Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NonXe-X5aE1t5DegRNCuUzokP7M.roa
File: NonXe-X5aE1t5DegRNCuUzokP7M.roa (raw, json)
Hash identifier: YRKjfcbxvxMCy50jnfkipMEEMBXfhPBut/3XPiUad18=
Subject key identifier: 36:89:D7:7B:E5:F9:68:4D:6D:E4:37:A0:44:D0:AE:53:3A:24:3F:B3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D92BB760758157590479D299867F1347F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NonXe-X5aE1t5DegRNCuUzokP7M.roa
Signing time: Sat 10 Feb 2024 11:16:15 +0000
ROA not before: Sat 10 Feb 2024 11:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:bb:76:07:58:15:75:90:47:9d:29:98:67:f1:34:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 11:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3689d77be5f9684d6de437a044d0ae533a243fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:94:82:de:f4:af:3c:a6:05:de:61:cb:80:0c:
35:fb:99:4c:cc:8d:f2:51:40:63:72:fd:57:d3:90:
bb:97:d4:8b:74:1e:8a:15:6a:33:53:5d:cb:c9:71:
d3:09:e2:47:6e:71:fe:c9:f0:81:5c:c1:5c:5a:3f:
2a:ff:d1:2e:34:ca:ef:1d:ed:02:16:1e:40:56:59:
73:ab:10:bb:05:1b:56:17:ac:c4:31:9a:73:ac:21:
f3:17:b1:4d:ca:9e:4e:26:37:bb:71:41:ff:64:a0:
6b:57:7b:23:18:05:9f:5b:4a:4b:b4:09:8d:f3:14:
a0:df:b3:31:94:78:8d:bc:fb:88:b5:1f:fc:69:25:
20:58:74:b6:cb:36:df:75:48:1f:cc:79:90:e1:59:
6b:5e:c0:a5:51:14:ed:36:33:52:61:1f:f9:d6:b5:
7c:6f:2c:57:81:c2:d8:83:f9:00:7f:cf:b1:1c:5a:
0b:86:9e:8b:25:eb:ca:6b:46:6a:aa:ee:83:62:d3:
9a:35:3b:49:b8:c9:14:ac:e0:11:09:9f:a0:c5:23:
e7:3a:ae:54:ff:c1:e8:f5:dc:c6:85:97:14:ad:96:
e8:5b:50:b2:63:be:d7:37:41:55:a6:0b:99:a0:9e:
f1:f6:f0:0b:93:b7:7b:25:02:13:f0:df:75:39:93:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:89:D7:7B:E5:F9:68:4D:6D:E4:37:A0:44:D0:AE:53:3A:24:3F:B3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NonXe-X5aE1t5DegRNCuUzokP7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:2e:1e:db:e9:5b:d8:d5:db:72:f2:90:53:90:af:6a:5d:5c:
98:2b:28:91:4f:89:b6:02:fa:ab:60:a9:49:7f:03:3e:ca:27:
66:b3:1f:fe:3c:c8:36:65:27:f8:7e:66:b6:c2:43:6f:39:33:
70:d3:da:de:48:74:ee:ba:8f:0c:30:d5:a6:1e:50:26:5c:c2:
aa:78:f7:5b:48:eb:a4:6c:d2:bd:59:e0:d4:f1:39:b7:34:1c:
30:bc:df:0a:c2:40:b4:f0:ea:40:d4:b3:6e:48:45:e3:38:ed:
60:e5:db:b1:01:16:14:63:c4:55:f3:c8:8c:d2:61:6e:ff:ef:
a4:e2:03:16:1a:6b:b4:88:8c:fe:3d:f5:c9:ee:75:3e:dc:e0:
31:a1:b6:b3:5f:7f:2b:81:5f:7b:67:2e:c1:c2:9c:cd:7a:18:
c3:59:38:86:48:2b:8a:0c:fd:bb:6c:83:db:98:54:d2:fd:93:
3c:4c:34:f3:94:3a:29:e0:90:54:df:dd:ce:14:b6:3a:05:6e:
77:c5:35:41:2e:99:91:77:13:5f:b9:df:dc:73:12:eb:60:5d:
82:ad:70:58:5d:00:86:8c:c0:08:86:ec:5c:73:b5:58:5e:a3:
78:6f:cf:e0:f0:ad:7c:c8:ed:ad:71:41:7f:3a:84:09:38:89:
c0:b4:74:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2Su3YHWBV1kEedKZhn8TR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMTExNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg5ZDc3YmU1Zjk2ODRkNmRlNDM3YTA0NGQwYWU1MzNhMjQzZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JSC3vSvPKYF3mHLgAw1+5lMzI3y
UUBjcv1X05C7l9SLdB6KFWozU13LyXHTCeJHbnH+yfCBXMFcWj8q/9EuNMrvHe0C
Fh5AVllzqxC7BRtWF6zEMZpzrCHzF7FNyp5OJje7cUH/ZKBrV3sjGAWfW0pLtAmN
8xSg37MxlHiNvPuItR/8aSUgWHS2yzbfdUgfzHmQ4VlrXsClURTtNjNSYR/51rV8
byxXgcLYg/kAf8+xHFoLhp6LJevKa0Zqqu6DYtOaNTtJuMkUrOARCZ+gxSPnOq5U
/8Ho9dzGhZcUrZboW1CyY77XN0FVpguZoJ7x9vALk7d7JQIT8N91OZNEFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDaJ13vl+WhNbeQ3oETQrlM6JD+zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTm9uWGUtWDVhRTF0NURlZ1JOQ3VVem9rUDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACEuHtvpW9jV23LykFOQ
r2pdXJgrKJFPibYC+qtgqUl/Az7KJ2azH/48yDZlJ/h+ZrbCQ285M3DT2t5IdO66
jwww1aYeUCZcwqp491tI66Rs0r1Z4NTxObc0HDC83wrCQLTw6kDUs25IReM47WDl
27EBFhRjxFXzyIzSYW7/76TiAxYaa7SIjP499cnudT7c4DGhtrNffyuBX3tnLsHC
nM16GMNZOIZIK4oM/btsg9uYVNL9kzxMNPOUOingkFTf3c4UtjoFbnfFNUEumZF3
E1+539xzEutgXYKtcFhdAIaMwAiG7FxztVheo3hvz+DwrXzI7a1xQX86hAk4icC0
dIY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:48 2025 by rpki-client