Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j_f4guVxNJfu8P8p22RCkQb9Pb0.roa
File: j_f4guVxNJfu8P8p22RCkQb9Pb0.roa (raw, json)
Hash identifier: 1WXoJgLS36RXmzQFxTebC3JcjiBroaPi/XlppU2xyd0=
Subject key identifier: 8F:F7:F8:82:E5:71:34:97:EE:F0:FF:29:DB:64:42:91:06:FD:3D:BD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC0401E0EFDE7C750E5240DA8493C84F6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j_f4guVxNJfu8P8p22RCkQb9Pb0.roa
Signing time: Sat 23 Sep 2023 04:15:42 +0000
ROA not before: Sat 23 Sep 2023 04:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c0:40:1e:0e:fd:e7:c7:50:e5:24:0d:a8:49:3c:84:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 04:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ff7f882e5713497eef0ff29db64429106fd3dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:de:03:31:3b:27:34:c1:07:32:eb:99:60:
bc:14:f7:f4:ab:57:2c:d8:59:a2:1d:84:d9:f5:72:
c8:1a:ec:33:ad:53:79:38:d6:89:fd:1c:8d:8e:73:
28:14:a8:ae:ca:2a:2a:50:c2:c8:24:17:a6:d0:6e:
a7:0c:62:86:ae:ad:ce:be:be:a8:bf:4a:ef:32:f8:
a3:68:d2:76:c8:c0:1b:11:59:7e:be:15:ff:6c:c5:
0a:01:06:da:7e:07:f6:94:02:92:c4:44:e4:7f:41:
76:f9:da:2a:65:08:eb:40:2e:3b:10:19:72:c5:ac:
94:4d:2f:5e:2d:6a:0f:6b:5a:e5:35:02:c0:cd:b5:
27:23:8e:48:97:0e:05:dd:80:1c:12:cf:41:cb:94:
b3:56:cb:40:9a:56:a5:da:59:66:73:6c:c6:9a:42:
0a:cc:72:f3:b1:36:9b:26:be:23:c4:f3:76:46:18:
25:eb:db:95:f1:c4:61:66:2c:a3:44:9a:58:e3:2b:
21:b2:a6:ae:b0:a6:49:48:89:b2:28:98:60:f7:c8:
27:81:b8:57:70:ac:8f:cd:f1:93:80:77:8f:ba:3d:
39:77:e4:4c:db:31:7c:51:ce:b6:2c:57:88:94:8c:
fe:da:67:b1:ab:5a:27:c4:a9:21:96:2c:00:d8:8c:
ba:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F7:F8:82:E5:71:34:97:EE:F0:FF:29:DB:64:42:91:06:FD:3D:BD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/j_f4guVxNJfu8P8p22RCkQb9Pb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:e6:72:63:55:65:0f:fb:05:30:7b:aa:b6:eb:cc:b5:35:81:
d9:9d:22:32:64:9c:1c:4e:96:b0:58:a6:29:90:d7:30:08:56:
07:ba:bc:9b:ea:2e:c7:03:11:40:a5:ff:a9:49:b7:00:88:6e:
91:29:bd:69:20:c0:17:cc:00:6a:b3:e7:c2:65:a8:b4:be:70:
c7:23:72:c3:96:fe:8d:2a:f9:00:51:61:2b:42:e2:8b:2e:d7:
e6:ab:36:91:0c:c1:94:d3:46:53:e4:47:41:91:e6:9e:11:78:
17:a6:37:bc:1a:a6:17:5b:b7:15:d3:ab:7f:49:6c:d2:4a:28:
8b:de:e8:f9:12:13:fb:6e:b1:fc:65:c9:05:fb:dc:d7:9d:87:
d2:56:74:06:87:95:05:a7:37:25:c0:a7:8d:00:3c:2c:02:c9:
c9:ae:d2:35:58:36:26:a3:17:fa:c2:5b:d0:e1:b0:ff:ab:ec:
30:16:e5:3e:d1:2f:d2:16:88:0d:3d:29:fc:a9:93:e8:28:e3:
ba:2d:ca:df:1a:31:4f:98:99:12:e6:28:f7:6d:0b:da:bc:7f:
01:6d:45:3a:cb:da:e9:6a:69:dc:eb:ae:b0:b0:ed:8d:82:14:
7d:38:b1:96:b5:9d:a9:48:01:44:1b:f5:a7:73:70:50:02:d1:
01:16:3a:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrAQB4O/efHUOUkDahJPIT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMDQxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY3Zjg4MmU1NzEzNDk3ZWVmMGZmMjlkYjY0NDI5MTA2ZmQzZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMfeAzE7JzTBBzLrmWC8FPf0q1cs
2FmiHYTZ9XLIGuwzrVN5ONaJ/RyNjnMoFKiuyioqUMLIJBem0G6nDGKGrq3Ovr6o
v0rvMvijaNJ2yMAbEVl+vhX/bMUKAQbafgf2lAKSxETkf0F2+doqZQjrQC47EBly
xayUTS9eLWoPa1rlNQLAzbUnI45Ilw4F3YAcEs9By5SzVstAmlal2llmc2zGmkIK
zHLzsTabJr4jxPN2Rhgl69uV8cRhZiyjRJpY4yshsqausKZJSImyKJhg98gngbhX
cKyPzfGTgHePuj05d+RM2zF8Uc62LFeIlIz+2mexq1onxKkhliwA2Iy6YwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI/3+ILlcTSX7vD/KdtkQpEG/T29MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEval9mNGd1VnhOSmZ1OFA4cDIyUkNrUWI5UGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAETmcmNVZQ/7BTB7qrbr
zLU1gdmdIjJknBxOlrBYpimQ1zAIVge6vJvqLscDEUCl/6lJtwCIbpEpvWkgwBfM
AGqz58JlqLS+cMcjcsOW/o0q+QBRYStC4osu1+arNpEMwZTTRlPkR0GR5p4ReBem
N7waphdbtxXTq39JbNJKKIve6PkSE/tusfxlyQX73Nedh9JWdAaHlQWnNyXAp40A
PCwCycmu0jVYNiajF/rCW9DhsP+r7DAW5T7RL9IWiA09Kfypk+go47otyt8aMU+Y
mRLmKPdtC9q8fwFtRTrL2ulqadzrrrCw7Y2CFH04sZa1nalIAUQb9adzcFAC0QEW
OnM=
-----END CERTIFICATE-----
Generated at Sun May 11 15:48:55 2025 by rpki-client