Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--NtbE9lgDGqKl1u5aK5YEM6EK0.roa
File: 1--NtbE9lgDGqKl1u5aK5YEM6EK0.roa (raw, json)
Hash identifier: sJ74DelAHFgHREPnSkFFL4X+xavfM4ZfvA64Q4LkoCE=
Subject key identifier: FB:E3:6D:6C:4F:65:80:31:AA:2A:5D:6E:E5:A2:B9:60:43:3A:10:AD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEC353BC4267E07B2FC69673DE107C85F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--NtbE9lgDGqKl1u5aK5YEM6EK0.roa
Signing time: Tue 09 Jan 2024 03:12:40 +0000
ROA not before: Tue 09 Jan 2024 03:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ec:35:3b:c4:26:7e:07:b2:fc:69:67:3d:e1:07:c8:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 03:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe36d6c4f658031aa2a5d6ee5a2b960433a10ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ed:a7:4e:34:5d:b0:c1:7a:0f:a3:36:26:97:
4f:33:bd:92:a9:33:a3:c3:ea:ab:11:da:70:b3:bb:
64:cf:f0:75:ed:b9:1b:58:05:56:44:f5:e5:28:87:
36:26:98:72:02:b1:ee:46:82:a7:b2:73:f8:d5:32:
ce:30:79:d2:8a:56:6e:98:33:77:37:86:a8:3a:34:
2d:d0:5a:0d:b7:d7:3b:19:3d:da:23:5b:18:64:22:
2b:2d:57:c8:97:b8:77:9a:3a:a8:01:68:8f:12:6b:
3d:bf:42:7a:13:d7:10:3f:ea:2a:6a:f0:77:9b:37:
61:89:3a:9c:a0:bf:03:f7:f4:94:89:db:1b:77:ae:
0c:59:92:5b:5a:fb:1a:31:a8:fe:03:0c:d6:d7:31:
c2:e9:ad:3f:81:e8:37:de:a3:55:cd:38:2b:ee:23:
f6:77:1f:e6:0b:bb:69:fe:ef:8a:5b:10:ff:76:e7:
92:c0:75:1d:54:eb:3f:f7:e0:79:82:b2:ec:80:fa:
c9:03:3b:15:d6:41:84:b4:d8:bd:29:9c:9b:19:66:
7d:41:68:f4:ef:bb:36:9f:8d:86:09:ee:60:92:a9:
60:84:3c:7e:b2:fd:a0:97:20:aa:8d:f9:95:59:43:
8f:eb:f5:d5:ba:2f:18:77:75:fe:d7:a4:f3:13:ad:
6f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E3:6D:6C:4F:65:80:31:AA:2A:5D:6E:E5:A2:B9:60:43:3A:10:AD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1--NtbE9lgDGqKl1u5aK5YEM6EK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:1f:8c:9c:cd:15:ee:c6:cb:3b:3f:82:f0:f6:a2:b7:e1:bc:
0c:44:23:3f:38:8a:05:7f:36:e6:b6:ed:cb:e6:88:88:e0:6c:
4a:a7:33:71:9a:2b:63:0b:b2:e3:d5:c9:08:4a:4b:b7:a3:77:
cc:a5:db:17:22:5f:38:46:5e:c3:ef:2e:51:ff:73:5f:82:87:
59:f1:54:31:c7:d9:19:40:2f:ed:65:9c:7c:67:c9:ef:d8:1c:
f7:a7:0c:6b:9e:d3:21:0d:f2:33:3a:a2:e6:bc:85:60:2b:54:
93:42:ee:ab:08:d3:30:de:8a:1c:91:de:47:08:2b:50:e4:f7:
c8:e5:11:84:f0:52:93:95:b0:5b:a3:e5:1e:6a:30:5d:2b:61:
d9:3d:c0:6d:11:54:21:ce:80:7e:7d:31:64:ab:18:0d:98:ff:
88:eb:23:dd:5f:53:0f:98:5c:19:dd:00:92:5c:5a:02:9a:58:
7b:0a:88:65:ab:dd:d9:9f:2b:1b:42:91:97:f8:e9:26:f1:38:
a3:6f:bd:3e:1d:99:78:16:5b:60:16:4f:79:bc:62:c0:17:ba:
38:cd:04:b0:14:fd:60:8e:94:35:1d:2b:15:cd:61:3d:c6:62:
13:b3:ec:97:e3:c2:97:ef:b9:f7:bd:ef:bb:68:dc:93:ce:5f:
54:8a:57:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzsNTvEJn4HsvxpZz3hB8hfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MDMxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUzNmQ2YzRmNjU4MDMxYWEyYTVkNmVlNWEyYjk2MDQzM2ExMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O2nTjRdsMF6D6M2JpdPM72SqTOj
w+qrEdpws7tkz/B17bkbWAVWRPXlKIc2JphyArHuRoKnsnP41TLOMHnSilZumDN3
N4aoOjQt0FoNt9c7GT3aI1sYZCIrLVfIl7h3mjqoAWiPEms9v0J6E9cQP+oqavB3
mzdhiTqcoL8D9/SUidsbd64MWZJbWvsaMaj+AwzW1zHC6a0/geg33qNVzTgr7iP2
dx/mC7tp/u+KWxD/dueSwHUdVOs/9+B5grLsgPrJAzsV1kGEtNi9KZybGWZ9QWj0
77s2n42GCe5gkqlghDx+sv2glyCqjfmVWUOP6/XVui8Yd3X+16TzE61v0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvjbWxPZYAxqipdbuWiuWBDOhCtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS0tTnRiRTlsZ0RHcUtsMXU1YUs1WUVNNkVLMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBWH4yczRXuxss7P4Lw
9qK34bwMRCM/OIoFfzbmtu3L5oiI4GxKpzNxmitjC7Lj1ckISku3o3fMpdsXIl84
Rl7D7y5R/3NfgodZ8VQxx9kZQC/tZZx8Z8nv2Bz3pwxrntMhDfIzOqLmvIVgK1ST
Qu6rCNMw3oockd5HCCtQ5PfI5RGE8FKTlbBbo+UeajBdK2HZPcBtEVQhzoB+fTFk
qxgNmP+I6yPdX1MPmFwZ3QCSXFoCmlh7Cohlq93ZnysbQpGX+Okm8Tijb70+HZl4
FltgFk95vGLAF7o4zQSwFP1gjpQ1HSsVzWE9xmITs+yX48KX77n3ve+7aNyTzl9U
ilf1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:52 2025 by rpki-client