Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Nrvb_Pw-bc0Q6pLengv879WGdQI.roa
File: Nrvb_Pw-bc0Q6pLengv879WGdQI.roa (raw, json)
Hash identifier: UWRSl6P8pSb0FVyS5PI+a8OZVpcfyV1wzNiIkWNl1gk=
Subject key identifier: 36:BB:DB:FC:FC:3E:6D:CD:10:EA:92:DE:9E:0B:FC:EF:D5:86:75:02
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA832B064D4049F1F6401B287C6D0BEDA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Nrvb_Pw-bc0Q6pLengv879WGdQI.roa
Signing time: Wed 14 Feb 2024 15:18:30 +0000
ROA not before: Wed 14 Feb 2024 15:18:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:32:b0:64:d4:04:9f:1f:64:01:b2:87:c6:d0:be:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 15:18:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36bbdbfcfc3e6dcd10ea92de9e0bfcefd5867502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:64:31:b1:5f:d0:6e:6a:6f:9b:c0:49:07:ce:
72:ac:f9:51:f0:b6:17:03:99:a1:e9:f0:8c:63:09:
6d:4c:4e:75:72:46:f4:8f:9c:c6:f9:f5:06:43:df:
77:ed:4e:65:55:7c:6b:cf:dd:6c:4b:2f:5e:ec:f4:
fa:46:cc:2f:fd:91:a1:3e:ae:81:0c:cc:cd:cf:24:
f9:a9:eb:d2:d8:44:66:a5:d6:47:a3:3e:fa:83:b3:
36:da:2c:d6:33:6f:14:5c:53:45:05:a5:5d:e9:28:
37:75:0b:68:7d:78:65:df:1b:f7:62:26:f2:0e:92:
bb:83:98:5d:94:23:0b:d7:44:9e:36:1d:e0:e6:99:
39:32:7b:37:d1:f8:2c:c7:25:ef:ce:ed:4e:0c:04:
b9:55:e0:63:de:61:ce:c7:a7:27:ab:4d:41:f8:9b:
82:d1:35:6d:9c:96:a4:c3:b8:1b:67:34:70:56:b4:
ad:70:bd:a5:50:92:85:4e:b7:09:85:ca:91:2b:da:
1e:c3:0a:74:15:59:fa:31:92:89:1f:ca:82:8f:6f:
e4:a6:75:2b:e9:40:0f:3f:7e:75:bd:7b:69:3e:82:
2a:e7:fd:f4:93:e2:e0:df:24:90:dd:b1:b6:d2:ff:
89:11:0c:d1:00:e8:e2:43:b1:21:88:df:f4:90:90:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BB:DB:FC:FC:3E:6D:CD:10:EA:92:DE:9E:0B:FC:EF:D5:86:75:02
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Nrvb_Pw-bc0Q6pLengv879WGdQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:db:a5:3d:4c:bd:a2:e2:08:92:cb:fa:c1:1e:30:5e:24:fb:
4b:15:8e:4d:0c:63:87:e4:87:f8:19:0f:c9:85:fe:8f:1b:50:
38:00:37:c1:f2:6b:d8:20:f6:7f:29:2a:c9:ec:28:53:f9:31:
0a:06:ef:ab:ff:3d:31:dd:a9:f1:a6:6a:b3:06:a0:8b:12:9b:
7d:83:b8:6b:22:49:2b:2f:ba:48:3f:6d:da:84:d1:71:8c:bf:
3d:d6:ed:7b:1d:c1:84:f5:ea:90:c4:b2:63:2e:03:e9:fb:d9:
6e:de:9d:5e:7e:87:46:6a:87:3e:00:9c:e3:45:0a:00:4d:89:
fc:ec:ac:e8:04:4d:7e:6b:5f:49:f6:a6:ae:1c:b5:04:0b:19:
d6:16:24:a5:0f:51:6e:de:e8:9b:23:0a:4a:57:69:10:d4:36:
dc:5b:55:5d:b8:25:c8:12:ed:ad:7d:51:7d:c6:a8:ce:2e:7e:
46:86:d6:14:3c:df:a7:3f:88:f5:9d:90:65:a3:a4:44:17:fa:
3a:ba:92:b6:74:2f:db:8f:67:be:9a:03:26:da:9f:48:6c:72:
bc:64:64:26:15:6a:93:9b:90:c3:cd:33:0e:00:00:55:dc:d9:
6a:20:a3:63:a7:33:87:53:0f:bd:90:0b:c8:0a:94:09:3a:c6:
d4:85:87:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2oMrBk1ASfH2QBsofG0L7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MTUxODMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJiZGJmY2ZjM2U2ZGNkMTBlYTkyZGU5ZTBiZmNlZmQ1ODY3NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumQxsV/Qbmpvm8BJB85yrPlR8LYX
A5mh6fCMYwltTE51ckb0j5zG+fUGQ9937U5lVXxrz91sSy9e7PT6Rswv/ZGhPq6B
DMzNzyT5qevS2ERmpdZHoz76g7M22izWM28UXFNFBaVd6Sg3dQtofXhl3xv3Yiby
DpK7g5hdlCML10SeNh3g5pk5Mns30fgsxyXvzu1ODAS5VeBj3mHOx6cnq01B+JuC
0TVtnJakw7gbZzRwVrStcL2lUJKFTrcJhcqRK9oewwp0FVn6MZKJH8qCj2/kpnUr
6UAPP351vXtpPoIq5/30k+Lg3ySQ3bG20v+JEQzRAOjiQ7EhiN/0kJDu9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDa72/z8Pm3NEOqS3p4L/O/VhnUCMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTnJ2Yl9Qdy1iYzBRNnBMZW5ndjg3OVdHZFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHTbpT1MvaLiCJLL+sEe
MF4k+0sVjk0MY4fkh/gZD8mF/o8bUDgAN8Hya9gg9n8pKsnsKFP5MQoG76v/PTHd
qfGmarMGoIsSm32DuGsiSSsvukg/bdqE0XGMvz3W7XsdwYT16pDEsmMuA+n72W7e
nV5+h0Zqhz4AnONFCgBNifzsrOgETX5rX0n2pq4ctQQLGdYWJKUPUW7e6JsjCkpX
aRDUNtxbVV24JcgS7a19UX3GqM4ufkaG1hQ836c/iPWdkGWjpEQX+jq6krZ0L9uP
Z76aAyban0hscrxkZCYVapObkMPNMw4AAFXc2Wogo2OnM4dTD72QC8gKlAk6xtSF
hzo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org