Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Nsgfo1RE_8AViaI0-BEQ4UhFskE.roa
File: Nsgfo1RE_8AViaI0-BEQ4UhFskE.roa (raw, json)
Hash identifier: n+dxdOxy/0+WleGRtcLovhl9vQc7u0AeMmn0MdIw+EY=
Subject key identifier: 36:C8:1F:A3:54:44:FF:C0:15:89:A2:34:F8:11:10:E1:48:45:B2:41
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9D6C31C76DEE46D3800CD825C17A79C4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Nsgfo1RE_8AViaI0-BEQ4UhFskE.roa
Signing time: Tue 21 May 2024 23:11:04 +0000
ROA not before: Tue 21 May 2024 23:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9d:6c:31:c7:6d:ee:46:d3:80:0c:d8:25:c1:7a:79:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 23:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36c81fa35444ffc01589a234f81110e14845b241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:22:9a:77:28:6e:33:da:1a:fa:96:d5:09:98:
bb:9a:70:65:4e:ae:2b:79:e9:40:5e:b2:24:c1:16:
21:b8:34:de:2a:00:1f:89:bb:a2:20:51:df:13:03:
1a:e7:b1:2e:b4:2e:c6:26:66:27:bf:d2:64:0a:b8:
4c:13:d1:55:2d:dd:e4:43:f5:17:ce:f2:f2:1e:42:
ad:27:14:99:58:28:0b:7a:f8:b3:fd:ac:b7:d2:25:
7e:c5:47:9e:14:71:33:c7:bb:66:68:a9:a7:db:b7:
e4:b3:52:cc:68:36:b4:ce:29:eb:6d:b0:55:e3:ea:
ee:2c:78:e2:44:8a:a4:55:7f:a6:da:95:6f:67:ff:
3c:aa:4b:e7:6d:b5:74:f8:5b:3b:47:ed:f4:f1:01:
1d:27:9a:48:c2:97:aa:9d:b0:29:df:57:59:3f:51:
f3:2e:d6:4d:83:ee:36:f1:2c:86:3e:4d:51:ee:f8:
9e:d7:05:71:b8:fa:4d:f8:9d:a6:0a:9e:9c:1a:3b:
23:9f:ec:61:45:f0:ff:6c:12:73:1b:25:e8:d0:b6:
50:6c:24:f9:47:ea:f6:0c:aa:d3:3c:58:37:30:c9:
2a:ab:86:1e:04:77:a7:8f:4e:a2:d9:f0:9d:be:49:
78:95:39:ff:aa:f0:ba:28:ab:25:49:ab:60:fe:12:
3f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C8:1F:A3:54:44:FF:C0:15:89:A2:34:F8:11:10:E1:48:45:B2:41
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Nsgfo1RE_8AViaI0-BEQ4UhFskE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:fc:04:93:4e:6c:b8:10:d8:eb:f4:0d:bb:8b:9e:7a:fe:04:
05:73:10:bb:50:cf:85:ff:99:f8:f3:9f:68:d4:d8:c5:ef:63:
2c:87:df:fa:8d:d1:4d:a0:4c:22:9f:a0:fa:8c:0b:4e:ee:3b:
84:66:de:2a:b6:08:2a:ac:cc:27:4b:b8:37:25:27:c0:5f:9b:
d1:80:37:62:8b:10:4e:8f:b3:46:5e:6c:dc:05:56:37:d0:17:
42:bc:ae:72:65:ef:43:7c:e9:73:9c:d7:c1:21:ed:58:5f:0f:
9e:05:a2:75:69:d6:88:46:31:bb:e0:8e:84:c6:f5:ac:33:07:
3f:0b:05:48:a6:45:4c:59:1c:0b:1d:45:d3:da:6b:bc:2e:3f:
1f:b6:8e:33:f6:54:7e:6e:b4:a0:c4:82:86:e8:b2:1c:ba:b9:
f5:bb:bb:e4:7b:1c:c4:03:e3:fa:1e:51:ae:26:21:8b:e1:19:
bf:64:45:37:7f:27:45:2e:02:2d:76:97:24:55:8b:80:6e:4b:
3d:fc:9c:42:35:d8:37:aa:7c:93:99:3c:8a:58:9f:ab:44:d5:
3d:31:51:21:03:e8:c1:46:82:8d:eb:7c:25:3d:6b:e9:3e:4b:
ff:63:6a:3d:05:30:92:80:24:1d:19:07:3c:07:ea:a1:e9:2f:
c4:79:33:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+dbDHHbe5G04AM2CXBennEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMjMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmM4MWZhMzU0NDRmZmMwMTU4OWEyMzRmODExMTBlMTQ4NDViMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCKadyhuM9oa+pbVCZi7mnBlTq4r
eelAXrIkwRYhuDTeKgAfibuiIFHfEwMa57EutC7GJmYnv9JkCrhME9FVLd3kQ/UX
zvLyHkKtJxSZWCgLeviz/ay30iV+xUeeFHEzx7tmaKmn27fks1LMaDa0zinrbbBV
4+ruLHjiRIqkVX+m2pVvZ/88qkvnbbV0+Fs7R+308QEdJ5pIwpeqnbAp31dZP1Hz
LtZNg+428SyGPk1R7vie1wVxuPpN+J2mCp6cGjsjn+xhRfD/bBJzGyXo0LZQbCT5
R+r2DKrTPFg3MMkqq4YeBHenj06i2fCdvkl4lTn/qvC6KKslSatg/hI/0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDbIH6NURP/AFYmiNPgREOFIRbJBMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTnNnZm8xUkVfOEFWaWFJMC1CRVE0VWhGc2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD78BJNObLgQ2Ov0DbuL
nnr+BAVzELtQz4X/mfjzn2jU2MXvYyyH3/qN0U2gTCKfoPqMC07uO4Rm3iq2CCqs
zCdLuDclJ8Bfm9GAN2KLEE6Ps0ZebNwFVjfQF0K8rnJl70N86XOc18Eh7VhfD54F
onVp1ohGMbvgjoTG9awzBz8LBUimRUxZHAsdRdPaa7wuPx+2jjP2VH5utKDEgobo
shy6ufW7u+R7HMQD4/oeUa4mIYvhGb9kRTd/J0UuAi12lyRVi4BuSz38nEI12Deq
fJOZPIpYn6tE1T0xUSED6MFGgo3rfCU9a+k+S/9jaj0FMJKAJB0ZBzwH6qHpL8R5
M2A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org