Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NbfwN8lMCD6ilmCpFVrXqNGFmTs.roa
File: NbfwN8lMCD6ilmCpFVrXqNGFmTs.roa (raw, json)
Hash identifier: 8VbozrQ0LFj3wb3C1F8nK8f1jxfjq73ZBc95Dvn9Rbo=
Subject key identifier: 35:B7:F0:37:C9:4C:08:3E:A2:96:60:A9:15:5A:D7:A8:D1:85:99:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7029B3FD0EE3D5B24C404BB3C48CC48A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NbfwN8lMCD6ilmCpFVrXqNGFmTs.roa
Signing time: Sun 24 Mar 2024 11:12:44 +0000
ROA not before: Sun 24 Mar 2024 11:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:70:29:b3:fd:0e:e3:d5:b2:4c:40:4b:b3:c4:8c:c4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 11:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35b7f037c94c083ea29660a9155ad7a8d185993b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bb:a7:e2:87:2f:f1:3a:39:59:f7:ac:41:eb:
e3:9e:79:8a:31:7d:d1:f5:67:9a:06:11:1a:10:99:
6c:08:b6:96:d6:24:40:0d:80:81:c4:97:6d:1d:1e:
83:6e:8c:f6:3e:33:cd:ed:81:81:dc:eb:ff:e1:77:
06:40:19:50:05:6a:74:88:96:0d:99:b0:f0:ce:5e:
20:b4:9a:dd:9f:cc:8a:8a:1c:51:cb:9a:2e:11:ae:
47:9b:82:59:13:c8:3f:65:15:cd:fc:6d:db:ad:22:
07:46:42:94:0e:ea:0c:f8:ca:b6:54:d6:56:ae:e0:
7d:bf:c4:c8:42:e8:b1:cc:9b:9c:f0:ff:ab:f4:be:
17:9d:2b:27:e5:50:ba:07:14:a7:96:b4:9f:89:09:
8f:31:a6:ac:70:cb:23:e2:43:bc:4b:b6:d2:65:cb:
a8:01:74:f9:10:0e:91:e7:2c:14:59:f8:0d:e0:f2:
23:f0:67:31:f6:89:0b:ee:09:26:7b:aa:11:00:06:
53:84:14:32:52:1c:ef:95:50:a5:d9:e2:09:e8:d1:
6a:5b:81:b9:96:8c:35:2a:53:e5:e5:f2:0d:12:ac:
56:71:00:cc:0f:4b:1c:3a:b1:0c:95:ff:e8:08:17:
a2:62:fa:d9:89:3d:0e:1a:ba:00:68:b0:39:55:c2:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B7:F0:37:C9:4C:08:3E:A2:96:60:A9:15:5A:D7:A8:D1:85:99:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NbfwN8lMCD6ilmCpFVrXqNGFmTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:e3:99:bd:e0:b7:f4:e7:90:40:36:22:07:71:06:97:b2:6b:
2a:cb:a8:cd:06:0a:61:39:8e:f4:0d:76:1c:24:df:23:6d:d0:
a7:c4:2a:71:de:a7:5d:5e:25:4e:36:80:83:38:c6:39:e4:de:
a9:16:f3:37:c3:6d:3c:44:c4:2c:7e:99:a4:54:69:5d:ac:3c:
05:a5:12:35:14:ba:26:a9:80:b8:65:19:c5:e7:b1:6d:ef:8a:
68:be:4b:10:fb:78:a3:94:72:6b:aa:0c:df:77:07:d6:db:00:
da:f3:1b:4d:85:e8:65:e6:3d:34:97:ea:79:9f:68:95:d8:09:
0b:5d:9d:d9:db:c8:d6:77:b8:5c:22:96:42:c9:8c:f5:27:3e:
cc:d5:d6:41:86:a3:7c:10:74:02:de:5c:52:3c:81:4c:a4:87:
2d:e2:28:de:9a:56:38:b6:3c:f4:91:bb:06:94:3c:68:26:50:
ed:2d:fe:25:51:31:ac:88:5c:29:86:4d:e6:ee:47:57:7c:67:
2d:20:ca:d6:08:51:b7:e7:52:18:fc:56:d1:4c:e2:68:4d:90:
32:7d:18:16:a1:57:dd:84:c9:4e:93:81:fc:5d:44:e2:05:79:
74:87:89:66:24:f1:fa:0d:5b:fb:ad:dc:57:df:0a:3d:b7:9c:
7c:19:14:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5wKbP9DuPVskxAS7PEjMSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MTExMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI3ZjAzN2M5NGMwODNlYTI5NjYwYTkxNTVhZDdhOGQxODU5OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLun4ocv8To5WfesQevjnnmKMX3R
9WeaBhEaEJlsCLaW1iRADYCBxJdtHR6Dboz2PjPN7YGB3Ov/4XcGQBlQBWp0iJYN
mbDwzl4gtJrdn8yKihxRy5ouEa5Hm4JZE8g/ZRXN/G3brSIHRkKUDuoM+Mq2VNZW
ruB9v8TIQuixzJuc8P+r9L4XnSsn5VC6BxSnlrSfiQmPMaascMsj4kO8S7bSZcuo
AXT5EA6R5ywUWfgN4PIj8Gcx9okL7gkme6oRAAZThBQyUhzvlVCl2eIJ6NFqW4G5
low1KlPl5fINEqxWcQDMD0scOrEMlf/oCBeiYvrZiT0OGroAaLA5VcKqGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDW38DfJTAg+opZgqRVa16jRhZk7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTmJmd044bE1DRDZpbG1DcEZWclhxTkdGbVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADbjmb3gt/TnkEA2Igdx
BpeyayrLqM0GCmE5jvQNdhwk3yNt0KfEKnHep11eJU42gIM4xjnk3qkW8zfDbTxE
xCx+maRUaV2sPAWlEjUUuiapgLhlGcXnsW3vimi+SxD7eKOUcmuqDN93B9bbANrz
G02F6GXmPTSX6nmfaJXYCQtdndnbyNZ3uFwilkLJjPUnPszV1kGGo3wQdALeXFI8
gUykhy3iKN6aVji2PPSRuwaUPGgmUO0t/iVRMayIXCmGTebuR1d8Zy0gytYIUbfn
Uhj8VtFM4mhNkDJ9GBahV92EyU6TgfxdROIFeXSHiWYk8foNW/ut3FffCj23nHwZ
FEo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:31 2025 by rpki-client