Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NBFayx_OJG_Q8szL6BgX0OWOzes.roa
File: NBFayx_OJG_Q8szL6BgX0OWOzes.roa (raw, json)
Hash identifier: JPY53EH3ih1+tFuE6NB+vmyHDBz1WYTkTMLnekHjlYc=
Subject key identifier: 34:11:5A:CB:1F:CE:24:6F:D0:F2:CC:CB:E8:18:17:D0:E5:8E:CD:EB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED7284F491E704102E96C0C3F2945678C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NBFayx_OJG_Q8szL6BgX0OWOzes.roa
Signing time: Sat 13 Apr 2024 11:12:06 +0000
ROA not before: Sat 13 Apr 2024 11:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:28:4f:49:1e:70:41:02:e9:6c:0c:3f:29:45:67:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 13 11:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34115acb1fce246fd0f2cccbe81817d0e58ecdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1f:31:d7:e8:44:84:bd:4e:1c:01:28:d4:c6:
5c:8f:4a:0f:18:bf:b7:e5:6a:34:28:82:cd:61:dd:
5b:ef:3a:a4:b6:9c:70:7b:23:c1:0e:7f:fd:41:27:
38:3d:7a:b9:f7:0d:89:c3:80:fe:ec:f6:7e:cc:49:
e3:f2:0a:5a:66:5f:89:65:f5:f6:e1:6b:a9:40:aa:
d8:d6:8b:fa:3a:9d:b1:48:f7:e2:79:4d:13:ec:21:
bb:db:5b:a7:df:54:b8:0f:c0:fb:78:53:8c:da:fb:
98:d4:b8:48:bf:18:df:84:21:8c:34:64:62:f6:04:
0d:10:56:01:9c:f7:33:65:2c:0b:3e:b6:d7:ef:ec:
c6:4f:9d:dc:d4:58:c7:c0:ed:90:6a:9b:db:0e:b0:
59:d9:6a:06:5a:63:79:7e:46:38:ac:0b:ed:d5:a6:
40:44:5a:3e:25:9e:07:f5:12:9d:52:d5:42:2b:c3:
7c:cb:b5:de:66:98:c2:d1:2a:52:70:c1:5b:f4:a5:
61:a1:b7:16:dc:3d:7d:98:fe:46:8f:8b:44:fe:18:
7b:d4:d8:c5:05:e3:30:75:22:81:38:21:a9:64:52:
a4:31:0d:4d:a9:40:c1:d1:c0:4a:a9:31:9f:0d:b2:
fc:14:8e:aa:5d:20:63:cc:ed:29:5b:82:36:82:8d:
0d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:11:5A:CB:1F:CE:24:6F:D0:F2:CC:CB:E8:18:17:D0:E5:8E:CD:EB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NBFayx_OJG_Q8szL6BgX0OWOzes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:32:4f:ac:8b:20:5c:e3:fb:df:84:e7:85:89:43:28:51:df:
9d:5d:43:0c:b9:bc:8f:a3:31:39:5c:6d:4f:43:5e:83:07:79:
b2:c4:69:69:ce:b0:97:70:4b:9b:3b:e1:9c:38:b2:73:e0:17:
94:18:37:82:f9:e8:c1:00:17:1d:dc:56:61:24:da:ec:56:96:
36:95:3d:7d:c1:1b:9a:d2:35:0c:8e:8c:26:54:8b:f7:3b:16:
6f:f2:d2:1b:e7:31:50:31:57:e2:4a:08:af:1d:9d:d3:f5:ec:
4d:5f:94:44:13:dc:59:5e:5f:2e:e9:93:91:ab:67:91:68:b5:
f2:6b:d5:d2:ca:e7:be:70:ca:a3:03:66:a9:f4:07:7d:cc:6e:
5e:d7:a9:02:c3:78:a2:bf:ec:95:7c:72:92:59:bf:eb:7a:bc:
a7:38:b4:a8:9b:df:c7:3a:3f:e8:9e:31:36:a0:27:15:59:92:
df:23:41:11:af:eb:55:5d:af:af:94:0b:fd:45:89:5c:d6:3b:
fa:3f:ef:6b:61:29:19:69:07:7e:f1:d3:87:37:3b:c4:eb:f9:
46:51:92:2b:80:c8:27:53:88:e5:f7:78:6c:0a:81:ad:ee:d5:
33:c4:85:42:bc:d3:b7:47:f0:aa:50:ce:c1:80:13:44:50:60:
27:21:83:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7XKE9JHnBBAulsDD8pRWeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEzMTExMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDExNWFjYjFmY2UyNDZmZDBmMmNjY2JlODE4MTdkMGU1OGVjZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB8x1+hEhL1OHAEo1MZcj0oPGL+3
5Wo0KILNYd1b7zqktpxweyPBDn/9QSc4PXq59w2Jw4D+7PZ+zEnj8gpaZl+JZfX2
4WupQKrY1ov6Op2xSPfieU0T7CG721un31S4D8D7eFOM2vuY1LhIvxjfhCGMNGRi
9gQNEFYBnPczZSwLPrbX7+zGT53c1FjHwO2QapvbDrBZ2WoGWmN5fkY4rAvt1aZA
RFo+JZ4H9RKdUtVCK8N8y7XeZpjC0SpScMFb9KVhobcW3D19mP5Gj4tE/hh71NjF
BeMwdSKBOCGpZFKkMQ1NqUDB0cBKqTGfDbL8FI6qXSBjzO0pW4I2go0NmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDQRWssfziRv0PLMy+gYF9Dljs3rMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTkJGYXl4X09KR19ROHN6TDZCZ1gwT1dPemVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHYyT6yLIFzj+9+E54WJ
QyhR351dQwy5vI+jMTlcbU9DXoMHebLEaWnOsJdwS5s74Zw4snPgF5QYN4L56MEA
Fx3cVmEk2uxWljaVPX3BG5rSNQyOjCZUi/c7Fm/y0hvnMVAxV+JKCK8dndP17E1f
lEQT3FleXy7pk5GrZ5FotfJr1dLK575wyqMDZqn0B33Mbl7XqQLDeKK/7JV8cpJZ
v+t6vKc4tKib38c6P+ieMTagJxVZkt8jQRGv61Vdr6+UC/1FiVzWO/o/72thKRlp
B37x04c3O8Tr+UZRkiuAyCdTiOX3eGwKga3u1TPEhUK807dH8KpQzsGAE0RQYCch
gzk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:24 2025 by rpki-client