Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J2t1sbuBwqU6EO6FrJGjiRO7N7k.roa
File: J2t1sbuBwqU6EO6FrJGjiRO7N7k.roa (raw, json)
Hash identifier: 8yCuaHltOvqKOdQp3RqcJlMR21hyNbSlKynipg79Two=
Subject key identifier: 27:6B:75:B1:BB:81:C2:A5:3A:10:EE:85:AC:91:A3:89:13:BB:37:B9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4EF5D6440179114441F368A39E536402
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J2t1sbuBwqU6EO6FrJGjiRO7N7k.roa
Signing time: Fri 20 Oct 2023 21:20:15 +0000
ROA not before: Fri 20 Oct 2023 21:20:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:f5:d6:44:01:79:11:44:41:f3:68:a3:9e:53:64:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 21:20:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=276b75b1bb81c2a53a10ee85ac91a38913bb37b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:94:03:a1:8d:50:5d:2e:b9:7d:ab:b5:f7:3e:
29:4b:26:0f:ac:a9:ee:c7:9f:ad:d9:27:9a:e4:e3:
50:2b:33:4a:0f:4d:cc:24:a4:2c:84:67:90:82:99:
b6:91:07:1a:de:87:5e:9e:e5:1b:3f:9e:93:13:76:
84:86:c6:c3:a4:a1:89:4b:62:9b:29:b1:b4:35:13:
c3:1b:a9:87:b3:a8:48:f8:bb:3b:33:7f:dc:9f:d7:
cc:8a:11:f8:35:bb:77:dd:2a:47:45:59:ed:e2:67:
88:09:fd:a3:27:32:6e:77:7d:9c:02:79:b2:df:a2:
d5:c0:05:77:f7:68:37:aa:a6:8e:56:23:f2:dc:98:
16:76:1e:4f:62:de:54:5f:26:85:8f:cc:c3:05:cc:
74:73:44:09:da:19:16:0a:67:c1:75:44:87:92:1d:
b3:5b:c0:a9:48:da:72:28:23:09:fc:94:06:63:3c:
8f:32:db:b5:69:71:35:01:dc:1e:5b:b1:37:f2:40:
e4:1a:57:d5:c1:b7:39:82:c0:50:ff:b3:95:2e:ae:
3b:fe:33:1e:57:18:93:05:38:61:8b:51:36:bf:d9:
52:02:82:09:05:5f:39:5c:ac:19:52:13:77:7e:64:
04:0b:57:06:1e:78:17:5c:c5:b6:f6:5a:8a:bc:3c:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6B:75:B1:BB:81:C2:A5:3A:10:EE:85:AC:91:A3:89:13:BB:37:B9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/J2t1sbuBwqU6EO6FrJGjiRO7N7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:bf:ca:be:89:e7:f2:66:27:0c:91:b2:47:3f:41:f0:4b:08:
6f:14:e6:56:25:3b:c8:03:c0:ed:60:64:0f:52:31:b6:8a:e5:
21:54:4f:3d:2c:df:e6:ba:89:7b:0d:34:5a:cf:ab:80:e2:ef:
48:28:4a:24:96:ba:1f:6a:99:85:8e:6a:f9:cc:22:61:cf:ba:
73:05:7a:d0:f6:c0:15:cc:78:6c:3a:21:de:f6:34:e1:93:f9:
85:dc:39:7d:c7:40:30:69:df:ff:69:79:12:d3:92:ee:e2:bb:
6b:8c:2f:62:6f:55:c8:46:5a:05:af:0e:0b:7d:6e:9b:c5:c6:
16:75:f2:9a:f4:3d:38:8f:bb:dc:d1:21:2a:34:18:e1:26:2c:
2a:2b:f9:0b:05:79:d3:cf:e1:7b:5a:8c:c9:1a:69:9c:6c:0f:
7f:0b:60:d4:29:a4:d9:6f:01:48:df:76:23:59:7b:77:8b:49:
2e:b0:e7:77:63:ae:d3:13:41:ce:9c:80:45:aa:cc:66:29:d7:
78:ce:1b:90:14:ed:c7:cc:15:ed:2b:a9:b1:84:0f:5c:6d:59:
c7:6b:12:c2:1b:f6:eb:9d:b0:03:f9:58:a4:45:75:59:78:6c:
b4:ce:cd:7e:d3:7c:0a:21:6a:b6:5a:49:55:65:43:f5:c8:14:
f7:e0:5c:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtO9dZEAXkRREHzaKOeU2QCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMjEyMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZiNzViMWJiODFjMmE1M2ExMGVlODVhYzkxYTM4OTEzYmIzN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpQDoY1QXS65fau19z4pSyYPrKnu
x5+t2Sea5ONQKzNKD03MJKQshGeQgpm2kQca3odenuUbP56TE3aEhsbDpKGJS2Kb
KbG0NRPDG6mHs6hI+Ls7M3/cn9fMihH4Nbt33SpHRVnt4meICf2jJzJud32cAnmy
36LVwAV392g3qqaOViPy3JgWdh5PYt5UXyaFj8zDBcx0c0QJ2hkWCmfBdUSHkh2z
W8CpSNpyKCMJ/JQGYzyPMtu1aXE1AdweW7E38kDkGlfVwbc5gsBQ/7OVLq47/jMe
VxiTBThhi1E2v9lSAoIJBV85XKwZUhN3fmQEC1cGHngXXMW29lqKvDyHUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCdrdbG7gcKlOhDuhayRo4kTuze5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSjJ0MXNidUJ3cVU2RU82RnJKR2ppUk83TjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL6/yr6J5/JmJwyRskc/
QfBLCG8U5lYlO8gDwO1gZA9SMbaK5SFUTz0s3+a6iXsNNFrPq4Di70goSiSWuh9q
mYWOavnMImHPunMFetD2wBXMeGw6Id72NOGT+YXcOX3HQDBp3/9peRLTku7iu2uM
L2JvVchGWgWvDgt9bpvFxhZ18pr0PTiPu9zRISo0GOEmLCor+QsFedPP4XtajMka
aZxsD38LYNQppNlvAUjfdiNZe3eLSS6w53djrtMTQc6cgEWqzGYp13jOG5AU7cfM
Fe0rqbGED1xtWcdrEsIb9uudsAP5WKRFdVl4bLTOzX7TfAoharZaSVVlQ/XIFPfg
XGI=
-----END CERTIFICATE-----
Generated at Mon May 12 18:43:37 2025 by rpki-client