Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J3BqY0-Cf29PysXLo6hX2PDCQWA.roa
File: J3BqY0-Cf29PysXLo6hX2PDCQWA.roa (raw, json)
Hash identifier: +WA3Ea7iAFHy/ddfe5qsPsHt5BhE2Z+NjTa/9eURFCE=
Subject key identifier: 27:70:6A:63:4F:82:7F:6F:4F:CA:C5:CB:A3:A8:57:D8:F0:C2:41:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1C4D157EA864C997C25E0D6224BF8C00
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J3BqY0-Cf29PysXLo6hX2PDCQWA.roa
Signing time: Wed 11 Oct 2023 01:14:55 +0000
ROA not before: Wed 11 Oct 2023 01:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1c:4d:15:7e:a8:64:c9:97:c2:5e:0d:62:24:bf:8c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 01:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27706a634f827f6f4fcac5cba3a857d8f0c24160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:d5:09:35:9d:58:23:37:4d:b4:6c:7b:5c:
f1:a2:18:8d:02:91:d6:52:ba:ae:1c:e0:8e:18:bc:
6e:6c:16:47:9d:e3:ec:50:31:0f:e3:5f:f7:98:22:
fc:e1:f4:94:d6:2c:b3:5e:5e:98:23:83:69:4e:f4:
ba:97:03:c3:06:d5:3c:0b:96:a0:a6:6e:9a:d1:d2:
30:7a:a7:16:d9:92:06:e7:d8:10:ab:60:ac:c3:a9:
bb:39:e7:65:e9:af:65:27:ca:5e:da:84:6d:36:29:
17:f6:c1:4c:89:13:e7:83:8a:69:7d:ff:69:43:ce:
b8:a6:76:cf:a1:d4:ad:50:35:5c:af:83:8b:51:c8:
46:16:f7:b4:bb:53:51:59:87:28:25:af:80:19:d5:
9d:ef:5b:59:1d:c4:28:3c:14:35:63:e4:7d:d5:52:
2f:17:a3:cf:8d:f4:af:f1:b0:20:47:20:37:89:15:
fd:1e:30:6b:52:64:5d:76:10:5b:eb:3e:15:7e:33:
3b:b6:f6:2a:da:4b:ff:e2:3b:0b:54:70:4c:7a:ce:
7b:00:95:e3:31:89:8d:1b:13:ed:96:1e:f8:bc:68:
e3:ee:af:f0:62:5a:37:df:45:f9:d8:2a:ab:2f:cf:
80:de:95:4f:bb:28:0e:29:a7:0a:6e:8b:8f:b0:92:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:70:6A:63:4F:82:7F:6F:4F:CA:C5:CB:A3:A8:57:D8:F0:C2:41:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J3BqY0-Cf29PysXLo6hX2PDCQWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:ac:e4:0e:eb:6a:f0:6d:45:6f:82:a1:22:96:74:78:3c:fc:
42:db:9c:b4:b8:5a:3f:c9:7a:24:9c:f2:91:f5:92:69:b0:e2:
e2:09:10:e4:55:04:e2:93:05:b5:65:4d:1d:b6:17:6a:9f:e2:
d9:75:cf:65:76:74:90:31:10:76:a3:1e:85:7f:9d:b3:db:a4:
ed:02:df:ba:41:c9:76:29:c5:f5:13:b6:32:20:da:6a:0f:bb:
3c:05:c2:42:f0:d8:22:93:6b:62:94:44:2b:30:6d:35:00:1f:
50:65:84:e6:39:e3:b9:dc:b4:3d:d1:3a:42:45:db:31:28:2f:
8c:0e:d9:4c:3c:60:6a:35:76:eb:a4:4a:59:1f:2f:4c:f8:1b:
9d:3e:06:93:45:05:63:2a:bc:b3:34:25:4b:f6:88:12:27:72:
0d:85:d5:3f:3f:9e:12:2f:60:45:d5:3e:45:25:78:ea:63:7d:
d3:ec:99:e5:0e:49:48:9b:f8:a9:81:26:9a:57:dc:c2:8d:ee:
5b:c4:f8:0e:16:be:95:e2:b9:de:fa:bf:f3:83:00:05:de:86:
86:ea:c2:3f:e6:f9:ad:49:a2:e5:f9:7a:22:69:8b:36:c8:f5:
fe:99:74:fc:3f:c3:91:0f:01:d3:9f:be:c1:65:6e:da:64:ae:
28:cd:3f:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYscTRV+qGTJl8JeDWIkv4wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMDExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzcwNmE2MzRmODI3ZjZmNGZjYWM1Y2JhM2E4NTdkOGYwYzI0MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcvVCTWdWCM3TbRse1zxohiNApHW
UrquHOCOGLxubBZHnePsUDEP41/3mCL84fSU1iyzXl6YI4NpTvS6lwPDBtU8C5ag
pm6a0dIweqcW2ZIG59gQq2Csw6m7Oedl6a9lJ8pe2oRtNikX9sFMiRPng4ppff9p
Q864pnbPodStUDVcr4OLUchGFve0u1NRWYcoJa+AGdWd71tZHcQoPBQ1Y+R91VIv
F6PPjfSv8bAgRyA3iRX9HjBrUmRddhBb6z4VfjM7tvYq2kv/4jsLVHBMes57AJXj
MYmNGxPtlh74vGjj7q/wYlo330X52CqrL8+A3pVPuygOKacKbouPsJLE3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCdwamNPgn9vT8rFy6OoV9jwwkFgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSjNCcVkwLUNmMjlQeXNYTG82aFgyUERDUVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFis5A7ravBtRW+CoSKW
dHg8/ELbnLS4Wj/JeiSc8pH1kmmw4uIJEORVBOKTBbVlTR22F2qf4tl1z2V2dJAx
EHajHoV/nbPbpO0C37pByXYpxfUTtjIg2moPuzwFwkLw2CKTa2KURCswbTUAH1Bl
hOY547nctD3ROkJF2zEoL4wO2Uw8YGo1duukSlkfL0z4G50+BpNFBWMqvLM0JUv2
iBIncg2F1T8/nhIvYEXVPkUleOpjfdPsmeUOSUib+KmBJppX3MKN7lvE+A4WvpXi
ud76v/ODAAXehobqwj/m+a1JouX5eiJpizbI9f6ZdPw/w5EPAdOfvsFlbtpkrijN
P8A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:50:23 2025 by rpki-client