Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nTH4WdkOpmaxLI6A6tPno0N3nqE.roa
File: nTH4WdkOpmaxLI6A6tPno0N3nqE.roa (raw, json)
Hash identifier: rV9it7gsh+yC4FBjxjM2abhVUMQzKP9PDyiIYu1GCIA=
Subject key identifier: 9D:31:F8:59:D9:0E:A6:66:B1:2C:8E:80:EA:D3:E7:A3:43:77:9E:A1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5B508CF9DA979D836B6EC2D98589AD92
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nTH4WdkOpmaxLI6A6tPno0N3nqE.roa
Signing time: Thu 09 May 2024 03:05:56 +0000
ROA not before: Thu 09 May 2024 03:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:5b4f:dde9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5b:50:8c:f9:da:97:9d:83:6b:6e:c2:d9:85:89:ad:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 03:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d31f859d90ea666b12c8e80ead3e7a343779ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:62:6e:5c:59:b8:96:7f:a4:7f:9b:96:ca:
5d:9f:81:4f:56:96:6b:05:59:7a:ef:66:b2:46:04:
40:65:bb:ac:eb:57:0f:f8:ac:9b:78:c3:21:ed:39:
14:22:e8:11:17:e3:ad:d9:74:5d:a1:ab:19:2a:36:
5a:c9:91:ca:8c:21:4d:c9:68:37:b2:0a:bd:72:7f:
c5:1e:eb:e5:e6:de:7f:66:e6:35:2d:74:3b:f1:ed:
e3:8a:80:0f:d6:d4:7a:0b:84:c7:58:ef:ed:24:cb:
3d:ee:c7:b3:17:1b:6a:93:33:72:30:8e:95:5a:a0:
19:ff:ee:24:d6:59:32:fd:9e:24:7b:8b:a4:97:49:
70:52:c5:47:bc:e9:a5:c5:b7:df:aa:ce:e3:dd:eb:
21:89:2f:7f:44:2e:22:a3:3a:3f:24:d2:50:75:34:
6b:f2:ec:5b:27:9b:ef:5f:da:5a:af:94:d1:a2:c8:
72:31:9a:28:94:a7:71:82:27:20:7b:15:d2:b8:ea:
89:63:20:dc:1a:42:5b:89:d4:8f:8c:0a:47:2d:8b:
a2:6b:b4:16:b7:00:74:a6:85:71:69:12:6a:c3:1c:
e5:0e:6d:62:20:3b:de:73:2c:32:3b:39:6e:89:39:
d9:f3:cc:89:a1:2a:91:f7:5a:4e:db:9e:eb:a1:50:
dd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:31:F8:59:D9:0E:A6:66:B1:2C:8E:80:EA:D3:E7:A3:43:77:9E:A1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/nTH4WdkOpmaxLI6A6tPno0N3nqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:d5:fc:84:ba:ac:29:1f:3c:b0:19:cf:8a:71:88:26:b8:e9:
f3:30:87:60:6d:5c:b1:77:7d:77:12:e2:58:2e:53:fd:45:eb:
57:62:f1:91:cd:a6:84:09:ad:c2:57:b3:87:23:82:2e:99:41:
9c:50:bc:19:ad:c2:e3:06:58:25:b6:1f:06:30:69:c6:86:22:
75:13:4b:3e:58:33:91:3e:15:43:a5:32:8a:6f:8c:62:69:48:
0d:c4:b7:8b:16:25:3a:82:ca:66:87:ac:57:2f:c2:ae:40:c4:
57:7e:27:ce:51:56:5f:79:7e:59:c0:ec:69:e7:1c:76:da:31:
1c:61:d5:b0:19:f1:d7:c3:73:01:db:eb:96:d0:a5:65:d3:bc:
17:59:9a:75:9e:c2:b6:47:e0:ca:fe:a7:94:a9:d4:2b:f7:8f:
34:b4:e4:cb:d9:c3:8d:6b:d7:7f:f1:fb:49:6f:ac:15:6a:a2:
59:d3:70:e7:f5:44:1c:b3:25:55:37:a8:cd:22:cd:7e:ff:bd:
fd:90:67:04:f7:bb:f0:0b:9d:9e:55:a0:27:5d:ef:05:54:85:
49:47:7e:f4:80:ba:93:f8:7d:b1:8b:bc:81:2d:ed:cf:d3:75:
26:54:1d:82:8f:8b:48:0c:66:aa:0c:c5:cf:b6:d2:1e:81:7b:
25:6b:37:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9bUIz52pedg2tuwtmFia2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MDMwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMxZjg1OWQ5MGVhNjY2YjEyYzhlODBlYWQzZTdhMzQzNzc5ZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjZiblxZuJZ/pH+blspdn4FPVpZr
BVl672ayRgRAZbus61cP+KybeMMh7TkUIugRF+Ot2XRdoasZKjZayZHKjCFNyWg3
sgq9cn/FHuvl5t5/ZuY1LXQ78e3jioAP1tR6C4THWO/tJMs97sezFxtqkzNyMI6V
WqAZ/+4k1lky/Z4ke4ukl0lwUsVHvOmlxbffqs7j3eshiS9/RC4iozo/JNJQdTRr
8uxbJ5vvX9par5TRoshyMZoolKdxgicgexXSuOqJYyDcGkJbidSPjApHLYuia7QW
twB0poVxaRJqwxzlDm1iIDvecywyOzluiTnZ88yJoSqR91pO257roVDdkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0x+FnZDqZmsSyOgOrT56NDd56hMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvblRINFdka09wbWF4TEk2QTZ0UG5vME4zbnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACTV/IS6rCkfPLAZz4px
iCa46fMwh2BtXLF3fXcS4lguU/1F61di8ZHNpoQJrcJXs4cjgi6ZQZxQvBmtwuMG
WCW2HwYwacaGInUTSz5YM5E+FUOlMopvjGJpSA3Et4sWJTqCymaHrFcvwq5AxFd+
J85RVl95flnA7GnnHHbaMRxh1bAZ8dfDcwHb65bQpWXTvBdZmnWewrZH4Mr+p5Sp
1Cv3jzS05MvZw41r13/x+0lvrBVqolnTcOf1RByzJVU3qM0izX7/vf2QZwT3u/AL
nZ5VoCdd7wVUhUlHfvSAupP4fbGLvIEt7c/TdSZUHYKPi0gMZqoMxc+20h6BeyVr
Ny0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:13:52 2025 by rpki-client