Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JkhFAxEtqt9NDMIjLPWZIfzLjdk.roa
File: JkhFAxEtqt9NDMIjLPWZIfzLjdk.roa (raw, json)
Hash identifier: f4FtWt7+G9IYgeCQGvXIiTKcxe3y3gJxcM9sYmhwXbc=
Subject key identifier: 26:48:45:03:11:2D:AA:DF:4D:0C:C2:23:2C:F5:99:21:FC:CB:8D:D9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F0C08E7805CCF3D86504B32F734B249B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JkhFAxEtqt9NDMIjLPWZIfzLjdk.roa
Signing time: Sun 13 Aug 2023 21:14:58 +0000
ROA not before: Sun 13 Aug 2023 21:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f0:c0:8e:78:05:cc:f3:d8:65:04:b3:2f:73:4b:24:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 21:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26484503112daadf4d0cc2232cf59921fccb8dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:84:cf:a6:db:b8:0a:ae:38:7f:1c:fe:e5:24:
34:33:a3:5e:be:90:d8:43:41:68:cb:c1:d4:3d:8c:
1a:62:0b:43:2b:67:39:20:21:78:92:ca:69:83:d1:
d8:de:b7:fe:1b:36:29:68:ff:ee:e0:11:0e:b4:4e:
66:53:23:e5:ea:cf:75:64:8d:ee:15:3d:b2:73:a4:
ef:0a:9f:2c:72:17:88:61:12:47:0a:75:d2:46:25:
c7:fb:49:d3:d7:e3:74:b4:1c:1c:d5:34:47:ff:29:
93:dd:2b:73:16:8c:65:75:75:59:bc:e7:87:2e:5d:
ea:54:f1:eb:eb:b6:12:7d:ef:bd:8a:2d:53:09:6c:
10:74:c3:4f:32:4e:ab:2d:bd:97:58:e4:cd:36:fe:
b1:5b:f7:22:be:28:6d:ff:70:ef:d8:ab:65:97:58:
15:ee:0b:0c:52:b3:5b:15:41:1f:f3:f1:6b:bb:31:
68:04:46:14:a4:35:76:0d:80:be:14:b0:34:9d:bd:
56:27:20:76:f8:36:1d:11:69:7f:1b:2d:57:44:7e:
3d:01:57:a4:0a:a6:36:48:2a:b6:be:83:ab:69:71:
2f:47:2d:a1:84:d3:ec:d9:96:f2:d6:8e:ed:ed:b1:
c9:99:6e:1a:b6:29:2b:29:a9:a8:94:2f:38:26:67:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:48:45:03:11:2D:AA:DF:4D:0C:C2:23:2C:F5:99:21:FC:CB:8D:D9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JkhFAxEtqt9NDMIjLPWZIfzLjdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:30:32:ac:f0:f4:26:e3:13:0a:e4:25:9c:78:a3:3e:cc:19:
51:2c:4e:7b:5d:3d:61:37:c9:42:f4:db:7b:1b:be:ac:05:62:
31:9e:d2:56:c9:dc:1c:71:e7:4e:08:e7:39:21:e8:e2:1d:1f:
c9:ef:8b:8a:81:da:2e:2e:8a:d3:fc:73:2e:9b:59:42:f3:63:
86:d4:24:82:70:39:ac:c9:b6:c6:0c:86:cf:da:17:d1:45:79:
b4:ae:0b:78:a5:bd:fb:50:d7:a8:fd:28:36:f1:ea:6b:20:99:
ac:82:a2:9d:c3:0d:c3:86:3b:c0:55:48:48:9b:a0:7c:03:8a:
0f:fa:6f:40:17:3d:f1:09:c6:36:3a:d4:c0:de:a6:55:b6:a8:
23:0a:f6:e7:ba:66:1e:99:ad:09:1c:13:9a:c5:61:a8:54:be:
8d:27:9c:25:5b:89:79:df:1c:a2:e9:bb:7a:06:d8:6b:13:e4:
79:bf:32:f3:ff:e2:a0:03:dd:77:8c:32:a8:74:5d:18:db:c6:
72:f7:2f:1e:22:fe:8e:d3:9c:a3:cf:44:98:8c:45:65:68:25:
36:81:98:78:3a:cf:c5:f8:63:5c:35:d4:de:ec:a0:33:4d:e6:
0b:80:aa:c3:ac:a0:17:a5:92:76:f6:32:03:26:ea:07:5c:e6:
d0:19:d5:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnwwI54Bczz2GUEsy9zSySbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMjExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ4NDUwMzExMmRhYWRmNGQwY2MyMjMyY2Y1OTkyMWZjY2I4ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoTPptu4Cq44fxz+5SQ0M6NevpDY
Q0Foy8HUPYwaYgtDK2c5ICF4ksppg9HY3rf+GzYpaP/u4BEOtE5mUyPl6s91ZI3u
FT2yc6TvCp8scheIYRJHCnXSRiXH+0nT1+N0tBwc1TRH/ymT3StzFoxldXVZvOeH
Ll3qVPHr67YSfe+9ii1TCWwQdMNPMk6rLb2XWOTNNv6xW/civiht/3Dv2Ktll1gV
7gsMUrNbFUEf8/FruzFoBEYUpDV2DYC+FLA0nb1WJyB2+DYdEWl/Gy1XRH49AVek
CqY2SCq2voOraXEvRy2hhNPs2Zby1o7t7bHJmW4atikrKamolC84JmfUnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCZIRQMRLarfTQzCIyz1mSH8y43ZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSmtoRkF4RXRxdDlORE1JakxQV1pJZnpMamRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEcwMqzw9CbjEwrkJZx4
oz7MGVEsTntdPWE3yUL023sbvqwFYjGe0lbJ3Bxx504I5zkh6OIdH8nvi4qB2i4u
itP8cy6bWULzY4bUJIJwOazJtsYMhs/aF9FFebSuC3ilvftQ16j9KDbx6msgmayC
op3DDcOGO8BVSEiboHwDig/6b0AXPfEJxjY61MDeplW2qCMK9ue6Zh6ZrQkcE5rF
YahUvo0nnCVbiXnfHKLpu3oG2GsT5Hm/MvP/4qAD3XeMMqh0XRjbxnL3Lx4i/o7T
nKPPRJiMRWVoJTaBmHg6z8X4Y1w11N7soDNN5guAqsOsoBelknb2MgMm6gdc5tAZ
1S4=
-----END CERTIFICATE-----
Generated at Thu May 1 09:31:37 2025 by rpki-client