Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NmjmfK0j5xu1HcqSq9WDHFyYbgI.roa
File: NmjmfK0j5xu1HcqSq9WDHFyYbgI.roa (raw, json)
Hash identifier: qwkc1rIBQ3CrnOECr6blVkAEXpgSql7TSLtwrbMy5Hs=
Subject key identifier: 36:68:E6:7C:AD:23:E7:1B:B5:1D:CA:92:AB:D5:83:1C:5C:98:6E:02
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6A5A415270A78454C5631250AB0C3B97
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NmjmfK0j5xu1HcqSq9WDHFyYbgI.roa
Signing time: Fri 02 Feb 2024 15:05:16 +0000
ROA not before: Fri 02 Feb 2024 15:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:6a59:6f32/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:5a:41:52:70:a7:84:54:c5:63:12:50:ab:0c:3b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 2 15:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3668e67cad23e71bb51dca92abd5831c5c986e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:d5:e1:35:6c:a1:ee:31:5d:0c:92:e1:d0:
ff:3b:86:66:26:6c:26:b4:8e:69:be:94:0a:3f:a3:
5c:92:5f:59:13:f2:49:fc:f0:80:77:2e:08:40:6e:
54:7d:af:0e:1c:06:7f:36:0b:fa:e5:b1:54:f3:bb:
14:47:c4:15:ab:bc:a2:f5:c0:ff:0c:87:16:0b:e3:
29:89:67:04:4a:ce:9c:5f:7d:8a:bf:f6:c1:39:42:
82:3b:d1:7a:65:44:c3:36:3a:73:29:a7:0c:9e:10:
70:a9:88:de:ab:9f:14:58:f0:33:23:5b:72:2e:82:
8a:a8:40:54:92:5c:ea:5c:3b:b6:e9:dd:b3:a7:fd:
0f:42:bb:f3:b4:79:fb:b7:54:d8:3c:4b:62:82:e1:
38:65:e2:55:83:cc:44:5b:3a:6d:a0:95:10:00:6b:
80:3c:22:bb:11:4d:bb:f6:05:39:a3:66:f7:33:e0:
71:4a:ad:e9:f5:8a:10:ac:0e:4c:f8:99:c1:09:2f:
cb:c7:4e:28:06:4d:b6:53:44:ff:f5:c7:b7:a0:d6:
c5:69:14:45:7c:ab:fb:6d:79:38:b9:9c:b3:66:54:
27:b9:f2:c3:f8:07:54:9b:36:1a:fc:a6:85:e7:de:
8a:46:67:d6:44:50:e0:60:20:42:84:38:3e:2d:95:
38:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:68:E6:7C:AD:23:E7:1B:B5:1D:CA:92:AB:D5:83:1C:5C:98:6E:02
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NmjmfK0j5xu1HcqSq9WDHFyYbgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:5a:55:b1:51:3a:1d:9e:23:90:81:61:84:a5:e5:f5:25:e3:
b6:26:96:2a:6b:33:30:38:0a:91:ab:26:11:98:5a:fe:3b:9e:
ad:42:70:95:3d:ee:53:0f:ee:38:1b:22:af:84:56:ab:4e:5d:
8c:b0:d7:94:a4:16:8d:f6:59:f6:a3:fc:99:8b:03:f1:07:6d:
14:63:3f:ac:2f:d4:13:1f:ef:75:c3:22:79:05:59:bf:07:2c:
09:81:26:b9:71:7f:bf:8b:53:34:33:38:31:a4:46:d3:c9:4f:
87:4c:ed:79:10:ed:67:66:fb:d7:6b:84:de:bc:3b:90:99:b0:
60:1b:2e:3f:42:fc:c7:15:39:ea:ab:b2:2b:60:69:75:f4:7c:
5b:fd:f0:4f:73:cb:56:6d:3f:88:1b:7b:bc:85:20:8f:21:49:
25:7c:38:45:27:65:a3:b0:fc:69:86:30:ea:09:27:44:b5:d2:
4d:24:aa:d1:3c:f1:43:f4:00:2a:dc:a2:13:4c:80:9a:11:65:
b9:cd:90:be:0d:86:2d:92:ef:d1:4d:32:85:35:4a:e1:d4:20:
db:65:2d:51:de:40:75:da:e6:59:ba:59:38:1e:80:c2:be:b6:
89:7e:71:82:ec:a2:83:12:7c:57:9d:19:ad:1b:bd:7a:c8:bd:
7f:14:be:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1qWkFScKeEVMVjElCrDDuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAyMTUwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjY4ZTY3Y2FkMjNlNzFiYjUxZGNhOTJhYmQ1ODMxYzVjOTg2ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU7V4TVsoe4xXQyS4dD/O4ZmJmwm
tI5pvpQKP6Nckl9ZE/JJ/PCAdy4IQG5Ufa8OHAZ/Ngv65bFU87sUR8QVq7yi9cD/
DIcWC+MpiWcESs6cX32Kv/bBOUKCO9F6ZUTDNjpzKacMnhBwqYjeq58UWPAzI1ty
LoKKqEBUklzqXDu26d2zp/0PQrvztHn7t1TYPEtiguE4ZeJVg8xEWzptoJUQAGuA
PCK7EU279gU5o2b3M+BxSq3p9YoQrA5M+JnBCS/Lx04oBk22U0T/9ce3oNbFaRRF
fKv7bXk4uZyzZlQnufLD+AdUmzYa/KaF596KRmfWRFDgYCBChDg+LZU42QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDZo5nytI+cbtR3KkqvVgxxcmG4CMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTm1qbWZLMGo1eHUxSGNxU3E5V0RIRnlZYmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJpaVbFROh2eI5CBYYSl
5fUl47YmliprMzA4CpGrJhGYWv47nq1CcJU97lMP7jgbIq+EVqtOXYyw15SkFo32
Wfaj/JmLA/EHbRRjP6wv1BMf73XDInkFWb8HLAmBJrlxf7+LUzQzODGkRtPJT4dM
7XkQ7Wdm+9drhN68O5CZsGAbLj9C/McVOeqrsitgaXX0fFv98E9zy1ZtP4gbe7yF
II8hSSV8OEUnZaOw/GmGMOoJJ0S10k0kqtE88UP0ACrcohNMgJoRZbnNkL4Nhi2S
79FNMoU1SuHUINtlLVHeQHXa5lm6WTgegMK+tol+cYLsooMSfFedGa0bvXrIvX8U
vpA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:40:57 2025 by rpki-client