Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jf4-8f-be7wf5nRyISj7phui5vQ.roa
File: jf4-8f-be7wf5nRyISj7phui5vQ.roa (raw, json)
Hash identifier: 5ANVoIkgZe/6zNTZ3IIvEUPSyl5LXO/ClLGc5HRN8M8=
Subject key identifier: 8D:FE:3E:F1:FF:9B:7B:BC:1F:E6:74:72:21:28:FB:A6:1B:A2:E6:F4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7CDCA1C92BD5E72BE14D1D1DA7CA3FD4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jf4-8f-be7wf5nRyISj7phui5vQ.roa
Signing time: Sun 29 Oct 2023 19:15:15 +0000
ROA not before: Sun 29 Oct 2023 19:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:dc:a1:c9:2b:d5:e7:2b:e1:4d:1d:1d:a7:ca:3f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 19:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dfe3ef1ff9b7bbc1fe674722128fba61ba2e6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c4:5e:da:dd:46:37:4e:6e:4b:b5:02:ca:94:
0d:10:f3:26:9d:f8:70:14:7a:88:02:fc:7d:9b:c5:
a9:c2:62:b9:08:45:a0:e6:83:0c:66:e4:7d:95:e6:
67:89:9e:6d:fc:64:3a:70:f6:93:cb:4c:46:41:fa:
f3:8b:d4:dd:d7:49:df:d8:0e:8f:a9:55:f4:69:eb:
21:7b:81:ce:11:a9:31:d0:5b:46:9e:2e:55:59:a3:
5f:77:5d:f0:9b:9a:b7:67:62:2e:b1:15:01:d1:79:
6d:e9:71:fa:83:9b:49:44:ca:94:d7:36:c3:e5:d6:
fa:54:27:2d:83:66:d2:65:e0:68:bc:41:4b:18:dd:
3c:0b:a4:51:fc:69:8b:9d:92:f9:dd:bf:8a:2a:c5:
14:12:5a:d6:eb:27:54:43:b8:f4:7a:55:83:d0:7b:
23:e1:51:b9:72:1d:28:33:f8:10:85:9d:2f:bd:56:
78:bf:1f:46:24:3c:48:da:29:cf:d4:69:8c:df:ec:
b3:bd:83:15:c3:29:e4:de:e6:f9:80:df:b9:ac:b7:
0c:8a:96:bd:84:07:18:62:b3:e3:d3:45:c0:77:12:
14:38:52:b9:8e:1b:2e:4c:5c:50:9e:7e:83:3a:74:
ab:8e:82:cc:75:9a:cf:be:1e:67:a3:09:8b:a2:f0:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FE:3E:F1:FF:9B:7B:BC:1F:E6:74:72:21:28:FB:A6:1B:A2:E6:F4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/jf4-8f-be7wf5nRyISj7phui5vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:63:75:77:36:f6:17:c7:c2:40:b2:aa:40:8f:49:60:a7:c4:
9d:03:01:44:2c:17:1f:77:d6:c9:68:02:b5:41:a6:b5:3b:8c:
41:88:fe:86:74:5e:0c:6c:21:1b:7d:01:17:80:a8:eb:9c:27:
db:d9:52:83:c4:91:e0:39:23:05:ff:80:e3:ba:6a:d3:15:8c:
76:40:39:26:3c:2e:17:45:58:49:cd:ce:4a:5e:51:0f:91:93:
7b:00:94:fe:c8:3c:89:8e:6c:3a:af:5d:5a:db:54:ae:7d:f7:
65:7e:01:a0:5c:46:2f:0d:74:99:1e:ff:10:18:54:96:19:72:
61:f9:0a:f6:b3:e5:b1:57:7a:e2:b0:c2:af:65:a4:4d:8c:05:
0b:79:16:41:82:80:9d:8a:a1:44:b1:39:50:c0:40:ab:48:dc:
87:50:ac:42:50:c3:66:14:a3:23:fb:91:dd:22:d8:1a:88:d4:
fc:14:be:0c:e7:eb:e0:32:3d:c6:4f:36:10:b1:19:b2:e7:f9:
df:2d:81:44:e8:f2:85:d3:9b:4e:72:bb:56:95:46:83:2b:c2:
2f:06:d2:fb:eb:37:a0:7e:7c:94:73:04:f2:0b:19:ef:a9:51:
2c:98:52:4d:aa:0f:63:17:24:31:60:9e:75:72:c6:eb:3c:b4:
44:ce:61:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt83KHJK9XnK+FNHR2nyj/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTkxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZlM2VmMWZmOWI3YmJjMWZlNjc0NzIyMTI4ZmJhNjFiYTJlNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Re2t1GN05uS7UCypQNEPMmnfhw
FHqIAvx9m8WpwmK5CEWg5oMMZuR9leZniZ5t/GQ6cPaTy0xGQfrzi9Td10nf2A6P
qVX0aeshe4HOEakx0FtGni5VWaNfd13wm5q3Z2IusRUB0Xlt6XH6g5tJRMqU1zbD
5db6VCctg2bSZeBovEFLGN08C6RR/GmLnZL53b+KKsUUElrW6ydUQ7j0elWD0Hsj
4VG5ch0oM/gQhZ0vvVZ4vx9GJDxI2inP1GmM3+yzvYMVwynk3ub5gN+5rLcMipa9
hAcYYrPj00XAdxIUOFK5jhsuTFxQnn6DOnSrjoLMdZrPvh5nowmLovCEJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI3+PvH/m3u8H+Z0ciEo+6Yboub0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvamY0LThmLWJlN3dmNW5SeUlTajdwaHVpNXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFVjdXc29hfHwkCyqkCP
SWCnxJ0DAUQsFx931sloArVBprU7jEGI/oZ0XgxsIRt9AReAqOucJ9vZUoPEkeA5
IwX/gOO6atMVjHZAOSY8LhdFWEnNzkpeUQ+Rk3sAlP7IPImObDqvXVrbVK5992V+
AaBcRi8NdJke/xAYVJYZcmH5Cvaz5bFXeuKwwq9lpE2MBQt5FkGCgJ2KoUSxOVDA
QKtI3IdQrEJQw2YUoyP7kd0i2BqI1PwUvgzn6+AyPcZPNhCxGbLn+d8tgUTo8oXT
m05yu1aVRoMrwi8G0vvrN6B+fJRzBPILGe+pUSyYUk2qD2MXJDFgnnVyxus8tETO
YVk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:58:09 2025 by rpki-client