Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDvhJRD_PNxS-TkjxPg-BGUw21c.roa
File: JDvhJRD_PNxS-TkjxPg-BGUw21c.roa (raw, json)
Hash identifier: 8RligdDywDDEbzB+Tc5UfDAASZFJJSebszVsz0jbYSk=
Subject key identifier: 24:3B:E1:25:10:FF:3C:DC:52:F9:39:23:C4:F8:3E:04:65:30:DB:57
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAFEBCB855D351B5BE1FB8CD33211B0AB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDvhJRD_PNxS-TkjxPg-BGUw21c.roa
Signing time: Fri 16 Feb 2024 03:18:02 +0000
ROA not before: Fri 16 Feb 2024 03:18:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:eb:cb:85:5d:35:1b:5b:e1:fb:8c:d3:32:11:b0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 03:18:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=243be12510ff3cdc52f93923c4f83e046530db57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:75:79:46:85:01:59:88:22:50:3d:79:50:
da:0b:85:fa:7f:60:fe:1b:37:ee:f0:14:05:aa:1d:
37:25:96:72:a9:8c:c4:64:bb:fa:31:09:30:f2:3b:
aa:d7:ef:7a:ab:d3:36:5f:90:c6:a9:e5:44:54:de:
af:34:ae:64:42:17:e8:9c:08:30:17:cb:c2:d5:76:
5b:1d:db:89:c4:86:28:c6:33:40:a4:45:a2:96:c3:
83:ae:f4:2c:42:3d:bb:34:c9:31:2e:f9:3b:ab:26:
74:47:2f:6c:21:c3:3e:82:2f:61:55:95:dc:c8:33:
d4:d3:16:e4:0d:18:b7:28:36:67:17:4e:df:a6:93:
98:18:85:6f:01:c6:58:f1:3a:9e:83:34:61:16:3e:
40:31:9b:a9:af:74:b1:b0:a9:63:0d:ba:30:5c:c4:
a7:8d:e3:67:72:71:d8:f3:63:e1:95:4f:01:42:5a:
18:f9:7e:1d:a1:d8:11:a5:b5:76:4f:f8:d9:fb:1e:
4e:24:2d:2b:66:08:e3:99:52:4e:7e:e6:30:5d:63:
58:2a:59:0b:11:63:3e:32:a3:9b:87:d2:4c:9a:20:
91:18:4e:2c:65:bf:5b:5e:bc:fa:8e:44:d7:f1:2f:
08:9c:b4:4f:35:90:0c:af:0b:82:99:6c:68:38:09:
cd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3B:E1:25:10:FF:3C:DC:52:F9:39:23:C4:F8:3E:04:65:30:DB:57
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JDvhJRD_PNxS-TkjxPg-BGUw21c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:c5:18:1c:d5:d7:54:20:5f:55:8a:e3:2e:e1:4e:46:a9:6e:
8c:51:5b:3a:25:25:ba:9c:6f:df:d0:93:28:66:b9:5a:53:3c:
0c:f6:b9:2f:19:9b:23:f2:9d:a2:1a:37:c3:ab:63:d7:93:9b:
56:4c:a1:8b:ba:38:5f:e0:ac:91:ac:1f:6e:58:0f:75:1c:d4:
13:8d:9d:a6:9b:6f:36:87:c9:4b:f6:da:f9:53:b2:33:42:53:
1e:04:3a:6d:a3:7f:ab:7e:3c:92:32:45:88:2f:32:31:32:6b:
eb:05:fe:68:ff:33:7f:ea:0b:20:27:a2:f3:f3:3e:c5:74:38:
29:2c:27:de:8f:e9:58:32:fb:13:bf:c1:f5:90:e1:af:c6:bf:
14:7f:8a:ba:14:22:62:77:9c:2a:c9:da:b1:c5:73:7f:55:5e:
2d:94:be:3a:16:2e:f6:3a:2e:65:fa:06:08:93:d5:4e:a1:f7:
96:61:ba:4d:82:58:36:c4:cf:cf:61:19:e9:9c:03:82:ec:99:
f8:6d:0d:ba:6c:33:56:fa:62:22:d4:22:f6:13:ff:d5:b5:95:
15:ec:8d:2a:11:04:25:d7:12:96:7b:a3:72:2a:25:07:d6:32:
cf:b3:c1:46:ee:38:1b:95:3a:26:e5:4f:68:87:f7:fe:98:83:
2d:3e:47:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2v68uFXTUbW+H7jNMyEbCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MDMxODAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNiZTEyNTEwZmYzY2RjNTJmOTM5MjNjNGY4M2UwNDY1MzBkYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktZ1eUaFAVmIIlA9eVDaC4X6f2D+
Gzfu8BQFqh03JZZyqYzEZLv6MQkw8juq1+96q9M2X5DGqeVEVN6vNK5kQhfonAgw
F8vC1XZbHduJxIYoxjNApEWilsODrvQsQj27NMkxLvk7qyZ0Ry9sIcM+gi9hVZXc
yDPU0xbkDRi3KDZnF07fppOYGIVvAcZY8TqegzRhFj5AMZupr3SxsKljDbowXMSn
jeNncnHY82PhlU8BQloY+X4dodgRpbV2T/jZ+x5OJC0rZgjjmVJOfuYwXWNYKlkL
EWM+MqObh9JMmiCRGE4sZb9bXrz6jkTX8S8InLRPNZAMrwuCmWxoOAnNjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQ74SUQ/zzcUvk5I8T4PgRlMNtXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSkR2aEpSRF9QTnhTLVRranhQZy1CR1V3MjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEXFGBzV11QgX1WK4y7h
TkapboxRWzolJbqcb9/QkyhmuVpTPAz2uS8ZmyPynaIaN8OrY9eTm1ZMoYu6OF/g
rJGsH25YD3Uc1BONnaabbzaHyUv22vlTsjNCUx4EOm2jf6t+PJIyRYgvMjEya+sF
/mj/M3/qCyAnovPzPsV0OCksJ96P6Vgy+xO/wfWQ4a/GvxR/iroUImJ3nCrJ2rHF
c39VXi2UvjoWLvY6LmX6BgiT1U6h95Zhuk2CWDbEz89hGemcA4LsmfhtDbpsM1b6
YiLUIvYT/9W1lRXsjSoRBCXXEpZ7o3IqJQfWMs+zwUbuOBuVOiblT2iH9/6Ygy0+
R6U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:04:04 2025 by rpki-client