Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9NKBaPTH_8wozbC3W15DXrfFOLs.roa
File: 9NKBaPTH_8wozbC3W15DXrfFOLs.roa (raw, json)
Hash identifier: Hul9n4uE1CLL+7PstqiU8lrVOB2wLMILgg7a7pd+I2A=
Subject key identifier: F4:D2:81:68:F4:C7:FF:CC:28:CD:B0:B7:5B:5E:43:5E:B7:C5:38:BB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E202529EA033B90897FF46EAD5F9CA783
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9NKBaPTH_8wozbC3W15DXrfFOLs.roa
Signing time: Fri 08 Mar 2024 22:18:10 +0000
ROA not before: Fri 08 Mar 2024 22:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:20:25:29:ea:03:3b:90:89:7f:f4:6e:ad:5f:9c:a7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 8 22:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4d28168f4c7ffcc28cdb0b75b5e435eb7c538bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:33:ea:60:11:5a:ee:f4:f2:77:61:52:4c:
68:d3:17:87:7e:ec:c9:4f:74:a2:e1:75:fd:fa:47:
5a:b0:b6:46:5f:9f:98:c9:38:99:8d:c7:67:73:2c:
c3:2e:d5:9d:df:e8:ce:64:b6:92:8a:bd:67:7e:e4:
d0:1d:69:34:19:f5:52:21:fb:92:a5:57:76:27:04:
0f:9b:78:a6:39:60:8f:52:ae:42:45:fa:7b:e5:16:
9c:ca:37:3d:16:b0:f4:28:b8:1b:89:0b:4f:ba:b2:
da:90:8c:14:14:40:88:8d:85:9c:29:70:27:29:76:
6a:0f:3d:21:d8:2a:81:d7:fb:bc:28:2a:02:e2:d7:
db:b2:8e:25:28:61:fd:85:31:8a:36:ce:75:ed:f6:
f3:04:5e:28:46:d8:62:01:5f:65:d1:78:0d:d1:5c:
e1:ae:3e:ec:83:4d:bb:69:2c:67:45:2f:08:da:56:
b2:20:e8:bc:af:3f:91:d5:e6:53:76:45:9d:9b:c8:
a6:be:66:2f:37:56:b9:1e:d8:aa:60:e9:09:76:c0:
57:fa:82:8f:7d:82:67:e0:3d:2f:7e:16:0c:1b:93:
25:d1:61:b2:4c:1b:46:07:61:63:da:74:8e:1a:f8:
6a:c2:d7:66:17:a8:f0:27:d8:e3:5d:a5:0a:13:e5:
13:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D2:81:68:F4:C7:FF:CC:28:CD:B0:B7:5B:5E:43:5E:B7:C5:38:BB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9NKBaPTH_8wozbC3W15DXrfFOLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:3a:09:fc:81:2f:a4:a3:ba:9c:91:2c:b5:5b:e2:c6:26:91:
52:85:a6:ff:35:23:83:1a:bd:c4:4a:79:df:a1:be:32:55:ce:
18:c9:33:87:63:4e:4b:ec:72:a0:01:81:0b:86:1c:e6:c1:d9:
f2:c5:6d:24:80:92:5d:ba:de:21:d1:01:4b:6c:70:03:3e:0a:
08:9f:08:f6:58:04:2d:02:32:c6:cd:bb:a8:87:43:85:02:6f:
55:5e:b4:19:49:70:d0:be:1f:65:89:91:41:cb:4b:bb:d8:3f:
15:fc:6d:0c:fb:aa:68:0b:6a:99:b9:ad:97:30:89:4c:c4:0f:
5a:75:72:66:7b:77:e3:fe:1b:62:58:53:a9:e2:05:0b:e6:52:
53:52:d9:d6:49:b9:0c:c5:db:5c:25:a7:ff:20:e5:f7:9d:2d:
6b:a0:71:91:28:ab:67:8b:cd:ff:a8:dd:b1:db:e3:cd:86:a4:
88:3f:65:5c:77:99:f3:bc:67:3c:02:e5:61:0f:b6:aa:b4:ad:
14:80:69:eb:23:26:30:64:fe:26:27:1b:c3:84:2d:f3:86:47:
18:bc:c9:0f:b6:ad:82:d3:b9:10:c5:b4:3b:cf:a3:24:3b:f8:
65:e1:47:1e:e4:7a:1c:de:ad:ea:3c:1c:0e:a6:8c:3a:59:b3:
09:c4:f1:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4gJSnqAzuQiX/0bq1fnKeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA4MjIxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQyODE2OGY0YzdmZmNjMjhjZGIwYjc1YjVlNDM1ZWI3YzUzOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujYz6mARWu708ndhUkxo0xeHfuzJ
T3Si4XX9+kdasLZGX5+YyTiZjcdncyzDLtWd3+jOZLaSir1nfuTQHWk0GfVSIfuS
pVd2JwQPm3imOWCPUq5CRfp75Racyjc9FrD0KLgbiQtPurLakIwUFECIjYWcKXAn
KXZqDz0h2CqB1/u8KCoC4tfbso4lKGH9hTGKNs517fbzBF4oRthiAV9l0XgN0Vzh
rj7sg027aSxnRS8I2layIOi8rz+R1eZTdkWdm8imvmYvN1a5HtiqYOkJdsBX+oKP
fYJn4D0vfhYMG5Ml0WGyTBtGB2Fj2nSOGvhqwtdmF6jwJ9jjXaUKE+UTzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPTSgWj0x//MKM2wt1teQ163xTi7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOU5LQmFQVEhfOHdvemJDM1cxNURYcmZGT0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIU6CfyBL6SjupyRLLVb
4sYmkVKFpv81I4MavcRKed+hvjJVzhjJM4djTkvscqABgQuGHObB2fLFbSSAkl26
3iHRAUtscAM+CgifCPZYBC0CMsbNu6iHQ4UCb1VetBlJcNC+H2WJkUHLS7vYPxX8
bQz7qmgLapm5rZcwiUzED1p1cmZ7d+P+G2JYU6niBQvmUlNS2dZJuQzF21wlp/8g
5fedLWugcZEoq2eLzf+o3bHb482GpIg/ZVx3mfO8ZzwC5WEPtqq0rRSAaesjJjBk
/iYnG8OELfOGRxi8yQ+2rYLTuRDFtDvPoyQ7+GXhRx7kehzereo8HA6mjDpZswnE
8XU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:57 2025 by rpki-client