Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NyzTQ7qMkqwo7J3AtN0hRaBMZT0.roa
File: NyzTQ7qMkqwo7J3AtN0hRaBMZT0.roa (raw, json)
Hash identifier: sEAiq1wqCv+EUuOyfYTxqVkR0xV3FK2PyaDiLieaMF8=
Subject key identifier: 37:2C:D3:43:BA:8C:92:AC:28:EC:9D:C0:B4:DD:21:45:A0:4C:65:3D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9698B0D2B376573A6426FA48F7DB18A3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NyzTQ7qMkqwo7J3AtN0hRaBMZT0.roa
Signing time: Sat 23 Dec 2023 12:13:58 +0000
ROA not before: Sat 23 Dec 2023 12:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:98:b0:d2:b3:76:57:3a:64:26:fa:48:f7:db:18:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 12:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=372cd343ba8c92ac28ec9dc0b4dd2145a04c653d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9b:67:2d:9e:a7:bd:a9:b5:11:b0:c2:a7:cf:
65:7d:d7:59:cc:ad:9b:52:7a:d5:9c:3c:fd:fe:15:
35:c8:a9:d2:ad:a7:86:26:30:ba:9e:3b:c9:b5:f3:
81:8b:91:3d:ea:14:0c:28:d3:2a:ca:92:72:3a:8b:
23:38:bd:38:4f:5d:1a:68:f6:ab:9c:92:42:2c:8a:
71:cf:ab:5f:f9:a5:5d:bd:b5:70:e4:ee:31:49:b1:
10:0a:a8:67:02:aa:c4:a1:33:2d:57:ce:24:cd:e1:
5b:7c:06:5b:46:7d:34:0e:3d:c5:fd:f1:ff:03:fc:
7e:99:af:33:66:fe:10:b0:d6:e1:a0:b8:e8:ec:99:
11:62:d2:58:3f:22:91:93:a0:26:5c:d4:ee:1f:19:
3e:78:62:e6:57:39:d5:4d:a0:b0:7f:6e:e0:2f:37:
fd:cd:d0:08:2f:42:48:4d:d6:a2:f2:1e:9d:50:e3:
b0:c9:b1:13:63:19:bc:fd:37:c9:4b:12:f0:ad:99:
1a:ab:f4:59:2d:27:58:90:4a:a8:8d:08:a5:f5:13:
58:70:9b:1d:b7:35:ef:67:87:83:96:07:09:c0:61:
ec:80:85:0a:2d:6b:fa:e3:62:ad:00:2b:40:29:33:
cd:83:06:1b:01:4a:c3:a7:2a:ac:4d:08:56:0d:04:
aa:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:2C:D3:43:BA:8C:92:AC:28:EC:9D:C0:B4:DD:21:45:A0:4C:65:3D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NyzTQ7qMkqwo7J3AtN0hRaBMZT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:e0:69:7b:bc:8d:24:11:c3:e9:d4:fb:ea:9b:86:57:5d:77:
b1:d3:1d:e5:61:05:b8:80:1c:ff:6c:5d:89:3b:36:7a:26:7d:
25:34:85:98:32:d9:b2:97:fe:bc:02:6f:c1:fe:01:c2:f9:de:
2c:a7:ec:64:d4:66:29:8a:6b:f5:68:d0:cf:35:59:9c:d2:a5:
5b:fb:3c:b3:c2:22:96:f3:98:8d:62:48:c8:3d:25:4d:ae:ea:
9f:88:f6:c8:27:dd:a9:ef:db:64:d7:d5:03:7f:9c:f1:7a:80:
5d:5f:61:19:cd:4a:2f:40:57:4c:37:be:cf:6e:74:8a:8c:50:
ee:90:22:27:cc:e3:c4:e9:a3:30:39:8e:46:ee:92:92:2f:1c:
c5:a7:a1:f6:a2:be:5c:29:ef:51:89:0f:47:c8:4c:a4:f7:20:
08:16:c6:1a:3e:7c:d6:b5:16:d1:eb:25:a0:c9:d9:d9:18:18:
d9:06:c8:5b:df:4e:6e:23:94:50:bf:ff:3c:ba:9a:cb:fb:99:
ff:36:9a:f0:2f:70:06:37:a5:cd:47:4a:a8:35:aa:96:41:7e:
ff:0d:37:68:52:66:c5:ea:eb:d4:07:c6:18:05:dd:61:05:56:
f4:04:1f:64:90:68:3e:45:f8:71:b7:37:3b:94:47:07:b3:d8:
49:be:dc:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyWmLDSs3ZXOmQm+kj32xijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTIxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzJjZDM0M2JhOGM5MmFjMjhlYzlkYzBiNGRkMjE0NWEwNGM2NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJtnLZ6nvam1EbDCp89lfddZzK2b
UnrVnDz9/hU1yKnSraeGJjC6njvJtfOBi5E96hQMKNMqypJyOosjOL04T10aaPar
nJJCLIpxz6tf+aVdvbVw5O4xSbEQCqhnAqrEoTMtV84kzeFbfAZbRn00Dj3F/fH/
A/x+ma8zZv4QsNbhoLjo7JkRYtJYPyKRk6AmXNTuHxk+eGLmVznVTaCwf27gLzf9
zdAIL0JITdai8h6dUOOwybETYxm8/TfJSxLwrZkaq/RZLSdYkEqojQil9RNYcJsd
tzXvZ4eDlgcJwGHsgIUKLWv642KtACtAKTPNgwYbAUrDpyqsTQhWDQSq5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDcs00O6jJKsKOydwLTdIUWgTGU9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTnl6VFE3cU1rcXdvN0ozQXROMGhSYUJNWlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAngaXu8jSQRw+nU++qb
hlddd7HTHeVhBbiAHP9sXYk7NnomfSU0hZgy2bKX/rwCb8H+AcL53iyn7GTUZimK
a/Vo0M81WZzSpVv7PLPCIpbzmI1iSMg9JU2u6p+I9sgn3anv22TX1QN/nPF6gF1f
YRnNSi9AV0w3vs9udIqMUO6QIifM48TpozA5jkbukpIvHMWnofaivlwp71GJD0fI
TKT3IAgWxho+fNa1FtHrJaDJ2dkYGNkGyFvfTm4jlFC//zy6msv7mf82mvAvcAY3
pc1HSqg1qpZBfv8NN2hSZsXq69QHxhgF3WEFVvQEH2SQaD5F+HG3NzuURwez2Em+
3EY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org