Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JNOiGU7BQSN3QY5KO48zN3B8sCc.roa
File: JNOiGU7BQSN3QY5KO48zN3B8sCc.roa (raw, json)
Hash identifier: OM68v5enyXjLxghRbbcJhjBuq5hzyQeERXUEB8RmqWQ=
Subject key identifier: 24:D3:A2:19:4E:C1:41:23:77:41:8E:4A:3B:8F:33:37:70:7C:B0:27
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACF73093353E9C1532CB2FDFBA98B139C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JNOiGU7BQSN3QY5KO48zN3B8sCc.roa
Signing time: Tue 26 Sep 2023 03:05:37 +0000
ROA not before: Tue 26 Sep 2023 03:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:cf72:4887/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:73:09:33:53:e9:c1:53:2c:b2:fd:fb:a9:8b:13:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 03:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24d3a2194ec1412377418e4a3b8f3337707cb027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:e4:f6:33:17:f0:1c:df:d2:0a:94:7c:91:
73:da:40:ed:42:df:8f:ea:8d:ae:25:45:81:0a:37:
f8:a3:a6:38:10:ac:a3:9a:06:45:f8:c4:48:34:69:
a0:ed:60:06:22:ea:10:67:f1:20:a2:a5:ef:7f:d0:
dd:ba:34:84:93:0d:94:4d:63:74:cc:4c:ef:2a:9d:
6e:3a:0a:2b:30:b8:5b:13:d4:35:5d:96:ed:47:5a:
89:b9:d0:b8:5f:78:a6:6a:5e:1d:6f:2c:46:5d:67:
c6:95:5c:84:4f:fe:75:c2:e9:06:eb:5c:b1:f1:19:
c1:d7:b9:62:44:d3:17:7a:9a:5d:b9:9f:ca:74:24:
72:46:f1:af:17:08:29:c2:e4:d9:dd:46:be:7b:ad:
a4:56:fc:0e:8a:f2:46:70:84:e9:b4:29:26:de:d7:
be:29:cf:50:19:17:1e:7a:32:a4:17:fb:22:97:b4:
71:1f:a7:1b:4a:10:e4:9e:16:82:c1:6b:a4:8a:ac:
16:5d:a5:ea:14:14:48:a1:63:78:29:c7:c0:30:8f:
fa:4b:96:e6:cb:e8:0a:4e:5a:d2:84:a2:25:31:49:
2d:e5:6e:d9:45:b9:3b:58:87:da:68:a7:6c:10:19:
74:08:48:39:d9:e6:33:eb:5a:16:f7:4b:45:b5:68:
3c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D3:A2:19:4E:C1:41:23:77:41:8E:4A:3B:8F:33:37:70:7C:B0:27
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/JNOiGU7BQSN3QY5KO48zN3B8sCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:92:17:9d:24:f7:02:77:a6:05:b4:64:0f:4b:30:95:c0:c0:
0c:31:c5:59:e1:3d:da:9a:42:ac:d7:11:48:14:fb:1d:22:9e:
cf:79:b3:56:34:63:db:3e:57:6d:5f:0d:3d:7e:76:ce:76:76:
6c:c6:bd:61:a2:3e:00:01:85:8f:43:3c:55:db:61:e0:68:19:
41:46:15:d8:9b:28:74:65:cb:d0:cb:af:b2:04:36:eb:db:29:
93:c5:d9:b1:2f:68:4f:b8:79:b5:14:af:5b:f0:6f:36:67:17:
88:90:3e:63:1f:7c:44:5d:11:71:7c:31:72:97:bc:1e:c2:bc:
b8:62:2a:ea:39:7d:9d:86:cf:26:67:d1:4d:c5:5c:82:e0:bb:
f2:5f:5f:a8:a1:ed:3c:08:c4:3b:1a:d2:ba:b8:81:20:26:b6:
75:c3:ee:88:15:9e:4a:f8:0e:2b:36:f2:d7:4b:16:5f:32:33:
49:92:35:01:d3:52:27:9b:7b:bd:1e:a5:e1:0f:2e:43:b6:6f:
95:2f:13:0d:87:ae:b6:e5:a0:b9:25:a9:2a:f2:3e:65:77:d2:
fd:6e:8a:47:3e:42:30:c1:bb:74:a3:c8:cc:50:30:59:66:cc:
dd:b1:cb:a7:a1:65:3a:c5:44:11:56:13:64:eb:ba:8a:85:cf:
e5:6b:ac:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrPcwkzU+nBUyyy/fupixOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MDMwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQzYTIxOTRlYzE0MTIzNzc0MThlNGEzYjhmMzMzNzcwN2NiMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGDk9jMX8Bzf0gqUfJFz2kDtQt+P
6o2uJUWBCjf4o6Y4EKyjmgZF+MRINGmg7WAGIuoQZ/EgoqXvf9DdujSEkw2UTWN0
zEzvKp1uOgorMLhbE9Q1XZbtR1qJudC4X3imal4dbyxGXWfGlVyET/51wukG61yx
8RnB17liRNMXeppduZ/KdCRyRvGvFwgpwuTZ3Ua+e62kVvwOivJGcITptCkm3te+
Kc9QGRceejKkF/sil7RxH6cbShDknhaCwWukiqwWXaXqFBRIoWN4KcfAMI/6S5bm
y+gKTlrShKIlMUkt5W7ZRbk7WIfaaKdsEBl0CEg52eYz61oW90tFtWg8NwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCTTohlOwUEjd0GOSjuPMzdwfLAnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSk5PaUdVN0JRU04zUVk1S080OHpOM0I4c0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACuSF50k9wJ3pgW0ZA9L
MJXAwAwxxVnhPdqaQqzXEUgU+x0ins95s1Y0Y9s+V21fDT1+ds52dmzGvWGiPgAB
hY9DPFXbYeBoGUFGFdibKHRly9DLr7IENuvbKZPF2bEvaE+4ebUUr1vwbzZnF4iQ
PmMffERdEXF8MXKXvB7CvLhiKuo5fZ2GzyZn0U3FXILgu/JfX6ih7TwIxDsa0rq4
gSAmtnXD7ogVnkr4Dis28tdLFl8yM0mSNQHTUiebe70epeEPLkO2b5UvEw2Hrrbl
oLklqSryPmV30v1uikc+QjDBu3SjyMxQMFlmzN2xy6ehZTrFRBFWE2TruoqFz+Vr
rMA=
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:28:23 2025 by rpki-client