Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j3X0HC3Rar0ryu6sxuPxbuD46S0.roa
File: j3X0HC3Rar0ryu6sxuPxbuD46S0.roa (raw, json)
Hash identifier: 8uTg0Tlu/U9QLNN8WlM+VbFxc3TFa+IsiLB6aQ0tgJU=
Subject key identifier: 8F:75:F4:1C:2D:D1:6A:BD:2B:CA:EE:AC:C6:E3:F1:6E:E0:F8:E9:2D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5369AB2D60C0D5022869ECACDC177E34
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j3X0HC3Rar0ryu6sxuPxbuD46S0.roa
Signing time: Sat 21 Oct 2023 18:05:15 +0000
ROA not before: Sat 21 Oct 2023 18:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5369:4a92/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:53:69:ab:2d:60:c0:d5:02:28:69:ec:ac:dc:17:7e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 18:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f75f41c2dd16abd2bcaeeacc6e3f16ee0f8e92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ea:a0:40:9d:15:6f:e5:c1:32:e3:d7:65:d3:
05:97:21:65:3a:e4:db:78:14:3e:bc:fe:fc:99:79:
a9:02:2b:2d:2c:82:71:16:23:7e:e8:cd:71:a2:b4:
05:3f:f5:23:94:04:d6:15:d5:c9:dd:02:25:20:76:
e5:49:39:08:dc:32:13:1b:6c:3e:c1:0a:4b:cc:f5:
e3:9f:2f:cd:51:1d:9a:37:0c:40:1a:62:a3:5e:42:
15:f4:b2:a7:35:de:78:f9:26:81:45:5e:50:db:c2:
4b:36:98:b7:71:2f:72:38:1c:61:d3:59:02:45:db:
d9:63:64:25:80:7e:5c:ca:de:b2:c5:74:ad:05:2a:
4d:55:00:53:1f:86:42:fd:ef:1f:c0:34:76:8b:98:
09:13:ee:29:0f:6a:99:34:f6:75:20:22:5b:fd:52:
b2:1f:aa:85:68:19:a3:d4:e5:e4:75:4a:54:46:65:
a4:38:69:c8:6e:04:65:82:9c:75:e1:ec:96:6e:f3:
07:c1:60:a1:9a:a3:d4:67:58:6f:f3:fc:cb:b3:e0:
42:e0:be:c2:ad:74:fc:64:0b:24:12:a6:ed:c6:24:
ed:48:ee:23:e4:ab:91:db:fd:ab:c1:f0:62:de:0b:
0c:d5:ff:56:b5:66:3d:7c:9b:84:af:cc:02:9d:75:
d4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:75:F4:1C:2D:D1:6A:BD:2B:CA:EE:AC:C6:E3:F1:6E:E0:F8:E9:2D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j3X0HC3Rar0ryu6sxuPxbuD46S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:8f:2c:9b:06:b2:e5:56:8a:9b:2c:4a:86:b9:a5:51:b9:ca:
6e:d8:e3:72:fe:e5:c1:7d:72:cb:8a:8e:9e:72:f7:0a:88:44:
93:0a:ff:77:c9:19:22:36:f3:29:85:54:50:07:f5:9c:b9:50:
11:90:e5:7e:95:23:c8:26:a3:e8:a4:8b:17:a7:d2:95:89:07:
04:b8:7d:30:c2:60:3c:40:72:f8:df:6d:63:29:94:2d:fc:96:
89:d9:c1:cd:fd:42:c1:d0:52:46:5d:fd:9f:e6:e1:28:24:9c:
83:1d:c8:a6:3a:78:52:4c:cc:09:a2:97:85:ac:6a:d5:8a:d6:
dd:db:c3:1a:a6:7b:0e:20:d0:6b:b0:3c:9d:16:d1:d0:b0:e0:
5b:c5:e4:df:81:f3:c4:26:77:f2:fa:5c:59:a7:b0:70:c6:db:
51:f6:df:26:78:58:53:01:d1:87:10:97:85:b9:cc:81:8a:7b:
3c:3a:a6:71:43:cb:9d:90:4f:59:86:5c:e2:f3:f6:6d:56:99:
0c:82:fe:86:45:dc:a3:0f:84:0a:58:d1:e6:9f:35:2c:89:be:
0f:a8:7d:f6:14:9e:47:2f:fa:55:15:e6:eb:cc:96:56:18:e3:
6c:3b:a3:8f:a3:b0:f0:44:cf:d8:89:76:4d:bb:e4:17:cc:fb:
f2:6f:30:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtTaastYMDVAihp7KzcF340MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMTgwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc1ZjQxYzJkZDE2YWJkMmJjYWVlYWNjNmUzZjE2ZWUwZjhlOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieqgQJ0Vb+XBMuPXZdMFlyFlOuTb
eBQ+vP78mXmpAistLIJxFiN+6M1xorQFP/UjlATWFdXJ3QIlIHblSTkI3DITG2w+
wQpLzPXjny/NUR2aNwxAGmKjXkIV9LKnNd54+SaBRV5Q28JLNpi3cS9yOBxh01kC
RdvZY2QlgH5cyt6yxXStBSpNVQBTH4ZC/e8fwDR2i5gJE+4pD2qZNPZ1ICJb/VKy
H6qFaBmj1OXkdUpURmWkOGnIbgRlgpx14eyWbvMHwWChmqPUZ1hv8/zLs+BC4L7C
rXT8ZAskEqbtxiTtSO4j5KuR2/2rwfBi3gsM1f9WtWY9fJuEr8wCnXXUmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI919Bwt0Wq9K8rurMbj8W7g+OktMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvajNYMEhDM1JhcjByeXU2c3h1UHhidUQ0NlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWPLJsGsuVWipssSoa5
pVG5ym7Y43L+5cF9csuKjp5y9wqIRJMK/3fJGSI28ymFVFAH9Zy5UBGQ5X6VI8gm
o+ikixen0pWJBwS4fTDCYDxAcvjfbWMplC38lonZwc39QsHQUkZd/Z/m4SgknIMd
yKY6eFJMzAmil4WsatWK1t3bwxqmew4g0GuwPJ0W0dCw4FvF5N+B88Qmd/L6XFmn
sHDG21H23yZ4WFMB0YcQl4W5zIGKezw6pnFDy52QT1mGXOLz9m1WmQyC/oZF3KMP
hApY0eafNSyJvg+offYUnkcv+lUV5uvMllYY42w7o4+jsPBEz9iJdk275BfM+/Jv
MNQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:03:19 2025 by rpki-client