Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JkTsA4Bnku8peuvlNBzOrF2AaDg.roa
File: JkTsA4Bnku8peuvlNBzOrF2AaDg.roa (raw, json)
Hash identifier: v1nr3Bnp6QpPtB5WJyHaguhIAPz/l/m5DIpBviX+1aM=
Subject key identifier: 26:44:EC:03:80:67:92:EF:29:7A:EB:E5:34:1C:CE:AC:5D:80:68:38
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7B5788CF452A053D78663F030B3215ED
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JkTsA4Bnku8peuvlNBzOrF2AaDg.roa
Signing time: Sun 29 Oct 2023 12:10:16 +0000
ROA not before: Sun 29 Oct 2023 12:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7b:57:88:cf:45:2a:05:3d:78:66:3f:03:0b:32:15:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 12:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2644ec03806792ef297aebe5341cceac5d806838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:5d:e5:3e:91:1f:e6:65:c2:a8:d0:b2:75:
e4:1a:e9:07:8f:7a:29:49:c8:71:c3:6f:d1:88:15:
f1:d2:23:c8:6d:e0:bd:6e:80:e9:1b:d0:fc:99:b6:
c0:20:05:85:67:21:f0:b0:22:54:cb:b2:8d:9a:21:
11:f9:9d:20:49:8a:01:d4:e7:cc:14:19:5c:73:68:
81:0a:d9:e3:6b:93:9a:a0:3e:55:a1:26:5d:f3:d3:
fd:76:62:46:0e:26:1e:19:32:10:4b:03:99:89:b8:
41:ad:6b:50:0c:f5:70:e0:c5:c6:d5:4a:9d:31:2e:
15:2e:35:23:65:a0:85:38:bc:aa:f4:39:1b:f7:d5:
f2:94:79:21:7e:78:b0:13:6f:4c:d1:89:53:e6:4a:
67:69:f5:43:5a:83:83:ca:4b:4b:e1:87:8b:47:0a:
bb:3f:9e:7a:dc:73:bc:90:95:7c:4c:e2:74:24:37:
e8:63:a6:3a:fb:bc:bb:29:1b:a6:38:05:fd:79:20:
04:df:78:19:3b:b7:34:21:81:fb:24:df:65:39:a4:
d8:8d:9c:53:f3:36:d0:f4:3d:7b:bf:9c:dc:cc:82:
7b:6d:3f:c3:6b:ed:51:8c:7e:b6:cd:df:e1:25:6e:
64:e6:75:1c:91:a6:b2:87:e4:23:5a:d5:68:61:2e:
f4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:44:EC:03:80:67:92:EF:29:7A:EB:E5:34:1C:CE:AC:5D:80:68:38
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JkTsA4Bnku8peuvlNBzOrF2AaDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:a2:9d:31:b1:53:af:1e:b7:2d:44:f2:c3:9a:12:de:2d:4b:
cf:94:01:23:be:c3:52:32:25:39:cc:3b:e5:bf:3a:00:1a:f6:
49:03:42:24:f4:b3:92:39:5a:53:45:67:2b:10:9d:24:c7:06:
ec:20:d7:65:05:d1:e2:96:e5:fe:f1:c0:bc:55:7a:f1:bf:76:
47:9f:74:32:5a:0c:56:e5:cc:54:9c:6a:7e:05:d6:44:8e:56:
9d:26:b1:27:85:7a:47:66:9e:d2:8c:44:fb:6c:88:14:bb:4c:
0e:d6:ab:84:77:ed:41:4a:58:4c:55:67:67:f9:96:80:03:16:
41:18:3b:62:5c:7b:27:15:08:8e:f7:3a:e3:a3:22:38:65:76:
4b:49:76:54:bf:d0:b3:f0:14:d9:5d:f9:05:47:90:15:f2:3e:
92:13:c6:dc:6a:6c:d2:45:2a:a0:b7:74:10:00:fa:d8:d6:42:
76:7e:39:2b:5f:7c:44:9b:4a:34:a2:ee:c5:a3:e4:a3:31:c3:
27:58:50:0e:22:93:f5:93:2a:2b:77:54:a2:4e:21:29:db:9e:
e6:b2:95:c4:2e:c7:3c:5f:da:78:0d:a0:34:91:4a:d0:99:fd:
c3:16:a0:87:a8:65:79:52:3e:4f:fe:f7:2c:de:71:d8:74:0e:
e2:73:d2:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt7V4jPRSoFPXhmPwMLMhXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTIxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ0ZWMwMzgwNjc5MmVmMjk3YWViZTUzNDFjY2VhYzVkODA2ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT5d5T6RH+ZlwqjQsnXkGukHj3op
Schxw2/RiBXx0iPIbeC9boDpG9D8mbbAIAWFZyHwsCJUy7KNmiER+Z0gSYoB1OfM
FBlcc2iBCtnja5OaoD5VoSZd89P9dmJGDiYeGTIQSwOZibhBrWtQDPVw4MXG1Uqd
MS4VLjUjZaCFOLyq9Dkb99XylHkhfniwE29M0YlT5kpnafVDWoODyktL4YeLRwq7
P5563HO8kJV8TOJ0JDfoY6Y6+7y7KRumOAX9eSAE33gZO7c0IYH7JN9lOaTYjZxT
8zbQ9D17v5zczIJ7bT/Da+1RjH62zd/hJW5k5nUckaayh+QjWtVoYS70wQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCZE7AOAZ5LvKXrr5TQczqxdgGg4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSmtUc0E0Qm5rdThwZXV2bE5Cek9yRjJBYURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiinTGxU68ety1E8sOa
Et4tS8+UASO+w1IyJTnMO+W/OgAa9kkDQiT0s5I5WlNFZysQnSTHBuwg12UF0eKW
5f7xwLxVevG/dkefdDJaDFblzFScan4F1kSOVp0msSeFekdmntKMRPtsiBS7TA7W
q4R37UFKWExVZ2f5loADFkEYO2JceycVCI73OuOjIjhldktJdlS/0LPwFNld+QVH
kBXyPpITxtxqbNJFKqC3dBAA+tjWQnZ+OStffESbSjSi7sWj5KMxwydYUA4ik/WT
Kit3VKJOISnbnuaylcQuxzxf2ngNoDSRStCZ/cMWoIeoZXlSPk/+9yzecdh0DuJz
0oA=
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:49:02 2025 by rpki-client