Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jBhUpw9os251lTAU5uRLR7cfKbM.roa
File: jBhUpw9os251lTAU5uRLR7cfKbM.roa (raw, json)
Hash identifier: 7F34XG8/0brp0LjZcuSp2GBsxt8yDHBubpPmPehp/YA=
Subject key identifier: 8C:18:54:A7:0F:68:B3:6E:75:95:30:14:E6:E4:4B:47:B7:1F:29:B3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B522A26727D7CDEED7DAAF8627DF41D50
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jBhUpw9os251lTAU5uRLR7cfKbM.roa
Signing time: Sat 21 Oct 2023 12:16:15 +0000
ROA not before: Sat 21 Oct 2023 12:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:52:2a:26:72:7d:7c:de:ed:7d:aa:f8:62:7d:f4:1d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 12:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c1854a70f68b36e75953014e6e44b47b71f29b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:5b:d7:16:00:cf:ea:2e:b3:e8:85:f6:b8:
b2:39:7c:41:a3:be:a8:24:6b:49:8b:d4:e5:46:92:
56:89:6c:68:54:c1:21:37:2c:cc:10:2b:b4:ba:4e:
c6:51:a3:46:1e:06:c4:97:c7:80:43:bd:36:0e:dd:
aa:25:8a:dd:9e:c8:b4:92:80:b6:c9:e7:b1:9b:50:
b3:a9:d1:56:58:0e:6c:9f:f0:ee:27:e0:c1:ba:7f:
55:a9:e7:1b:d3:1f:93:48:79:28:14:90:8e:a6:60:
ad:50:95:bd:22:ae:ea:c6:e1:bf:f2:7b:3e:3f:1f:
78:79:19:12:9d:be:92:48:d9:2a:84:59:8d:47:89:
94:89:c6:3a:74:92:61:3c:20:fe:2c:00:8f:50:4e:
40:31:04:ee:95:f3:f5:23:c0:13:d2:2f:db:39:bd:
d5:4f:4c:64:96:ff:d2:72:2f:a3:ce:97:ee:57:c7:
75:e7:60:52:5d:81:c4:e3:58:18:27:9c:6c:0d:10:
63:14:3a:17:ac:ed:48:e8:67:7c:e8:95:eb:a9:d0:
81:91:e8:00:6d:71:e3:36:e3:99:70:85:a0:20:45:
b5:07:56:47:4f:4b:6e:2f:ca:28:2d:54:9c:da:29:
bc:0d:8c:b9:27:cb:d5:9b:d2:c6:5c:08:a3:66:97:
cc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:18:54:A7:0F:68:B3:6E:75:95:30:14:E6:E4:4B:47:B7:1F:29:B3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jBhUpw9os251lTAU5uRLR7cfKbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:a3:c9:c8:16:ab:a1:b4:07:a0:05:71:9d:28:1f:c0:2a:39:
68:fa:54:9b:6a:93:8c:9a:b7:42:08:0c:54:99:e3:06:a2:28:
9d:ff:d5:90:bc:29:7e:76:e3:6e:3f:62:6f:0c:02:e4:2b:79:
be:ea:00:18:1a:cc:a6:f6:07:5e:fe:d1:7f:b8:af:eb:74:cb:
50:b0:bc:66:8d:d3:ed:1c:21:03:b4:89:a4:a0:6d:98:f8:76:
48:1b:21:22:5b:64:88:44:e6:72:f8:e8:bd:3b:98:99:a6:99:
49:79:28:0c:06:40:6d:61:4f:5d:e1:ad:83:de:df:1f:ac:64:
7c:db:be:bc:51:a7:21:6b:d8:a1:b1:71:fd:2b:ab:bf:16:db:
dd:27:eb:fe:59:74:93:ab:10:69:36:a8:fe:ec:0a:31:c1:de:
e0:8b:e0:18:25:1a:36:4e:7a:3c:3e:cf:e6:f0:d0:b9:62:b7:
2b:58:69:f5:d4:28:6c:95:8c:26:2b:af:fb:5a:ce:d1:85:c1:
e8:1d:dc:4e:c7:6b:fb:3a:fa:e1:57:96:26:20:ef:60:54:c8:
70:65:51:cb:cd:53:b8:9b:2a:20:a1:d7:9c:c0:1b:8b:1e:c4:
fb:24:e5:e5:2f:92:f8:b1:8f:eb:10:be:d9:37:46:26:98:bb:
7f:f9:fd:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtSKiZyfXze7X2q+GJ99B1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMTIxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzE4NTRhNzBmNjhiMzZlNzU5NTMwMTRlNmU0NGI0N2I3MWYyOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVhb1xYAz+ous+iF9riyOXxBo76o
JGtJi9TlRpJWiWxoVMEhNyzMECu0uk7GUaNGHgbEl8eAQ702Dt2qJYrdnsi0koC2
yeexm1CzqdFWWA5sn/DuJ+DBun9Vqecb0x+TSHkoFJCOpmCtUJW9Iq7qxuG/8ns+
Px94eRkSnb6SSNkqhFmNR4mUicY6dJJhPCD+LACPUE5AMQTulfP1I8AT0i/bOb3V
T0xklv/Sci+jzpfuV8d152BSXYHE41gYJ5xsDRBjFDoXrO1I6Gd86JXrqdCBkegA
bXHjNuOZcIWgIEW1B1ZHT0tuL8ooLVSc2im8DYy5J8vVm9LGXAijZpfMNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIwYVKcPaLNudZUwFObkS0e3HymzMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvakJoVXB3OW9zMjUxbFRBVTV1UkxSN2NmS2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE2jycgWq6G0B6AFcZ0o
H8AqOWj6VJtqk4yat0IIDFSZ4waiKJ3/1ZC8KX52424/Ym8MAuQreb7qABgazKb2
B17+0X+4r+t0y1CwvGaN0+0cIQO0iaSgbZj4dkgbISJbZIhE5nL46L07mJmmmUl5
KAwGQG1hT13hrYPe3x+sZHzbvrxRpyFr2KGxcf0rq78W290n6/5ZdJOrEGk2qP7s
CjHB3uCL4BglGjZOejw+z+bw0LlitytYafXUKGyVjCYrr/taztGFwegd3E7Ha/s6
+uFXliYg72BUyHBlUcvNU7ibKiCh15zAG4sexPsk5eUvkvixj+sQvtk3RiaYu3/5
/XU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:17:40 2025 by rpki-client