Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J1a2hFGr5j7Ewomof9aXN0P7aRg.roa
File: J1a2hFGr5j7Ewomof9aXN0P7aRg.roa (raw, json)
Hash identifier: qUEPsmuIdK8kc+lWykc4stc0oFFZYYjgSI1KJMfQKTY=
Subject key identifier: 27:56:B6:84:51:AB:E6:3E:C4:C2:89:A8:7F:D6:97:37:43:FB:69:18
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE0D55E1E5596805B08B8C6902DD89172
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J1a2hFGr5j7Ewomof9aXN0P7aRg.roa
Signing time: Sat 18 Nov 2023 05:09:21 +0000
ROA not before: Sat 18 Nov 2023 05:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e0:d5:5e:1e:55:96:80:5b:08:b8:c6:90:2d:d8:91:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 05:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2756b68451abe63ec4c289a87fd6973743fb6918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1e:2f:d8:53:b1:16:98:cf:63:28:66:86:2b:
f7:33:6a:aa:b1:22:75:9b:06:13:e3:cd:93:dd:8a:
bf:ee:4e:28:e4:fd:ef:0d:f7:90:33:8c:c0:39:f3:
ba:d6:e0:f1:05:94:3c:79:26:21:25:37:45:56:be:
03:be:6e:b7:9c:0a:3a:7b:2d:75:a7:92:71:8c:97:
21:47:06:63:40:a8:7e:00:f8:ec:03:f5:66:50:34:
bb:d7:57:6a:12:02:aa:33:56:9c:66:b8:3a:d6:fb:
0a:3f:9d:4e:62:7f:f1:db:1e:a8:0e:5d:84:db:42:
81:6d:67:d3:3f:3e:d9:e4:99:e4:aa:0a:d8:f1:60:
be:d4:50:de:d1:ad:54:c5:bb:78:ff:ad:9e:56:1d:
ca:44:65:1a:40:c5:78:9e:78:7d:76:17:b5:5e:b1:
3b:16:b1:80:09:e7:72:20:c4:ab:58:75:90:7b:a5:
d5:b9:50:bd:e8:2b:2c:e5:46:eb:2b:3b:e8:cc:2a:
df:c7:55:16:c1:1f:73:92:da:a5:7d:7b:6d:0c:91:
b1:ea:60:ff:97:9d:29:c7:fd:c3:f4:a7:37:e9:92:
94:97:54:cf:b5:7d:bd:59:0c:35:69:1c:3f:54:33:
ae:4a:bd:6b:80:a0:7d:7b:de:7c:ff:cc:ca:b7:4d:
67:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:56:B6:84:51:AB:E6:3E:C4:C2:89:A8:7F:D6:97:37:43:FB:69:18
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J1a2hFGr5j7Ewomof9aXN0P7aRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:7c:56:29:ff:3a:60:db:d5:6e:3f:62:79:6c:2c:96:6a:e8:
64:97:6b:e3:4f:12:91:1f:20:6a:aa:74:be:a9:9d:9e:53:12:
8b:05:18:ee:ed:22:1a:6b:f8:5b:3b:6d:d0:a7:29:8c:5c:9b:
63:7e:a1:82:88:a7:14:a0:67:7d:81:b1:9a:46:6c:a5:44:5e:
e0:7f:85:da:31:e0:bb:34:9a:0d:97:f6:21:cb:4c:bf:cf:0b:
17:4b:a1:03:2c:1d:df:f6:0d:62:99:e9:70:d9:dc:78:10:a8:
60:b7:0b:c8:2d:c7:9b:bf:f4:8e:13:53:05:e3:ac:ed:2d:26:
80:ee:03:67:c4:a0:d9:76:f2:b6:d2:4c:f7:e7:c2:41:05:17:
33:f0:cf:b0:f8:ae:7e:ef:51:a5:0c:69:92:1a:2e:91:72:e4:
4b:70:71:62:71:85:50:45:fd:69:7f:53:4b:a1:25:26:11:6f:
0a:cc:cb:e0:1a:2b:36:59:81:df:44:fc:a7:d2:24:34:0b:5e:
66:de:16:0d:95:e4:f7:e2:e2:f0:de:4c:99:16:75:b9:95:f5:
7b:10:74:04:ca:70:31:2e:6f:e1:79:2f:78:f4:46:a5:a5:94:
b0:90:3f:98:8f:e4:0e:32:94:f6:1c:cf:ff:73:5b:0b:c7:3d:
9d:5a:29:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvg1V4eVZaAWwi4xpAt2JFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MDUwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU2YjY4NDUxYWJlNjNlYzRjMjg5YTg3ZmQ2OTczNzQzZmI2OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix4v2FOxFpjPYyhmhiv3M2qqsSJ1
mwYT482T3Yq/7k4o5P3vDfeQM4zAOfO61uDxBZQ8eSYhJTdFVr4Dvm63nAo6ey11
p5JxjJchRwZjQKh+APjsA/VmUDS711dqEgKqM1acZrg61vsKP51OYn/x2x6oDl2E
20KBbWfTPz7Z5JnkqgrY8WC+1FDe0a1Uxbt4/62eVh3KRGUaQMV4nnh9dhe1XrE7
FrGACedyIMSrWHWQe6XVuVC96Css5UbrKzvozCrfx1UWwR9zktqlfXttDJGx6mD/
l50px/3D9Kc36ZKUl1TPtX29WQw1aRw/VDOuSr1rgKB9e958/8zKt01nZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCdWtoRRq+Y+xMKJqH/WlzdD+2kYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSjFhMmhGR3I1ajdFd29tb2Y5YVhOMFA3YVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHd8Vin/OmDb1W4/Ynls
LJZq6GSXa+NPEpEfIGqqdL6pnZ5TEosFGO7tIhpr+Fs7bdCnKYxcm2N+oYKIpxSg
Z32BsZpGbKVEXuB/hdox4Ls0mg2X9iHLTL/PCxdLoQMsHd/2DWKZ6XDZ3HgQqGC3
C8gtx5u/9I4TUwXjrO0tJoDuA2fEoNl28rbSTPfnwkEFFzPwz7D4rn7vUaUMaZIa
LpFy5EtwcWJxhVBF/Wl/U0uhJSYRbwrMy+AaKzZZgd9E/KfSJDQLXmbeFg2V5Pfi
4vDeTJkWdbmV9XsQdATKcDEub+F5L3j0RqWllLCQP5iP5A4ylPYcz/9zWwvHPZ1a
KXw=
-----END CERTIFICATE-----
Generated at Sat May 10 22:26:41 2025 by rpki-client