Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFnLwKmC7AxMc44r4SFe6vVGp3w.roa
File: JFnLwKmC7AxMc44r4SFe6vVGp3w.roa (raw, json)
Hash identifier: JId4xeQWzMjcCcYNZV9M1UN8aZYDlThRfHPpjNn6Bwk=
Subject key identifier: 24:59:CB:C0:A9:82:EC:0C:4C:73:8E:2B:E1:21:5E:EA:F5:46:A7:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABF2B8DEDA421C5A8AA528B96D27E6E49
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFnLwKmC7AxMc44r4SFe6vVGp3w.roa
Signing time: Fri 22 Sep 2023 23:13:37 +0000
ROA not before: Fri 22 Sep 2023 23:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bf:2b:8d:ed:a4:21:c5:a8:aa:52:8b:96:d2:7e:6e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 23:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2459cbc0a982ec0c4c738e2be1215eeaf546a77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6b:3c:97:32:20:9d:a3:37:e2:a7:3c:a6:b7:
cf:00:82:0d:a9:bc:6c:00:2a:06:9b:58:27:d7:f6:
30:6a:e8:82:99:74:cb:0a:e8:69:34:36:6d:f9:9a:
85:0e:80:6a:47:4c:0c:b4:02:18:f9:ac:db:4f:11:
ce:0e:62:b4:0f:70:41:ce:f9:71:53:de:f6:37:cc:
67:ec:93:17:5f:e5:61:aa:47:a0:a3:52:1f:c1:88:
ae:c3:35:12:91:b0:b0:a4:10:f4:c7:e4:0e:9f:ac:
5d:90:af:77:a9:29:a1:86:8f:2c:15:f8:70:ff:2a:
01:de:a4:a8:71:a2:74:3f:39:37:ab:44:70:01:6b:
28:1e:93:30:10:85:0f:93:19:77:7a:f6:51:7b:28:
3c:bc:49:e2:83:ac:a3:11:65:0f:37:f0:48:f4:33:
e7:e2:1e:97:45:c5:11:5b:33:70:33:c2:8a:a4:c9:
a2:f5:22:d4:46:92:ff:2f:6e:94:ec:ac:39:8e:d9:
62:fb:a8:e3:11:c3:f9:92:53:0e:67:f0:32:b8:f9:
fa:50:85:45:d9:9b:4e:1c:f4:40:07:f6:8c:4e:22:
a7:24:df:f8:fc:49:d8:bf:a5:3c:26:3b:cc:34:c7:
2d:73:42:d6:8a:32:1c:b2:5d:07:5c:4b:5c:99:86:
ef:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:59:CB:C0:A9:82:EC:0C:4C:73:8E:2B:E1:21:5E:EA:F5:46:A7:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JFnLwKmC7AxMc44r4SFe6vVGp3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:68:aa:f3:12:03:4f:5f:d4:2a:89:41:81:ca:5b:b6:8b:a3:
b1:c4:ae:4e:a5:c5:c0:e6:bd:a5:59:61:d6:96:64:98:ad:9c:
53:87:f8:90:71:ed:3f:d4:67:31:1a:b6:26:82:9e:9f:1a:66:
38:97:73:d4:81:3e:ea:05:4e:9b:f3:d3:ff:3d:a8:5d:89:9c:
3a:30:92:2a:c6:fb:12:b4:83:f0:7c:e3:a9:ce:ed:5f:f8:27:
2e:23:1e:4d:5d:fe:b4:20:9a:f6:df:9a:de:5b:dd:44:55:08:
3f:b5:68:06:1f:82:65:f2:88:42:01:87:81:5b:76:3a:9b:87:
89:8e:e9:a4:ce:c1:1d:41:03:df:04:2b:84:b1:c1:63:1b:01:
5c:af:46:33:3e:33:05:57:76:01:4a:07:92:29:9f:78:21:25:
ee:4c:14:06:04:c7:88:13:8b:92:54:30:6e:aa:69:87:08:b5:
fa:94:57:9e:07:18:e3:08:25:92:ba:10:f1:a1:e0:31:2a:79:
09:f4:f4:9b:ca:c5:66:14:84:fd:b5:eb:e7:a2:b8:f9:8c:76:
4e:b0:57:de:9d:ae:71:60:6e:41:4b:28:8f:f4:63:0c:98:67:
66:b9:d6:b1:fe:16:cd:7d:21:50:79:e9:96:4d:fe:44:53:f7:
74:b4:c1:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq/K43tpCHFqKpSi5bSfm5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMjMxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDU5Y2JjMGE5ODJlYzBjNGM3MzhlMmJlMTIxNWVlYWY1NDZhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgms8lzIgnaM34qc8prfPAIINqbxs
ACoGm1gn1/YwauiCmXTLCuhpNDZt+ZqFDoBqR0wMtAIY+azbTxHODmK0D3BBzvlx
U972N8xn7JMXX+Vhqkego1IfwYiuwzUSkbCwpBD0x+QOn6xdkK93qSmhho8sFfhw
/yoB3qSocaJ0Pzk3q0RwAWsoHpMwEIUPkxl3evZReyg8vEnig6yjEWUPN/BI9DPn
4h6XRcURWzNwM8KKpMmi9SLURpL/L26U7Kw5jtli+6jjEcP5klMOZ/AyuPn6UIVF
2ZtOHPRAB/aMTiKnJN/4/EnYv6U8JjvMNMctc0LWijIcsl0HXEtcmYbv/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCRZy8CpguwMTHOOK+EhXur1Rqd8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSkZuTHdLbUM3QXhNYzQ0cjRTRmU2dlZHcDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJFoqvMSA09f1CqJQYHK
W7aLo7HErk6lxcDmvaVZYdaWZJitnFOH+JBx7T/UZzEatiaCnp8aZjiXc9SBPuoF
Tpvz0/89qF2JnDowkirG+xK0g/B846nO7V/4Jy4jHk1d/rQgmvbfmt5b3URVCD+1
aAYfgmXyiEIBh4Fbdjqbh4mO6aTOwR1BA98EK4SxwWMbAVyvRjM+MwVXdgFKB5Ip
n3ghJe5MFAYEx4gTi5JUMG6qaYcItfqUV54HGOMIJZK6EPGh4DEqeQn09JvKxWYU
hP216+eiuPmMdk6wV96drnFgbkFLKI/0YwyYZ2a51rH+Fs19IVB56ZZN/kRT93S0
wfU=
-----END CERTIFICATE-----
Generated at Sat May 10 13:37:58 2025 by rpki-client