Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jdtnD8liAnlHEw1k78A9XCa8vI4.roa
File: jdtnD8liAnlHEw1k78A9XCa8vI4.roa (raw, json)
Hash identifier: F0hxWl8TMbRFcV9WDxkgxY3wKF2OYBqfuLam2+3/rKA=
Subject key identifier: 8D:DB:67:0F:C9:62:02:79:47:13:0D:64:EF:C0:3D:5C:26:BC:BC:8E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BACB75691386A7280D21C1AC854B1788A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jdtnD8liAnlHEw1k78A9XCa8vI4.roa
Signing time: Wed 08 Nov 2023 02:16:18 +0000
ROA not before: Wed 08 Nov 2023 02:16:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ac:b7:56:91:38:6a:72:80:d2:1c:1a:c8:54:b1:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 02:16:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ddb670fc962027947130d64efc03d5c26bcbc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:09:41:ec:e4:34:85:95:84:fb:a2:30:02:df:
5b:dc:79:99:da:67:8d:ee:bc:7e:f6:8d:da:26:44:
b2:07:59:77:18:35:86:8a:b0:cd:0f:9b:c8:34:89:
8f:b7:25:3a:85:69:18:0f:72:c9:84:74:93:fc:e4:
35:6d:a0:01:75:3d:81:35:ff:21:df:00:a2:13:a0:
69:13:48:27:d0:d0:e1:50:95:b7:8d:1e:a3:79:8f:
48:2f:8a:64:25:45:e6:eb:73:05:8b:bc:7d:e3:d1:
0d:a5:a2:f9:a7:b1:1f:c8:02:b8:ec:77:49:1a:95:
68:17:4c:a1:c8:f3:09:12:72:a5:0e:01:68:ed:f9:
7d:4f:a1:8b:0b:4b:14:c7:5d:31:f9:38:9a:d0:00:
48:b0:cc:f2:94:63:70:e4:5e:30:8d:99:76:03:cb:
5d:38:c4:cc:15:a5:d5:8c:4a:1e:6f:03:02:8d:75:
0f:cb:56:5e:3c:b8:7f:61:a4:af:d0:3d:fd:f0:d8:
f5:2a:ee:e4:8f:06:53:ad:68:35:5f:31:f4:80:42:
34:ff:53:9b:e7:f7:c6:5c:4b:50:64:5d:b0:c2:4d:
f6:e7:62:b6:92:39:c9:42:ff:a6:83:6e:ab:a5:be:
7f:fb:94:46:a2:fd:c9:98:23:eb:f1:91:49:8e:21:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DB:67:0F:C9:62:02:79:47:13:0D:64:EF:C0:3D:5C:26:BC:BC:8E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jdtnD8liAnlHEw1k78A9XCa8vI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:2a:6c:8c:39:f2:d3:84:2f:0d:82:52:80:dc:ac:cd:06:b6:
34:0d:15:a7:07:0f:ad:b5:1a:a3:8f:7f:50:1d:ee:08:9a:7e:
ba:40:2a:a9:dd:c7:d8:9c:5d:26:ca:34:82:6c:2a:05:5b:c0:
05:ac:af:77:1e:2a:fc:89:47:8d:0b:da:94:39:6e:e0:3b:98:
67:68:9e:ff:c4:33:38:57:9d:39:23:b1:2a:2c:81:af:9a:bc:
f4:d5:26:6f:e0:47:6e:7b:10:60:13:3e:f5:34:80:1d:fc:d2:
77:08:40:ec:48:7a:28:1f:cb:5f:94:8b:d0:8a:55:0f:78:07:
07:e8:91:25:30:d9:1c:73:e5:5c:a9:39:03:32:15:69:c7:9f:
b3:d1:1c:9e:d8:d2:a1:1c:80:1f:5a:44:c1:40:ec:e8:ae:0d:
92:70:38:c7:37:ad:4d:a7:96:d6:c5:aa:79:e9:45:3e:8e:b4:
f5:ac:f2:11:a4:d5:f2:77:0a:29:dc:56:23:0d:9a:6d:b5:c7:
85:fd:d8:3c:6f:9a:9d:ea:50:fb:48:43:92:39:c6:d7:8f:c2:
a7:86:15:14:10:f3:eb:53:d9:76:3f:d2:90:a4:88:73:9b:7a:
73:5b:eb:d8:55:b3:15:cf:0c:3e:95:f8:3a:ca:3f:63:cc:19:
bf:9b:b7:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYust1aROGpygNIcGshUsXiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MDIxNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRiNjcwZmM5NjIwMjc5NDcxMzBkNjRlZmMwM2Q1YzI2YmNiYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QlB7OQ0hZWE+6IwAt9b3HmZ2meN
7rx+9o3aJkSyB1l3GDWGirDND5vINImPtyU6hWkYD3LJhHST/OQ1baABdT2BNf8h
3wCiE6BpE0gn0NDhUJW3jR6jeY9IL4pkJUXm63MFi7x949ENpaL5p7EfyAK47HdJ
GpVoF0yhyPMJEnKlDgFo7fl9T6GLC0sUx10x+Tia0ABIsMzylGNw5F4wjZl2A8td
OMTMFaXVjEoebwMCjXUPy1ZePLh/YaSv0D398Nj1Ku7kjwZTrWg1XzH0gEI0/1Ob
5/fGXEtQZF2wwk3252K2kjnJQv+mg26rpb5/+5RGov3JmCPr8ZFJjiFyQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI3bZw/JYgJ5RxMNZO/APVwmvLyOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvamR0bkQ4bGlBbmxIRXcxazc4QTlYQ2E4dkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsqbIw58tOELw2CUoDc
rM0GtjQNFacHD621GqOPf1Ad7giafrpAKqndx9icXSbKNIJsKgVbwAWsr3ceKvyJ
R40L2pQ5buA7mGdonv/EMzhXnTkjsSosga+avPTVJm/gR257EGATPvU0gB380ncI
QOxIeigfy1+Ui9CKVQ94BwfokSUw2Rxz5VypOQMyFWnHn7PRHJ7Y0qEcgB9aRMFA
7OiuDZJwOMc3rU2nltbFqnnpRT6OtPWs8hGk1fJ3CincViMNmm21x4X92Dxvmp3q
UPtIQ5I5xtePwqeGFRQQ8+tT2XY/0pCkiHObenNb69hVsxXPDD6V+DrKP2PMGb+b
tyo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:18:29 2025 by rpki-client