Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFODn-aSt49Nnel_Y8xP6BSHho0.roa
File: JFODn-aSt49Nnel_Y8xP6BSHho0.roa (raw, json)
Hash identifier: iV+vN/WD+6X8C/k9jmd+ZyemG5jTkKSri/Grg7QbI50=
Subject key identifier: 24:53:83:9F:E6:92:B7:8F:4D:9D:E9:7F:63:CC:4F:E8:14:87:86:8D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE11319A1752F43EB4B32B3A9514A1DAE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFODn-aSt49Nnel_Y8xP6BSHho0.roa
Signing time: Fri 29 Sep 2023 13:13:59 +0000
ROA not before: Fri 29 Sep 2023 13:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:13:19:a1:75:2f:43:eb:4b:32:b3:a9:51:4a:1d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 13:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2453839fe692b78f4d9de97f63cc4fe81487868d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e4:4b:ea:d7:91:13:de:fb:8b:46:2e:92:e4:
94:bd:00:e6:4e:29:a9:0b:3a:66:eb:83:c7:3b:4b:
b9:6f:5f:75:5f:ca:7e:6b:69:c9:08:67:35:7b:58:
6f:11:9f:86:60:a7:a8:da:7f:ad:0c:59:e6:58:f2:
bb:27:b0:b3:d3:d8:58:4f:be:ba:ac:65:9e:67:3d:
f4:9a:e3:10:36:60:a5:19:2f:50:e7:00:05:e8:eb:
bc:09:77:ea:0c:b3:6b:1f:6f:2a:e1:18:1b:ac:bf:
44:f3:6c:b3:84:76:9f:af:ed:41:b6:58:ed:8c:3e:
1e:a1:de:0a:4a:b3:3c:fa:3f:43:62:fa:9c:ac:8b:
ff:5c:69:d7:51:81:99:16:4f:8f:a6:fa:3b:00:eb:
b6:16:eb:57:bd:26:88:2f:77:93:8d:ca:cc:31:02:
77:a2:50:6d:b3:53:8c:23:d3:4c:df:ae:a3:82:65:
c5:d3:55:65:d4:73:94:e5:cb:ff:ee:da:e5:c2:85:
4e:9f:5c:22:3c:71:3f:1e:b6:cc:c6:6f:6d:c9:0b:
b4:bd:6d:c9:d3:79:12:8b:83:af:25:dc:53:63:b2:
c4:af:46:a5:31:53:95:f6:08:a9:33:0c:df:83:fb:
e3:0b:c6:66:bc:4f:ea:8d:13:05:6d:c6:42:8a:82:
ba:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:53:83:9F:E6:92:B7:8F:4D:9D:E9:7F:63:CC:4F:E8:14:87:86:8D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFODn-aSt49Nnel_Y8xP6BSHho0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:8d:64:4f:2c:94:5e:7b:aa:c0:b7:0d:9f:58:c3:9c:23:a8:
2e:8e:79:3e:a7:f1:6b:1b:46:0e:09:70:7b:82:1e:8d:a2:7e:
3b:18:0a:d7:31:c9:14:44:27:ed:32:69:c2:37:c9:d1:23:b6:
e2:3c:a3:42:72:0c:b6:ff:a8:e3:b8:bb:b2:7a:f0:ec:b4:85:
84:52:50:4c:b7:a5:7c:a9:30:93:dc:10:7b:b2:ec:e5:30:b3:
11:e2:53:35:8a:86:fe:ef:51:24:9c:36:08:a7:5b:3e:8f:76:
a8:c0:24:e4:4a:02:f6:48:d9:24:e0:82:9c:db:4e:38:5a:10:
d1:0b:c9:e8:08:89:33:51:81:33:f2:8d:f1:ca:82:98:23:42:
58:24:d4:5d:2f:eb:0f:da:3e:84:2a:6f:59:62:2f:f6:fa:41:
6a:a1:c3:6c:03:68:88:bf:e2:b8:b7:d1:ba:08:1b:94:7e:24:
13:98:36:fa:96:c8:f0:20:87:65:b6:a0:2c:99:09:b1:ec:f9:
49:d9:c2:f2:47:d4:79:ac:98:3b:49:f3:78:ec:7e:12:55:f8:
8f:4a:a3:c8:43:80:70:c0:1d:dc:17:5c:40:5c:1f:0b:6a:79:
1b:39:88:6f:54:52:d2:ee:63:fd:33:d8:52:5b:9d:46:9f:0e:
19:a1:b3:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrhExmhdS9D60sys6lRSh2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MTMxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDUzODM5ZmU2OTJiNzhmNGQ5ZGU5N2Y2M2NjNGZlODE0ODc4NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnORL6teRE977i0YukuSUvQDmTimp
Czpm64PHO0u5b191X8p+a2nJCGc1e1hvEZ+GYKeo2n+tDFnmWPK7J7Cz09hYT766
rGWeZz30muMQNmClGS9Q5wAF6Ou8CXfqDLNrH28q4RgbrL9E82yzhHafr+1Btljt
jD4eod4KSrM8+j9DYvqcrIv/XGnXUYGZFk+Ppvo7AOu2FutXvSaIL3eTjcrMMQJ3
olBts1OMI9NM366jgmXF01Vl1HOU5cv/7trlwoVOn1wiPHE/HrbMxm9tyQu0vW3J
03kSi4OvJdxTY7LEr0alMVOV9gipMwzfg/vjC8ZmvE/qjRMFbcZCioK6PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCRTg5/mkrePTZ3pf2PMT+gUh4aNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSkZPRG4tYVN0NDlObmVsX1k4eFA2QlNIaG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI6NZE8slF57qsC3DZ9Y
w5wjqC6OeT6n8WsbRg4JcHuCHo2ifjsYCtcxyRREJ+0yacI3ydEjtuI8o0JyDLb/
qOO4u7J68Oy0hYRSUEy3pXypMJPcEHuy7OUwsxHiUzWKhv7vUSScNginWz6PdqjA
JORKAvZI2STggpzbTjhaENELyegIiTNRgTPyjfHKgpgjQlgk1F0v6w/aPoQqb1li
L/b6QWqhw2wDaIi/4ri30boIG5R+JBOYNvqWyPAgh2W2oCyZCbHs+UnZwvJH1Hms
mDtJ83jsfhJV+I9Ko8hDgHDAHdwXXEBcHwtqeRs5iG9UUtLuY/0z2FJbnUafDhmh
sw4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:46:42 2025 by rpki-client