Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NNYIMQbIKlaEsAFStYqm0Gf1ztQ.roa
File: NNYIMQbIKlaEsAFStYqm0Gf1ztQ.roa (raw, json)
Hash identifier: nEj+norodizf2HFBMPX/Bhkd7GefGl7H8RpIRQf3L2o=
Subject key identifier: 34:D6:08:31:06:C8:2A:56:84:B0:01:52:B5:8A:A6:D0:67:F5:CE:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAD1B57B4FD74883E27126DA2622092F7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NNYIMQbIKlaEsAFStYqm0Gf1ztQ.roa
Signing time: Fri 05 Apr 2024 07:13:54 +0000
ROA not before: Fri 05 Apr 2024 07:13:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:1b:57:b4:fd:74:88:3e:27:12:6d:a2:62:20:92:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 5 07:13:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34d6083106c82a5684b00152b58aa6d067f5ced4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:76:22:c6:8f:93:a7:2f:16:94:c8:28:09:
52:80:23:ff:cf:be:3b:82:f3:61:b4:c9:2e:d5:29:
14:7e:e0:9a:74:f6:5f:19:ac:c4:33:c6:94:6b:d7:
45:bf:b3:a1:99:c4:6d:e9:3b:a6:33:9e:d0:f0:41:
e0:be:09:cd:d6:1c:74:54:5c:56:90:86:55:3a:92:
45:1b:f8:0c:cc:53:f3:ce:c6:83:22:b6:27:e4:fb:
43:78:2c:f3:16:9f:4f:15:56:e1:49:de:32:aa:4a:
c3:39:75:98:bf:3d:b9:ac:a3:eb:9c:05:e3:ae:cc:
31:3a:e0:a6:63:ba:67:4e:6d:1c:ec:37:29:11:0b:
2c:8f:7f:cb:a0:da:82:45:34:5b:c6:0b:a2:21:3e:
7e:b7:49:38:ff:a6:13:61:c6:88:71:81:46:39:af:
06:25:68:14:d6:4d:eb:e7:1d:38:b4:95:79:f8:a1:
72:66:a9:2f:c6:03:64:5f:62:bf:00:d0:0c:84:ca:
a9:5b:94:11:b3:b0:38:c3:9f:10:5a:0b:c4:dc:88:
6e:a9:78:bc:e2:04:a1:ec:c2:e9:06:09:11:59:b5:
1f:5d:dd:07:91:69:ba:6a:c7:f2:f9:67:c4:15:19:
a0:e7:73:30:53:8f:73:78:db:36:a2:72:37:77:da:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D6:08:31:06:C8:2A:56:84:B0:01:52:B5:8A:A6:D0:67:F5:CE:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NNYIMQbIKlaEsAFStYqm0Gf1ztQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:6f:fa:c8:5f:57:2f:aa:41:2b:e5:57:32:d1:ca:5d:30:95:
fd:40:8d:dd:95:32:99:f2:4f:98:f4:aa:be:05:e3:87:92:86:
83:2e:2b:c7:f5:3a:68:ec:fd:98:8d:1d:ec:3a:b4:5d:68:af:
14:91:0f:ec:52:60:dc:17:94:17:79:38:ac:10:24:1d:20:b2:
33:d1:4f:9c:ea:3c:d2:43:7a:41:72:33:83:60:02:18:26:7b:
e5:c4:3a:d9:a7:98:ce:f1:0e:dc:09:db:b6:13:86:fa:74:28:
20:f8:98:ef:5c:96:33:3c:dd:6d:39:9a:6c:93:96:6a:0f:a8:
18:ed:1a:93:8e:cb:80:94:f2:ba:a5:1e:fd:25:d6:82:fe:d8:
57:26:f5:84:16:ba:ad:37:bb:c4:09:ea:1a:ae:a8:eb:02:59:
45:a7:c3:51:f7:d2:28:ce:d8:f6:e6:9c:76:5d:c5:93:1d:5b:
28:85:cf:0f:fc:ea:04:55:02:a5:7a:91:60:ff:d0:dc:14:bb:
12:64:c6:17:64:ca:ea:71:0e:1a:45:3a:66:e0:43:18:e1:91:
43:9e:4d:a5:79:4e:59:18:ca:28:aa:ef:92:bb:97:4b:4d:42:
1a:24:e9:12:28:00:a4:79:c3:b8:90:2f:71:62:76:21:1c:b6:
2e:88:eb:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6tG1e0/XSIPicSbaJiIJL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA1MDcxMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ2MDgzMTA2YzgyYTU2ODRiMDAxNTJiNThhYTZkMDY3ZjVjZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVh2IsaPk6cvFpTIKAlSgCP/z747
gvNhtMku1SkUfuCadPZfGazEM8aUa9dFv7OhmcRt6TumM57Q8EHgvgnN1hx0VFxW
kIZVOpJFG/gMzFPzzsaDIrYn5PtDeCzzFp9PFVbhSd4yqkrDOXWYvz25rKPrnAXj
rswxOuCmY7pnTm0c7DcpEQssj3/LoNqCRTRbxguiIT5+t0k4/6YTYcaIcYFGOa8G
JWgU1k3r5x04tJV5+KFyZqkvxgNkX2K/ANAMhMqpW5QRs7A4w58QWgvE3IhuqXi8
4gSh7MLpBgkRWbUfXd0HkWm6asfy+WfEFRmg53MwU49zeNs2onI3d9qChQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDTWCDEGyCpWhLABUrWKptBn9c7UMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTk5ZSU1RYklLbGFFc0FGU3RZcW0wR2YxenRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKdv+shfVy+qQSvlVzLR
yl0wlf1Ajd2VMpnyT5j0qr4F44eShoMuK8f1Omjs/ZiNHew6tF1orxSRD+xSYNwX
lBd5OKwQJB0gsjPRT5zqPNJDekFyM4NgAhgme+XEOtmnmM7xDtwJ27YThvp0KCD4
mO9cljM83W05mmyTlmoPqBjtGpOOy4CU8rqlHv0l1oL+2Fcm9YQWuq03u8QJ6hqu
qOsCWUWnw1H30ijO2PbmnHZdxZMdWyiFzw/86gRVAqV6kWD/0NwUuxJkxhdkyupx
DhpFOmbgQxjhkUOeTaV5TlkYyiiq75K7l0tNQhok6RIoAKR5w7iQL3FidiEcti6I
6+s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:20 2025 by rpki-client