Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tJnnP0Hz9BSq6oY2jQQHami4sPg.roa
File: tJnnP0Hz9BSq6oY2jQQHami4sPg.roa (raw, json)
Hash identifier: 4AyulVPcLq40SNtFLVK9H1QOJNS/votApSpceUVnAp8=
Subject key identifier: B4:99:E7:3F:41:F3:F4:14:AA:EA:86:36:8D:04:07:6A:68:B8:B0:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8B0220A6597D5F1FD6C6A6C30F9280F2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tJnnP0Hz9BSq6oY2jQQHami4sPg.roa
Signing time: Wed 01 Nov 2023 13:10:54 +0000
ROA not before: Wed 01 Nov 2023 13:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:8afc:1e23/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:02:20:a6:59:7d:5f:1f:d6:c6:a6:c3:0f:92:80:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 13:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b499e73f41f3f414aaea86368d04076a68b8b0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:91:a7:79:6d:4c:ef:9f:38:4b:07:5a:bd:
c9:97:ee:46:57:c0:d8:f6:64:61:7c:06:84:f7:8a:
c4:fc:b5:7c:2b:94:39:5a:74:1c:4f:a1:69:93:b2:
c8:80:5b:1c:fa:2c:38:33:c1:15:83:5f:d7:d2:d1:
5c:91:59:0d:a0:c9:1c:db:3a:4d:89:30:ba:2a:a7:
d0:0a:75:c2:6c:ba:0d:84:58:9b:a4:16:94:78:ed:
58:48:1a:69:b5:fe:f7:38:b3:7c:e9:14:24:13:57:
c7:45:0e:37:6a:25:4a:68:5e:3c:fa:5b:b3:2a:19:
4f:d2:9d:33:de:4d:3d:9f:db:f2:24:b7:74:b2:5f:
ca:14:59:27:81:ca:4a:7f:c7:18:9d:22:25:0d:6e:
7a:25:de:fe:4d:3c:a6:0b:d7:7e:17:7a:73:a6:80:
00:34:f4:62:90:96:77:23:ce:d8:eb:0c:a5:08:d9:
99:50:0c:28:91:e8:cb:46:d6:67:73:11:80:94:06:
64:2e:57:c3:91:38:50:ce:0f:d7:07:e6:95:5d:56:
86:be:c3:50:27:77:91:03:70:31:3f:fb:61:8b:21:
9b:a6:f6:05:a0:89:d2:f8:c9:26:be:26:a1:cb:09:
34:b7:0a:b8:3b:0b:1d:f5:d0:da:39:ea:99:2e:0c:
16:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:99:E7:3F:41:F3:F4:14:AA:EA:86:36:8D:04:07:6A:68:B8:B0:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tJnnP0Hz9BSq6oY2jQQHami4sPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:73:e5:76:55:d0:74:3e:7c:7a:97:a3:4f:01:25:ad:c5:0c:
61:fc:0c:03:03:88:14:43:c9:67:3d:75:e4:e5:38:1c:0a:1b:
20:5f:51:c3:c8:35:d5:03:ed:a0:7d:d8:b2:a0:03:01:e1:7c:
fb:8b:95:8b:c4:b1:2f:78:9e:f2:ad:8d:62:63:dc:a2:22:04:
c1:f6:64:8b:03:fd:89:95:ea:8d:36:18:c0:40:f0:5d:ad:04:
a2:33:f8:ec:05:b2:1b:c8:b0:0d:d3:f7:70:fe:41:00:13:63:
ac:55:a2:e7:db:c6:3e:c9:22:14:04:12:1f:7a:6f:1b:f2:25:
80:d7:e9:6e:7d:1c:c8:3e:0c:7c:ef:4a:aa:b9:59:9f:29:97:
1d:6e:eb:76:2e:18:13:df:7a:46:49:6b:f8:73:9d:d4:34:55:
11:e4:ca:3d:fb:59:80:c2:2a:d4:0a:ef:00:e8:7f:f2:62:13:
2a:68:54:ee:56:2f:38:d5:29:40:7b:ba:b1:d1:2d:ab:eb:65:
a2:52:9b:95:34:74:02:f6:81:49:16:46:f7:44:61:69:7d:e2:
04:f3:63:71:ea:b1:0d:2e:a9:d4:13:85:c3:cb:ec:c5:6b:59:
2d:c2:ad:d8:43:f9:62:72:e6:13:b6:92:e7:ef:ea:7f:01:2c:
a2:20:11:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuLAiCmWX1fH9bGpsMPkoDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMTMxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk5ZTczZjQxZjNmNDE0YWFlYTg2MzY4ZDA0MDc2YTY4YjhiMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFmRp3ltTO+fOEsHWr3Jl+5GV8DY
9mRhfAaE94rE/LV8K5Q5WnQcT6Fpk7LIgFsc+iw4M8EVg1/X0tFckVkNoMkc2zpN
iTC6KqfQCnXCbLoNhFibpBaUeO1YSBpptf73OLN86RQkE1fHRQ43aiVKaF48+luz
KhlP0p0z3k09n9vyJLd0sl/KFFkngcpKf8cYnSIlDW56Jd7+TTymC9d+F3pzpoAA
NPRikJZ3I87Y6wylCNmZUAwokejLRtZncxGAlAZkLlfDkThQzg/XB+aVXVaGvsNQ
J3eRA3AxP/thiyGbpvYFoInS+Mkmviahywk0twq4Owsd9dDaOeqZLgwWlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLSZ5z9B8/QUquqGNo0EB2pouLD4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdEpublAwSHo5QlNxNm9ZMmpRUUhhbWk0c1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJhz5XZV0HQ+fHqXo08B
Ja3FDGH8DAMDiBRDyWc9deTlOBwKGyBfUcPINdUD7aB92LKgAwHhfPuLlYvEsS94
nvKtjWJj3KIiBMH2ZIsD/YmV6o02GMBA8F2tBKIz+OwFshvIsA3T93D+QQATY6xV
oufbxj7JIhQEEh96bxvyJYDX6W59HMg+DHzvSqq5WZ8plx1u63YuGBPfekZJa/hz
ndQ0VRHkyj37WYDCKtQK7wDof/JiEypoVO5WLzjVKUB7urHRLavrZaJSm5U0dAL2
gUkWRvdEYWl94gTzY3HqsQ0uqdQThcPL7MVrWS3CrdhD+WJy5hO2kufv6n8BLKIg
Efc=
-----END CERTIFICATE-----
Generated at Sat May 10 22:07:28 2025 by rpki-client