Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NiloGGO5GcfPbh_EUoiOl9z-ecw.roa
File: NiloGGO5GcfPbh_EUoiOl9z-ecw.roa (raw, json)
Hash identifier: ukqNQ2WclYyk0vWaDd9QJR22bHOCO/OoZt/cg4vsm1k=
Subject key identifier: 36:29:68:18:63:B9:19:C7:CF:6E:1F:C4:52:88:8E:97:DC:FE:79:CC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E792BEB532B8254EE86C1AFDAF1AEF052
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NiloGGO5GcfPbh_EUoiOl9z-ecw.roa
Signing time: Tue 26 Mar 2024 05:11:45 +0000
ROA not before: Tue 26 Mar 2024 05:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:2b:eb:53:2b:82:54:ee:86:c1:af:da:f1:ae:f0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 05:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3629681863b919c7cf6e1fc452888e97dcfe79cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0e:29:f4:2f:e5:1e:17:49:0b:4a:39:fb:69:
2e:84:88:1c:b9:92:9c:56:f4:c5:b8:7a:98:73:a2:
5a:8b:c3:fc:c9:c2:f4:18:23:fb:84:47:e1:5e:c9:
b0:97:f4:55:68:d8:7d:8f:77:a3:9e:ba:10:38:21:
cb:7b:70:f6:bd:30:4d:db:7c:40:7d:53:12:15:d4:
99:7b:db:d9:5f:ad:61:7f:40:0b:fc:af:c9:e9:a7:
4d:1e:e5:3c:7b:52:59:2a:94:04:b7:38:42:5e:64:
de:e2:01:64:cb:af:60:3c:4a:e0:2c:56:79:59:4f:
08:c5:26:4b:8e:81:a4:83:18:73:57:71:1b:9d:ad:
5d:93:f6:ee:96:56:25:c8:4e:94:f6:4e:fd:03:98:
68:30:7a:93:19:a3:0a:a5:b5:db:65:f2:4e:88:3d:
ab:21:74:4d:b7:f0:5c:8b:00:f4:0c:9e:dc:31:2d:
ad:f6:95:51:10:dc:1f:be:c3:d0:9b:d0:d3:39:9f:
5f:40:27:c6:b9:bd:bd:e4:ce:be:0a:54:a0:b9:e2:
88:d8:76:63:2d:30:02:6b:c5:d8:3e:66:62:f1:1e:
bb:c3:9e:91:06:b7:25:ab:b0:59:42:cb:c9:ff:e1:
81:d0:d9:a3:94:cb:2e:cd:e8:59:37:e8:7d:d5:f8:
a4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:29:68:18:63:B9:19:C7:CF:6E:1F:C4:52:88:8E:97:DC:FE:79:CC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NiloGGO5GcfPbh_EUoiOl9z-ecw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:4f:77:4a:ab:6b:63:85:83:a3:4b:30:a9:4b:e7:7d:22:f9:
09:fc:03:df:90:36:3d:96:42:12:08:72:ec:9f:a3:a7:d8:4b:
0f:6e:27:d3:be:5d:12:6a:ac:f1:c9:30:99:4f:cd:4d:58:16:
14:64:74:2b:2e:ef:d1:e8:e1:39:1e:b5:a1:45:61:5a:1c:5b:
c2:ad:91:0e:d0:94:3c:2a:9d:6f:0e:88:34:02:9c:c2:69:da:
0f:36:26:7f:e8:8c:11:f1:5b:8d:eb:42:6b:3c:47:ee:54:48:
5a:62:a3:bc:c6:78:59:97:fa:ed:59:f8:92:5d:19:7d:7f:9f:
9c:e0:7f:e5:6f:55:80:3e:28:8e:60:b6:79:30:44:58:94:e8:
f5:06:21:a8:7b:55:ba:bf:13:b0:44:de:92:46:98:9d:6b:1b:
34:ac:97:d8:dc:b9:12:ac:01:b4:64:24:56:6c:82:8a:9b:26:
28:f0:7a:70:31:16:8a:0f:f4:ee:23:2f:96:8b:ce:80:aa:ab:
27:e6:f2:7c:a5:8f:20:95:d5:c3:04:78:5f:08:0c:3d:74:c9:
e8:73:b6:17:96:ff:b7:83:db:b6:89:a4:34:be:19:87:db:70:
38:da:6c:d7:a0:db:d1:41:8e:e7:8a:39:13:39:4e:84:29:ea:
ef:6b:69:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY55K+tTK4JU7obBr9rxrvBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MDUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI5NjgxODYzYjkxOWM3Y2Y2ZTFmYzQ1Mjg4OGU5N2RjZmU3OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q4p9C/lHhdJC0o5+2kuhIgcuZKc
VvTFuHqYc6Jai8P8ycL0GCP7hEfhXsmwl/RVaNh9j3ejnroQOCHLe3D2vTBN23xA
fVMSFdSZe9vZX61hf0AL/K/J6adNHuU8e1JZKpQEtzhCXmTe4gFky69gPErgLFZ5
WU8IxSZLjoGkgxhzV3Ebna1dk/bullYlyE6U9k79A5hoMHqTGaMKpbXbZfJOiD2r
IXRNt/BciwD0DJ7cMS2t9pVRENwfvsPQm9DTOZ9fQCfGub295M6+ClSgueKI2HZj
LTACa8XYPmZi8R67w56RBrclq7BZQsvJ/+GB0NmjlMsuzehZN+h91fiktQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYpaBhjuRnHz24fxFKIjpfc/nnMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTmlsb0dHTzVHY2ZQYmhfRVVvaU9sOXotZWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABFPd0qra2OFg6NLMKlL
530i+Qn8A9+QNj2WQhIIcuyfo6fYSw9uJ9O+XRJqrPHJMJlPzU1YFhRkdCsu79Ho
4TketaFFYVocW8KtkQ7QlDwqnW8OiDQCnMJp2g82Jn/ojBHxW43rQms8R+5USFpi
o7zGeFmX+u1Z+JJdGX1/n5zgf+VvVYA+KI5gtnkwRFiU6PUGIah7Vbq/E7BE3pJG
mJ1rGzSsl9jcuRKsAbRkJFZsgoqbJijwenAxFooP9O4jL5aLzoCqqyfm8nyljyCV
1cMEeF8IDD10yehztheW/7eD27aJpDS+GYfbcDjabNeg29FBjueKORM5ToQp6u9r
aQ4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:44 2025 by rpki-client