Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jtNtwhnVjN3xBr7zGYNzj4yUkHE.roa
File: jtNtwhnVjN3xBr7zGYNzj4yUkHE.roa (raw, json)
Hash identifier: IyuCa+6EIsm+RfLLQRymMljkJIn2ylsOdBVH2xohti8=
Subject key identifier: 8E:D3:6D:C2:19:D5:8C:DD:F1:06:BE:F3:19:83:73:8F:8C:94:90:71
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD8DE2C8FA5FFF5181612EFA3DCADFC2E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jtNtwhnVjN3xBr7zGYNzj4yUkHE.roa
Signing time: Fri 05 Jan 2024 09:04:48 +0000
ROA not before: Fri 05 Jan 2024 09:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:d8dd:e910/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:de:2c:8f:a5:ff:f5:18:16:12:ef:a3:dc:ad:fc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 09:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ed36dc219d58cddf106bef31983738f8c949071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:54:72:a4:a7:ae:86:f4:ba:ae:20:32:03:
a6:ed:3e:9a:fd:e8:36:c1:82:9f:04:44:ef:49:1b:
42:db:c7:3d:78:85:52:43:6b:7d:ff:06:e8:41:da:
26:9f:6c:55:05:dc:18:f9:2c:d9:61:0b:f6:18:b6:
41:d9:f2:3a:c9:ab:b0:7e:e3:4f:c5:fd:77:8b:a2:
fa:5f:0e:52:48:63:8f:c5:02:4a:92:48:7b:be:76:
68:c2:dd:9b:3e:ec:8d:5c:98:42:9c:49:3c:ef:eb:
27:5e:be:e7:7d:31:8a:4e:83:c7:23:2f:8a:9d:3e:
ea:c6:e8:48:e0:a7:64:98:1d:56:de:77:eb:23:55:
31:da:be:90:c2:94:03:aa:52:c8:88:a8:2d:80:d9:
1b:f1:70:60:c0:36:32:81:41:62:97:26:c0:75:11:
13:d8:e3:1b:07:82:29:8f:04:5a:ee:a5:d4:a4:2d:
17:66:69:86:4c:f1:20:56:34:a3:cd:e1:1c:5f:74:
48:6f:eb:6b:0b:0b:34:4a:af:47:41:8d:82:4e:59:
4a:fa:1a:3d:b4:97:fc:18:e3:5c:7f:3e:24:88:d0:
f7:e0:f9:df:e7:7f:59:63:a0:bc:ca:fc:61:a3:93:
42:87:45:66:00:39:db:e8:d3:96:34:58:ec:19:b5:
8f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D3:6D:C2:19:D5:8C:DD:F1:06:BE:F3:19:83:73:8F:8C:94:90:71
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jtNtwhnVjN3xBr7zGYNzj4yUkHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:9e:53:68:13:5c:5c:0c:76:bf:3b:d8:8e:da:8b:19:51:4f:
83:73:87:d1:52:6c:23:d6:a6:05:f7:6a:3c:3c:23:71:f9:46:
5a:99:7b:c9:8a:e6:6b:26:e2:d6:2d:43:53:be:19:a9:20:fd:
ea:5b:dd:5a:7b:66:ec:c1:d8:bd:8f:dd:6a:11:b9:9b:dd:ed:
c5:98:07:a5:ae:2d:9b:67:c6:b6:20:e2:ce:99:71:34:04:db:
aa:6e:9a:f0:91:56:ec:82:60:dd:97:75:66:f0:3b:84:6e:6a:
44:c0:56:d5:e1:33:1e:c7:bd:e5:06:0c:3c:b1:24:5e:59:c5:
70:e9:8c:38:8f:4b:a2:d2:06:48:0b:74:6e:e5:5f:ae:f9:53:
72:eb:5d:f8:74:9e:28:f7:08:5c:64:f0:c6:ce:0d:2c:f1:cf:
6e:cd:d3:1b:b3:60:c5:7c:7e:65:d5:20:66:7d:3c:92:f2:f4:
92:ce:10:4c:05:cb:89:96:be:40:73:fd:8b:ff:ff:37:5c:26:
14:59:fb:c9:fb:8d:67:a6:c2:b1:14:17:ba:5e:1a:47:47:0d:
a2:1e:94:55:06:50:29:59:2b:b8:a6:14:c9:41:53:3c:9f:47:
f0:34:f7:7f:6d:9f:ce:e6:b6:21:6c:70:9c:e4:46:85:46:ad:
f5:5a:4a:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzY3iyPpf/1GBYS76PcrfwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MDkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQzNmRjMjE5ZDU4Y2RkZjEwNmJlZjMxOTgzNzM4ZjhjOTQ5MDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIdUcqSnrob0uq4gMgOm7T6a/eg2
wYKfBETvSRtC28c9eIVSQ2t9/wboQdomn2xVBdwY+SzZYQv2GLZB2fI6yauwfuNP
xf13i6L6Xw5SSGOPxQJKkkh7vnZowt2bPuyNXJhCnEk87+snXr7nfTGKToPHIy+K
nT7qxuhI4KdkmB1W3nfrI1Ux2r6QwpQDqlLIiKgtgNkb8XBgwDYygUFilybAdRET
2OMbB4IpjwRa7qXUpC0XZmmGTPEgVjSjzeEcX3RIb+trCws0Sq9HQY2CTllK+ho9
tJf8GONcfz4kiND34Pnf539ZY6C8yvxho5NCh0VmADnb6NOWNFjsGbWPhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI7TbcIZ1Yzd8Qa+8xmDc4+MlJBxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvanROdHdoblZqTjN4QnI3ekdZTnpqNHlVa0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqeU2gTXFwMdr872I7a
ixlRT4Nzh9FSbCPWpgX3ajw8I3H5RlqZe8mK5msm4tYtQ1O+Gakg/epb3Vp7ZuzB
2L2P3WoRuZvd7cWYB6WuLZtnxrYg4s6ZcTQE26pumvCRVuyCYN2XdWbwO4RuakTA
VtXhMx7HveUGDDyxJF5ZxXDpjDiPS6LSBkgLdG7lX675U3LrXfh0nij3CFxk8MbO
DSzxz27N0xuzYMV8fmXVIGZ9PJLy9JLOEEwFy4mWvkBz/Yv//zdcJhRZ+8n7jWem
wrEUF7peGkdHDaIelFUGUClZK7imFMlBUzyfR/A0939tn87mtiFscJzkRoVGrfVa
Soc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:36:40 2025 by rpki-client