Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NCMtdrHw60Lm4DWlZ3PzdRHWA7s.roa
File: NCMtdrHw60Lm4DWlZ3PzdRHWA7s.roa (raw, json)
Hash identifier: KnKHqpd0UAtYEXRZPom0U0aVp2vS+sVi2cA10Z5aIY4=
Subject key identifier: 34:23:2D:76:B1:F0:EB:42:E6:E0:35:A5:67:73:F3:75:11:D6:03:BB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB4A45091215C2E6516AE4AC9216C95C5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NCMtdrHw60Lm4DWlZ3PzdRHWA7s.roa
Signing time: Sat 17 Feb 2024 01:18:03 +0000
ROA not before: Sat 17 Feb 2024 01:18:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b4:a4:50:91:21:5c:2e:65:16:ae:4a:c9:21:6c:95:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 01:18:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34232d76b1f0eb42e6e035a56773f37511d603bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ed:cf:db:58:d4:00:17:b6:a0:5f:50:5f:65:
5c:77:43:64:34:c1:39:8d:f1:d6:d2:2b:97:1c:30:
13:e2:ea:6b:49:cc:5d:d8:e8:25:54:9b:4d:a6:82:
eb:ab:f4:e3:d9:b9:89:57:f4:13:67:80:cf:fd:c2:
63:49:fa:cd:7e:f9:84:62:ef:e6:98:71:e4:ad:7b:
c6:37:73:81:09:ff:02:f1:27:19:48:db:82:3c:2e:
3d:1f:ed:17:e4:8e:a3:fc:42:c3:14:e2:5d:39:5f:
06:3e:59:0b:c9:25:29:5b:01:82:ba:28:1d:e8:34:
f7:1a:95:8b:5a:3f:dd:ae:b7:e7:45:62:8e:f0:36:
ee:b6:86:03:1e:de:a7:10:de:84:7e:59:b0:2c:72:
3c:fa:d3:e4:16:b6:54:30:28:7f:11:92:d9:03:33:
83:de:a8:e4:10:4f:c0:26:60:63:e9:d2:1b:fc:42:
1f:65:1e:03:39:95:ba:82:64:7d:9d:94:5c:75:cf:
c0:02:20:f4:e6:52:02:19:a8:36:08:93:d9:7a:f7:
4d:2d:89:7b:ee:f7:26:4b:27:32:be:e5:c3:28:91:
bf:f5:e6:97:cc:2f:e3:44:e1:f3:25:a8:62:10:db:
93:71:aa:a2:cf:0c:3c:6e:87:7d:ff:e8:b2:5e:eb:
e1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:23:2D:76:B1:F0:EB:42:E6:E0:35:A5:67:73:F3:75:11:D6:03:BB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NCMtdrHw60Lm4DWlZ3PzdRHWA7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:74:55:5d:8b:93:6c:33:11:ee:d0:31:3f:83:be:41:ed:4c:
0f:69:58:dc:80:03:29:3e:5f:c8:e2:04:4d:14:25:55:a8:ae:
87:5e:bb:dd:29:07:6b:91:a3:56:6a:9a:1e:ef:32:07:d5:70:
bf:ce:64:21:34:8f:bf:47:f0:53:56:5c:8d:de:2d:d3:48:f0:
2a:55:4e:2f:e3:36:5c:c2:fa:f6:75:22:46:40:ee:af:8c:ef:
1c:cd:37:a6:c5:01:5b:c6:80:d5:2e:59:a3:38:74:a7:40:5a:
f3:b9:dd:b1:10:2a:e0:da:78:fc:08:19:d0:75:cd:06:00:06:
c2:7b:09:eb:21:e2:c8:bb:3b:56:e8:87:d6:3f:f3:70:d0:c9:
7d:ba:d1:41:d1:e2:73:47:a4:18:20:4d:f6:99:97:6c:a3:61:
2e:0d:ad:97:98:03:27:7a:00:0f:d3:fd:2e:05:4f:b0:d9:bb:
c8:dd:bf:82:09:9f:e7:65:60:8f:2e:4b:fd:78:33:4a:f4:10:
5b:c2:89:3f:53:18:83:cc:29:5a:15:9a:88:53:28:54:02:16:
8c:f9:33:5b:7f:d9:51:68:e9:90:f2:52:da:1b:c1:b9:c6:94:
aa:51:e5:aa:08:5d:ad:b7:32:c5:4a:3e:68:59:75:89:17:58:
b3:f3:49:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY20pFCRIVwuZRauSskhbJXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MDExODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIzMmQ3NmIxZjBlYjQyZTZlMDM1YTU2NzczZjM3NTExZDYwM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+3P21jUABe2oF9QX2Vcd0NkNME5
jfHW0iuXHDAT4uprScxd2OglVJtNpoLrq/Tj2bmJV/QTZ4DP/cJjSfrNfvmEYu/m
mHHkrXvGN3OBCf8C8ScZSNuCPC49H+0X5I6j/ELDFOJdOV8GPlkLySUpWwGCuigd
6DT3GpWLWj/drrfnRWKO8DbutoYDHt6nEN6EflmwLHI8+tPkFrZUMCh/EZLZAzOD
3qjkEE/AJmBj6dIb/EIfZR4DOZW6gmR9nZRcdc/AAiD05lICGag2CJPZevdNLYl7
7vcmSycyvuXDKJG/9eaXzC/jROHzJahiENuTcaqizww8bod9/+iyXuvhOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDQjLXax8OtC5uA1pWdz83UR1gO7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTkNNdGRySHc2MExtNERXbFozUHpkUkhXQTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAp0VV2Lk2wzEe7QMT+D
vkHtTA9pWNyAAyk+X8jiBE0UJVWorodeu90pB2uRo1Zqmh7vMgfVcL/OZCE0j79H
8FNWXI3eLdNI8CpVTi/jNlzC+vZ1IkZA7q+M7xzNN6bFAVvGgNUuWaM4dKdAWvO5
3bEQKuDaePwIGdB1zQYABsJ7Cesh4si7O1boh9Y/83DQyX260UHR4nNHpBggTfaZ
l2yjYS4NrZeYAyd6AA/T/S4FT7DZu8jdv4IJn+dlYI8uS/14M0r0EFvCiT9TGIPM
KVoVmohTKFQCFoz5M1t/2VFo6ZDyUtobwbnGlKpR5aoIXa23MsVKPmhZdYkXWLPz
SQI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:49 2025 by rpki-client