtrj87TK0l
TAaV5kGMwAliUr8AQKRR+IupNa/e7owqe2NTK9gRG88dFzsyZdZ0OcLA/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKY5wv/psW0tj1bQx3tZ/vDqmnw1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcGpuQ18tbXhiUzJQVnRESGUxbi04T3FhZkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM1Fn3qG0PN35oIpzLQk
MqOOB6gaFLML7S/aTgbEy2x9AGsNEPabsSHlaA0YQth+LAIRAhlk4wxq/BQKI1/l
iW71ZFt7IEYeTcK1T/rzgI4LB7pvCaXs6Y5jroTfr+7nwrGtFbU9wO+SZFJzOcOZ
6mGMIvvDzDYaWA51L0Yt/z4Mo9WAWWlWrMfDsKzi86AkvlwXzMWWijHsaCyeZEp6
pvk275eubsk0KI5M7V28p9vq6VHJgJn0VUFmmyMF1JWMb/jIIuZUvReJetMIlfJw
mjje4iNCuZyk9sFS8VkxBEh2bXuBVq4jwjhopn3EVzElG7P1/HJmAuG23OkR8v1+
apQ=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:01:52 2025 by rpki-client