Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jSDJzTDEGimT7qTX-NaIIiYiZdE.roa
File: jSDJzTDEGimT7qTX-NaIIiYiZdE.roa (raw, json)
Hash identifier: 0Wa/oaX8i9bIdZ7F3GSLdejSJNWiV3yCIltjwgrxhyo=
Subject key identifier: 8D:20:C9:CD:30:C4:1A:29:93:EE:A4:D7:F8:D6:88:22:26:22:65:D1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC3026C25449DCF1DCAD07401775B8DEC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jSDJzTDEGimT7qTX-NaIIiYiZdE.roa
Signing time: Sun 12 Nov 2023 10:09:57 +0000
ROA not before: Sun 12 Nov 2023 10:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:02:6c:25:44:9d:cf:1d:ca:d0:74:01:77:5b:8d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 10:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d20c9cd30c41a2993eea4d7f8d68822262265d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:28:93:62:9c:69:b0:62:96:ce:68:ff:86:
6b:1f:c3:8c:8f:b3:9d:41:64:76:08:41:d3:68:26:
ee:33:7d:d2:39:a5:06:03:45:39:86:c4:63:3d:fe:
82:41:6e:0f:9c:d1:42:86:4e:45:9f:8b:43:c0:5c:
95:b8:3f:f5:d6:8f:54:76:63:71:9b:1b:1f:d1:7f:
12:67:52:d2:24:6b:96:58:b5:f3:40:4c:a4:e0:c6:
37:4f:ad:bc:4b:c1:d1:dc:ad:24:f2:ba:2d:07:7c:
9a:ac:a4:8b:4c:62:f8:99:10:9d:c0:a7:73:fc:36:
b9:fd:31:c2:3b:4c:51:54:9f:ec:25:37:18:5b:9d:
ba:47:7f:60:f4:dc:ba:ea:f5:55:c8:6e:63:08:1e:
f1:3e:0f:aa:fa:59:2e:6c:62:b2:f7:7f:d9:c8:26:
ce:9b:30:bd:0a:ed:f4:51:b5:56:d4:8a:40:7c:67:
d3:4a:5c:a4:d2:f2:dc:35:38:f2:4b:42:2c:78:ae:
4f:e9:02:31:47:13:45:dc:ee:03:d4:be:62:79:f6:
c6:5d:05:c8:c6:ee:0a:b4:75:2c:25:92:eb:8b:54:
42:9a:ed:10:66:67:ca:ff:7a:95:21:39:dd:28:98:
bb:91:e5:db:60:0f:ce:95:00:ce:5f:a8:5a:d0:ee:
1c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:20:C9:CD:30:C4:1A:29:93:EE:A4:D7:F8:D6:88:22:26:22:65:D1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jSDJzTDEGimT7qTX-NaIIiYiZdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:68:e0:67:b7:da:9e:7f:ba:a7:a5:ae:69:fb:f0:31:f9:47:
b0:ee:b0:da:16:5c:45:ec:92:e3:2e:dd:97:d0:c8:2c:a3:41:
e9:f0:d0:cf:6b:b1:1c:b5:72:da:9d:37:31:3c:a2:c3:86:20:
ce:00:f3:a9:6b:66:ea:d7:53:69:ac:09:3c:01:7d:bf:35:1e:
db:4d:30:49:89:29:43:0b:e5:7c:4e:35:02:a8:40:a1:dd:56:
2b:78:20:05:ea:0e:ca:0e:5d:f2:fe:5f:35:eb:9b:5f:20:6b:
86:c0:e6:a2:57:08:bf:f9:b5:2a:69:8b:8f:d4:32:ad:12:45:
bd:1d:de:bb:40:29:b2:96:25:70:25:0d:64:31:c4:7a:ac:54:
39:e8:99:dd:84:1c:d5:2b:b8:6c:16:96:58:c5:18:98:8b:5e:
e8:2e:e0:dc:62:43:c0:b6:5d:58:c7:00:2d:34:17:38:a6:99:
32:0b:b7:8b:ae:ff:1b:e8:cb:c1:6a:69:e5:a5:a0:18:4d:60:
90:15:f3:fe:b3:a5:f5:f6:9e:5b:59:06:25:11:e2:a4:ee:94:
06:5f:9a:9c:23:36:d6:9e:5d:91:1d:ec:4f:95:55:f6:cf:00:
94:10:f5:d7:fa:75:b5:ed:fc:1d:be:74:86:d7:09:36:b3:90:
77:49:05:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvDAmwlRJ3PHcrQdAF3W43sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMTAwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDIwYzljZDMwYzQxYTI5OTNlZWE0ZDdmOGQ2ODgyMjI2MjI2NWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9Mok2KcabBils5o/4ZrH8OMj7Od
QWR2CEHTaCbuM33SOaUGA0U5hsRjPf6CQW4PnNFChk5Fn4tDwFyVuD/11o9UdmNx
mxsf0X8SZ1LSJGuWWLXzQEyk4MY3T628S8HR3K0k8rotB3yarKSLTGL4mRCdwKdz
/Da5/THCO0xRVJ/sJTcYW526R39g9Ny66vVVyG5jCB7xPg+q+lkubGKy93/ZyCbO
mzC9Cu30UbVW1IpAfGfTSlyk0vLcNTjyS0IseK5P6QIxRxNF3O4D1L5iefbGXQXI
xu4KtHUsJZLri1RCmu0QZmfK/3qVITndKJi7keXbYA/OlQDOX6ha0O4cQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI0gyc0wxBopk+6k1/jWiCImImXRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvalNESnpUREVHaW1UN3FUWC1OYUlJaVlpWmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBo4Ge32p5/uqelrmn7
8DH5R7DusNoWXEXskuMu3ZfQyCyjQenw0M9rsRy1ctqdNzE8osOGIM4A86lrZurX
U2msCTwBfb81HttNMEmJKUML5XxONQKoQKHdVit4IAXqDsoOXfL+XzXrm18ga4bA
5qJXCL/5tSppi4/UMq0SRb0d3rtAKbKWJXAlDWQxxHqsVDnomd2EHNUruGwWlljF
GJiLXugu4NxiQ8C2XVjHAC00FzimmTILt4uu/xvoy8FqaeWloBhNYJAV8/6zpfX2
nltZBiUR4qTulAZfmpwjNtaeXZEd7E+VVfbPAJQQ9df6dbXt/B2+dIbXCTazkHdJ
BXw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:18:50 2025 by rpki-client