Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JnXbJTOU-2U3ieZn38Thz8p7wjI.roa
File: JnXbJTOU-2U3ieZn38Thz8p7wjI.roa (raw, json)
Hash identifier: oOMQPmES6FWHFdAVt5KNnyUzaiYBLxATm7wbGncHOxY=
Subject key identifier: 26:75:DB:25:33:94:FB:65:37:89:E6:67:DF:C4:E1:CF:CA:7B:C2:32
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD87C6AEF289D492C18E1D3BC8B9C7FFD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JnXbJTOU-2U3ieZn38Thz8p7wjI.roa
Signing time: Wed 27 Sep 2023 21:12:27 +0000
ROA not before: Wed 27 Sep 2023 21:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d8:7c:6a:ef:28:9d:49:2c:18:e1:d3:bc:8b:9c:7f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 21:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2675db253394fb653789e667dfc4e1cfca7bc232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e7:03:24:22:cc:21:c4:4a:8f:78:d9:7d:73:
15:ef:45:17:83:ee:fa:ea:45:71:14:14:15:2c:4a:
0d:7b:27:d7:ef:16:70:61:11:47:fa:19:1c:8c:f6:
96:cc:f8:2f:69:a1:3f:76:c9:97:6c:4e:36:7d:0c:
41:98:74:6d:fe:d2:00:a2:a7:ed:40:3d:5b:18:89:
db:8e:06:5c:b2:18:ad:ce:4b:43:a6:6b:3a:0e:d3:
2c:c7:cd:3b:ee:1f:73:8a:3f:53:85:ad:ed:7b:2f:
5e:44:58:39:4c:5a:1f:b1:71:1f:28:b8:2d:13:30:
d1:57:df:c9:3e:b8:d4:0b:11:b4:99:e2:81:c3:b0:
21:25:9e:c1:05:58:48:e8:22:6f:a7:a0:61:c7:27:
c4:70:03:98:aa:f8:16:5f:41:e4:e4:4a:8e:b9:3a:
c5:a4:af:16:3f:19:63:81:76:25:f0:dd:44:9a:51:
73:28:c9:4e:42:65:9f:e1:64:da:9c:8e:ca:00:a2:
db:eb:71:76:a4:52:9f:15:d2:45:12:bd:5a:10:f7:
0c:ed:8d:d8:ac:c9:c2:03:ce:d7:b6:0e:0a:ab:12:
05:dc:69:d8:17:a8:71:b8:d7:d0:a8:c0:d5:cf:71:
62:fc:60:d4:e2:74:a5:7b:84:4a:0e:ec:32:c8:99:
36:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:75:DB:25:33:94:FB:65:37:89:E6:67:DF:C4:E1:CF:CA:7B:C2:32
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JnXbJTOU-2U3ieZn38Thz8p7wjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:c0:47:72:31:11:47:d7:0f:4b:59:a0:84:3e:45:98:2e:dc:
79:ce:f2:05:b4:8f:1b:ec:bf:6b:57:60:d1:aa:3e:3d:fa:ee:
5b:64:1d:ac:9f:bd:09:11:7d:c9:bb:ae:30:44:31:81:49:a4:
04:64:c0:98:6a:e6:08:dc:0f:76:db:28:b6:28:d7:a7:69:73:
9c:aa:1d:69:40:86:31:f4:e5:e0:30:e6:cc:d8:2f:4c:29:cb:
ec:4f:9c:03:7e:f1:4b:36:61:dc:10:6b:fd:3e:c3:3b:f5:4a:
98:b3:ad:ac:cb:65:b8:a3:a8:4c:22:af:c4:0e:4a:39:35:f4:
3f:fa:23:ee:ba:b3:92:88:a8:45:d0:61:11:fc:2f:52:61:40:
e1:54:e1:f1:59:3d:ab:6f:8f:c7:ed:d3:b7:bc:3f:c2:2a:41:
c5:e1:59:0a:82:e2:0d:ed:66:f2:dd:d3:c9:bb:d1:86:67:6e:
45:a6:33:c9:63:cf:16:5b:c7:77:e9:8f:9f:3b:e6:ba:3c:8d:
6a:2c:48:8a:86:cb:ce:53:fc:2e:33:ad:5c:df:69:3e:5a:83:
64:32:73:08:e7:9f:e6:50:f0:ec:7d:cd:68:b5:fe:08:c5:04:
8a:a2:c8:28:1f:53:24:0f:9a:a6:1e:95:fe:2d:3d:10:27:9a:
a3:3f:c4:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrYfGrvKJ1JLBjh07yLnH/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MjExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjc1ZGIyNTMzOTRmYjY1Mzc4OWU2NjdkZmM0ZTFjZmNhN2JjMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjucDJCLMIcRKj3jZfXMV70UXg+76
6kVxFBQVLEoNeyfX7xZwYRFH+hkcjPaWzPgvaaE/dsmXbE42fQxBmHRt/tIAoqft
QD1bGInbjgZcshitzktDpms6DtMsx8077h9zij9Tha3tey9eRFg5TFofsXEfKLgt
EzDRV9/JPrjUCxG0meKBw7AhJZ7BBVhI6CJvp6BhxyfEcAOYqvgWX0Hk5EqOuTrF
pK8WPxljgXYl8N1EmlFzKMlOQmWf4WTanI7KAKLb63F2pFKfFdJFEr1aEPcM7Y3Y
rMnCA87Xtg4KqxIF3GnYF6hxuNfQqMDVz3Fi/GDU4nSle4RKDuwyyJk28wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCZ12yUzlPtlN4nmZ9/E4c/Ke8IyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSm5YYkpUT1UtMlUzaWVabjM4VGh6OHA3d2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHfAR3IxEUfXD0tZoIQ+
RZgu3HnO8gW0jxvsv2tXYNGqPj367ltkHayfvQkRfcm7rjBEMYFJpARkwJhq5gjc
D3bbKLYo16dpc5yqHWlAhjH05eAw5szYL0wpy+xPnAN+8Us2YdwQa/0+wzv1Spiz
razLZbijqEwir8QOSjk19D/6I+66s5KIqEXQYRH8L1JhQOFU4fFZPatvj8ft07e8
P8IqQcXhWQqC4g3tZvLd08m70YZnbkWmM8ljzxZbx3fpj5875ro8jWosSIqGy85T
/C4zrVzfaT5ag2Qycwjnn+ZQ8Ox9zWi1/gjFBIqiyCgfUyQPmqYelf4tPRAnmqM/
xJM=
-----END CERTIFICATE-----
Generated at Mon May 12 19:03:27 2025 by rpki-client