Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JtfIkNvVUQvjCp4E7samal1sw2I.roa
File: JtfIkNvVUQvjCp4E7samal1sw2I.roa (raw, json)
Hash identifier: VI7UdcIwPOcGaOsJ36eZmIGHM5trjn5+gr8JJn90xQs=
Subject key identifier: 26:D7:C8:90:DB:D5:51:0B:E3:0A:9E:04:EE:C6:A6:6A:5D:6C:C3:62
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B64D4497329C3F13551534E0796A755D2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JtfIkNvVUQvjCp4E7samal1sw2I.roa
Signing time: Wed 25 Oct 2023 03:15:15 +0000
ROA not before: Wed 25 Oct 2023 03:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:64:d4:49:73:29:c3:f1:35:51:53:4e:07:96:a7:55:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 03:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26d7c890dbd5510be30a9e04eec6a66a5d6cc362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6a:0e:ca:44:e1:68:75:24:8b:ec:b8:df:6c:
dc:b6:4b:aa:15:14:e7:36:57:54:42:c6:ad:6c:48:
bd:a2:fc:67:ac:c6:e1:5e:35:47:93:4d:6d:a6:85:
b8:33:81:3a:4f:d5:5b:c7:94:fc:d2:22:1d:d7:7d:
3e:a5:ed:1c:80:45:a7:58:b6:4e:36:70:4c:70:01:
b9:92:89:ff:f6:29:8e:76:0c:10:2a:c6:04:db:2f:
2b:7b:bb:03:d6:20:ae:56:c2:a3:20:dc:5d:fe:40:
e9:81:30:06:59:7e:4b:a0:0f:ba:63:f6:b8:f3:16:
17:33:d7:44:06:98:79:1b:06:41:76:75:13:fb:18:
2d:a2:d9:34:0b:fa:73:be:c0:46:cd:94:39:af:21:
47:0d:2d:ce:95:13:fe:04:48:11:22:75:04:f1:61:
51:5d:61:0a:b8:42:a4:ed:0c:f1:49:a1:3f:d2:32:
69:17:45:3f:5c:67:82:1d:f9:d2:33:7c:05:6b:6a:
b4:ba:19:0e:0a:31:ca:25:de:59:09:6a:6e:e6:09:
87:45:ea:50:28:e7:ea:2b:9b:94:17:bb:c1:ce:31:
f8:e7:97:f9:76:00:9c:c4:23:b5:4d:a6:3a:8e:6b:
8b:33:3e:4a:85:f2:b1:9d:1c:8a:57:78:43:ed:ce:
c0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D7:C8:90:DB:D5:51:0B:E3:0A:9E:04:EE:C6:A6:6A:5D:6C:C3:62
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JtfIkNvVUQvjCp4E7samal1sw2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:24:03:f8:af:bf:c8:4e:f9:16:4c:c2:09:8d:47:99:1a:f9:
7f:02:61:7b:48:a4:6d:60:03:69:16:58:88:9f:05:3b:0f:3e:
9d:a5:0a:13:b0:fc:f9:68:77:47:7d:74:9a:c7:41:e7:4e:45:
33:f0:82:60:e6:e2:a3:e7:d6:c8:6e:cd:f8:cb:9c:ef:df:ba:
c2:b0:00:ac:36:e1:61:d9:91:7d:5f:37:2c:e6:54:53:7d:78:
f4:1d:08:f4:79:6d:36:a1:07:1b:91:29:5b:f0:56:6d:1e:a2:
d3:84:38:c3:2e:eb:67:11:d4:ae:a6:24:27:7c:12:5e:97:c1:
e1:d4:3d:1a:75:d7:e7:d7:73:23:71:e1:e0:3b:f1:fd:ae:d8:
32:4f:4a:08:ad:e6:be:3d:38:f4:ae:38:4e:3d:cc:53:76:ba:
68:b5:48:35:4d:3f:7d:ad:b3:7d:35:92:a8:48:85:4b:71:9b:
fe:d0:99:18:84:7a:78:76:d8:41:4f:d7:63:ea:f1:44:d2:3a:
31:d3:d6:19:03:9e:aa:10:38:6b:9c:79:da:fa:bf:2e:39:3e:
99:45:d1:94:3f:ae:46:3e:d3:5f:0b:33:ec:f2:82:36:12:fd:
9c:7f:23:b7:fa:90:55:b6:f7:79:8e:d2:90:98:a6:7e:dc:8f:
56:11:d6:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtk1ElzKcPxNVFTTgeWp1XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MDMxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ3Yzg5MGRiZDU1MTBiZTMwYTllMDRlZWM2YTY2YTVkNmNjMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2oOykThaHUki+y432zctkuqFRTn
NldUQsatbEi9ovxnrMbhXjVHk01tpoW4M4E6T9Vbx5T80iId130+pe0cgEWnWLZO
NnBMcAG5kon/9imOdgwQKsYE2y8re7sD1iCuVsKjINxd/kDpgTAGWX5LoA+6Y/a4
8xYXM9dEBph5GwZBdnUT+xgtotk0C/pzvsBGzZQ5ryFHDS3OlRP+BEgRInUE8WFR
XWEKuEKk7QzxSaE/0jJpF0U/XGeCHfnSM3wFa2q0uhkOCjHKJd5ZCWpu5gmHRepQ
KOfqK5uUF7vBzjH455f5dgCcxCO1TaY6jmuLMz5KhfKxnRyKV3hD7c7A8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCbXyJDb1VEL4wqeBO7GpmpdbMNiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSnRmSWtOdlZVUXZqQ3A0RTdzYW1hbDFzdzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8kA/ivv8hO+RZMwgmN
R5ka+X8CYXtIpG1gA2kWWIifBTsPPp2lChOw/Plod0d9dJrHQedORTPwgmDm4qPn
1shuzfjLnO/fusKwAKw24WHZkX1fNyzmVFN9ePQdCPR5bTahBxuRKVvwVm0eotOE
OMMu62cR1K6mJCd8El6XweHUPRp11+fXcyNx4eA78f2u2DJPSgit5r49OPSuOE49
zFN2umi1SDVNP32ts301kqhIhUtxm/7QmRiEenh22EFP12Pq8UTSOjHT1hkDnqoQ
OGucedr6vy45PplF0ZQ/rkY+018LM+zygjYS/Zx/I7f6kFW293mO0pCYpn7cj1YR
1g8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:53:40 2025 by rpki-client