Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9JCv4PVv9ffvExbdgaQzGuYG340.roa
File: 9JCv4PVv9ffvExbdgaQzGuYG340.roa (raw, json)
Hash identifier: Msg1do0A7kAqdgnklbry/3qHe7fXt6Z/t0fcKgUwKHE=
Subject key identifier: F4:90:AF:E0:F5:6F:F5:F7:EF:13:16:DD:81:A4:33:1A:E6:06:DF:8D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C77737BCEC21B7D35A154037007311BF5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9JCv4PVv9ffvExbdgaQzGuYG340.roa
Signing time: Sun 17 Dec 2023 11:05:06 +0000
ROA not before: Sun 17 Dec 2023 11:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:7772:b3a0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:73:7b:ce:c2:1b:7d:35:a1:54:03:70:07:31:1b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 11:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f490afe0f56ff5f7ef1316dd81a4331ae606df8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8e:05:5f:e9:00:34:99:ba:44:8d:28:8b:8d:
4d:8a:fe:a7:c5:e3:da:cc:e4:a0:32:45:31:23:bb:
21:53:85:ba:a1:1f:4e:f6:91:24:5e:a6:7b:a3:85:
2e:43:a7:4b:82:9a:a5:b2:b4:5d:25:2b:9a:05:d1:
f0:2a:a0:20:71:63:62:c7:45:16:19:31:d6:c1:82:
f8:ad:41:44:c4:3f:2b:33:09:e1:42:35:73:cf:5f:
98:19:2f:7c:e1:5a:3a:f3:79:28:b2:7d:d3:62:33:
49:c9:68:32:0c:c0:62:08:fd:b1:89:60:7c:80:2e:
1f:36:fd:59:77:56:02:b4:2f:3d:05:32:22:1c:e6:
70:0e:bb:66:02:b3:f3:3d:9e:a3:55:22:a0:b8:34:
7b:19:70:a4:1a:90:a9:8c:97:87:ac:cb:c7:7b:a0:
05:e3:fc:d1:11:7e:4a:b0:eb:00:49:24:5c:76:48:
5d:56:2a:0d:26:13:9c:d3:46:23:55:4f:cd:e2:9f:
f8:04:40:3f:fc:f6:06:0a:e3:f7:c5:f0:4b:f8:46:
d0:99:0a:2a:52:79:40:40:1b:85:7f:fe:32:ad:b1:
d0:74:08:52:a7:f5:fb:23:b2:36:2a:23:d0:36:2c:
6c:7d:a6:ed:38:de:1d:92:b6:f2:11:2a:45:57:4a:
f3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:90:AF:E0:F5:6F:F5:F7:EF:13:16:DD:81:A4:33:1A:E6:06:DF:8D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9JCv4PVv9ffvExbdgaQzGuYG340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:0c:1b:13:50:2b:63:99:35:1c:0a:b0:e6:11:4f:a2:a4:c5:
d5:5e:bb:b7:9f:91:37:91:4d:2e:ab:84:ec:03:86:36:d8:1e:
a4:cd:b5:58:ab:21:01:10:88:a5:47:f4:96:4d:ab:b5:90:1e:
8a:5a:a4:b7:16:07:02:42:7b:e3:73:87:b7:b2:0f:95:af:f3:
15:dd:1d:2c:37:b8:ff:8f:97:2b:f1:d3:96:c4:fa:d9:61:77:
94:52:60:bb:35:03:e0:a1:83:8f:b6:70:a0:5b:12:28:d3:8a:
07:af:25:d0:4c:c9:ac:7f:08:6c:3f:1e:a5:71:93:99:61:30:
f3:4e:4f:0f:15:2d:b9:40:ec:d4:5f:f5:6e:15:40:a5:24:33:
4c:d2:98:e8:69:75:ca:92:b3:7a:25:4e:15:be:ff:fd:8b:3a:
81:ff:30:fa:5a:46:85:00:b8:fa:dc:af:d4:6d:96:ea:0c:08:
71:40:d9:86:5d:cf:37:6d:c3:dc:7e:bc:39:17:54:5d:e9:7c:
fc:f1:b9:0c:ba:c0:08:eb:91:5c:a9:89:90:4d:ce:b0:de:0f:
9f:b4:9e:d7:21:63:58:32:ca:f3:ea:d6:f0:64:c9:77:ef:18:
ff:0c:52:e7:60:f0:1f:4f:10:81:93:06:16:ba:dd:3e:8b:e2:
4c:e1:3f:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx3c3vOwht9NaFUA3AHMRv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MTEwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDkwYWZlMGY1NmZmNWY3ZWYxMzE2ZGQ4MWE0MzMxYWU2MDZkZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo4FX+kANJm6RI0oi41Niv6nxePa
zOSgMkUxI7shU4W6oR9O9pEkXqZ7o4UuQ6dLgpqlsrRdJSuaBdHwKqAgcWNix0UW
GTHWwYL4rUFExD8rMwnhQjVzz1+YGS984Vo683kosn3TYjNJyWgyDMBiCP2xiWB8
gC4fNv1Zd1YCtC89BTIiHOZwDrtmArPzPZ6jVSKguDR7GXCkGpCpjJeHrMvHe6AF
4/zREX5KsOsASSRcdkhdVioNJhOc00YjVU/N4p/4BEA//PYGCuP3xfBL+EbQmQoq
UnlAQBuFf/4yrbHQdAhSp/X7I7I2KiPQNixsfabtON4dkrbyESpFV0rz1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSQr+D1b/X37xMW3YGkMxrmBt+NMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOUpDdjRQVnY5ZmZ2RXhiZGdhUXpHdVlHMzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFkMGxNQK2OZNRwKsOYR
T6KkxdVeu7efkTeRTS6rhOwDhjbYHqTNtVirIQEQiKVH9JZNq7WQHopapLcWBwJC
e+Nzh7eyD5Wv8xXdHSw3uP+Plyvx05bE+tlhd5RSYLs1A+Chg4+2cKBbEijTigev
JdBMyax/CGw/HqVxk5lhMPNOTw8VLblA7NRf9W4VQKUkM0zSmOhpdcqSs3olThW+
//2LOoH/MPpaRoUAuPrcr9RtluoMCHFA2YZdzzdtw9x+vDkXVF3pfPzxuQy6wAjr
kVypiZBNzrDeD5+0ntchY1gyyvPq1vBkyXfvGP8MUudg8B9PEIGTBha63T6L4kzh
P4o=
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:50:11 2025 by rpki-client