Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NLqxxTCweiHgnlyAtDkXPqzVve8.roa
File: NLqxxTCweiHgnlyAtDkXPqzVve8.roa (raw, json)
Hash identifier: clG0aBoYnMzklKH4eNeXp3WIXj5/bjjKn+cSN0H0RWE=
Subject key identifier: 34:BA:B1:C5:30:B0:7A:21:E0:9E:5C:80:B4:39:17:3E:AC:D5:BD:EF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD349F34DBDFD2A413C43671959C939DF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NLqxxTCweiHgnlyAtDkXPqzVve8.roa
Signing time: Thu 04 Jan 2024 07:04:48 +0000
ROA not before: Thu 04 Jan 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:d349:85af/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:49:f3:4d:bd:fd:2a:41:3c:43:67:19:59:c9:39:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34bab1c530b07a21e09e5c80b439173eacd5bdef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:66:38:dc:b5:0b:35:4d:61:4d:74:b7:3d:66:
55:90:24:0f:55:df:26:80:39:02:aa:25:33:55:63:
a0:31:24:01:3c:0b:af:44:a9:6b:79:9a:59:49:8a:
e5:0a:68:3a:cf:9f:71:de:77:2f:51:e8:b9:7f:8f:
60:b8:8b:52:df:55:1e:c7:27:83:b1:8b:8f:f4:30:
0a:e5:67:65:78:78:8f:d9:13:9f:24:fd:46:46:87:
25:13:c7:42:3e:54:39:6c:ea:d9:b0:97:86:6c:0a:
8b:bd:c1:07:6f:be:fb:d5:11:50:1c:b1:25:8e:ea:
ee:a4:76:0c:e3:4e:eb:60:b4:0d:7a:69:5a:47:9e:
98:ed:dd:2a:6b:af:dd:f3:bf:00:4c:88:2e:5e:14:
8a:3e:33:a0:1c:05:c2:0b:82:fc:50:e4:fa:1e:69:
1c:9b:8e:33:15:99:bc:21:67:4d:3f:ca:1b:c9:c0:
43:8d:33:04:f5:36:b1:90:7c:d2:52:7f:6a:c8:ec:
2b:7b:f6:72:73:ca:96:d5:1b:5f:69:76:8f:60:a5:
81:c7:d7:19:58:a6:6c:e6:36:cf:47:72:76:b1:04:
bb:13:e0:50:c2:56:c0:bf:ff:1b:7d:61:c9:c3:de:
f4:30:7b:59:23:b5:c8:db:cd:a7:ed:98:d9:29:f0:
b2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BA:B1:C5:30:B0:7A:21:E0:9E:5C:80:B4:39:17:3E:AC:D5:BD:EF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NLqxxTCweiHgnlyAtDkXPqzVve8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:33:c7:ce:b5:62:ff:ae:c7:4f:fc:f6:09:f8:15:93:f3:f0:
70:f2:5f:2a:d8:dd:be:50:e3:65:23:c4:95:d5:e4:99:e5:6c:
b5:92:ab:45:2e:4d:88:52:7c:a5:5e:8c:0d:22:97:d9:3c:1e:
d9:f2:3a:9e:e7:b6:31:56:df:f1:51:48:c8:c4:eb:dc:18:be:
f3:38:e2:27:f7:c3:ed:65:a9:44:47:0b:83:46:5b:05:e5:8c:
9f:51:bb:77:66:45:d3:f6:99:ea:f8:38:95:f9:7f:2a:96:1c:
d2:59:6a:7e:e2:f1:8a:74:38:d0:22:a9:06:66:21:a7:17:16:
5a:20:e9:6b:8c:2f:be:dd:cb:f5:1b:0a:97:27:71:ad:bb:2c:
4f:f7:5e:5b:f2:65:93:c6:ea:10:aa:ba:0e:36:4f:e8:ed:b7:
ba:30:06:09:20:d7:ad:70:8a:12:d7:f3:66:41:22:a6:3f:68:
06:c2:11:b9:f4:da:d6:ce:5d:4d:26:b4:0c:05:e5:3c:f4:6f:
d7:7c:ae:32:d0:6b:39:48:fc:4b:14:c2:b5:a3:c0:0f:c1:ed:
7e:ab:2e:85:9d:82:66:ca:ed:69:d8:7c:47:10:7e:3a:3c:ee:
bd:06:10:94:9a:ce:76:ac:36:c3:e7:48:20:16:83:0d:55:ba:
41:6f:3c:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzTSfNNvf0qQTxDZxlZyTnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJhYjFjNTMwYjA3YTIxZTA5ZTVjODBiNDM5MTczZWFjZDViZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2Y43LULNU1hTXS3PWZVkCQPVd8m
gDkCqiUzVWOgMSQBPAuvRKlreZpZSYrlCmg6z59x3ncvUei5f49guItS31UexyeD
sYuP9DAK5WdleHiP2ROfJP1GRoclE8dCPlQ5bOrZsJeGbAqLvcEHb7771RFQHLEl
jurupHYM407rYLQNemlaR56Y7d0qa6/d878ATIguXhSKPjOgHAXCC4L8UOT6Hmkc
m44zFZm8IWdNP8obycBDjTME9TaxkHzSUn9qyOwre/Zyc8qW1RtfaXaPYKWBx9cZ
WKZs5jbPR3J2sQS7E+BQwlbAv/8bfWHJw970MHtZI7XI282n7ZjZKfCyCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDS6scUwsHoh4J5cgLQ5Fz6s1b3vMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTkxxeHhUQ3dlaUhnbmx5QXREa1hQcXpWdmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKczx861Yv+ux0/89gn4
FZPz8HDyXyrY3b5Q42UjxJXV5JnlbLWSq0UuTYhSfKVejA0il9k8HtnyOp7ntjFW
3/FRSMjE69wYvvM44if3w+1lqURHC4NGWwXljJ9Ru3dmRdP2mer4OJX5fyqWHNJZ
an7i8Yp0ONAiqQZmIacXFlog6WuML77dy/UbCpcnca27LE/3XlvyZZPG6hCqug42
T+jtt7owBgkg161wihLX82ZBIqY/aAbCEbn02tbOXU0mtAwF5Tz0b9d8rjLQazlI
/EsUwrWjwA/B7X6rLoWdgmbK7WnYfEcQfjo87r0GEJSaznasNsPnSCAWgw1VukFv
PIQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:05 2025 by rpki-client