Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nGoG0XBedBzZoH7IB6uuZYS-J9A.roa
File: nGoG0XBedBzZoH7IB6uuZYS-J9A.roa (raw, json)
Hash identifier: XDAxQPKk1F0T8ENLr8HDTSS6aLS6auGlpJsJ7NlsHu8=
Subject key identifier: 9C:6A:06:D1:70:5E:74:1C:D9:A0:7E:C8:07:AB:AE:65:84:BE:27:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6AFE229393EE5E44A10052C6D0044184
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nGoG0XBedBzZoH7IB6uuZYS-J9A.roa
Signing time: Fri 02 Feb 2024 18:04:16 +0000
ROA not before: Fri 02 Feb 2024 18:04:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:6afe:1dcb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:fe:22:93:93:ee:5e:44:a1:00:52:c6:d0:04:41:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 2 18:04:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c6a06d1705e741cd9a07ec807abae6584be27d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:89:9b:d2:ae:6b:49:ee:2e:dc:d0:0a:f0:
2f:48:69:7e:bf:d0:ca:e1:33:a2:ba:6d:6c:35:e8:
e9:9a:ff:7b:e8:8b:10:36:26:f6:dd:65:55:fb:08:
ed:4c:6e:e0:bf:17:d6:82:44:8c:16:d8:90:48:23:
f9:00:5a:b2:64:a4:0a:7b:cd:68:18:bd:16:87:b3:
16:89:40:61:59:78:b4:b9:1f:15:e3:ac:97:4f:88:
ba:eb:82:13:c5:fc:3b:79:77:56:71:32:19:85:ea:
47:d2:92:25:1e:7c:58:73:ba:dc:7c:d4:51:22:76:
68:1a:a1:95:a7:77:19:fb:dd:c4:94:ae:65:c0:48:
e0:88:7e:9b:d4:cc:3e:ce:4b:27:0e:fd:6d:b5:a4:
78:28:d1:f1:b1:87:45:82:81:9f:cb:0c:89:8a:8e:
9e:88:b6:8b:61:eb:e3:9a:c1:67:b7:76:64:ef:43:
7a:6e:8a:89:3b:42:a1:f1:d7:9f:88:4a:b1:70:6e:
9e:ce:22:70:56:60:9a:d4:bf:44:d4:c0:52:6d:1b:
2e:ee:2c:83:be:ab:4a:0b:f3:bd:6c:1f:aa:c5:58:
6c:72:f9:2e:2f:78:3e:4c:b8:f9:f7:38:66:33:9b:
16:37:96:b6:22:25:ef:1b:b7:a6:a6:49:da:0f:a1:
22:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6A:06:D1:70:5E:74:1C:D9:A0:7E:C8:07:AB:AE:65:84:BE:27:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nGoG0XBedBzZoH7IB6uuZYS-J9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:5b:0e:5f:b2:70:0b:3e:e9:1c:2b:9f:0a:aa:72:94:21:23:
c3:91:bf:d8:d4:fd:1a:2e:d6:26:3e:bc:e3:23:e7:49:4d:af:
a2:ec:02:c7:a3:b5:ee:35:ea:a8:c4:41:f5:79:2a:0c:ff:47:
d2:f9:59:8b:61:7f:16:5f:90:e8:b4:6e:6a:c0:41:63:5f:4d:
5a:88:bb:2d:11:72:8e:4e:ec:af:91:21:6a:e7:07:45:87:0a:
63:e3:19:52:88:d3:71:28:21:2e:c0:54:e1:d2:f7:18:5b:56:
bb:38:de:7f:28:15:27:33:87:7d:ba:eb:c2:13:3b:b9:fe:fb:
f1:eb:cf:2a:bf:9a:9f:75:e3:0f:66:3d:59:83:f2:85:ed:46:
aa:99:e3:e0:66:64:04:ab:e2:15:5f:38:7b:98:b8:12:95:91:
b2:3c:cf:1b:19:6f:ef:db:24:3b:c8:33:87:89:1f:bd:ba:58:
46:13:4e:c1:8b:fe:f7:49:b9:b1:49:be:dd:5a:fd:e0:a0:f1:
90:59:de:81:40:9f:80:88:23:b7:2b:f4:54:d9:e9:8b:5a:f4:
cf:d4:09:0e:31:d6:aa:c8:78:41:63:23:4f:57:81:65:0b:77:
85:5b:01:50:36:04:6d:cb:ba:3f:bd:8b:f6:60:47:7c:d8:bc:
25:57:7d:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1q/iKTk+5eRKEAUsbQBEGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAyMTgwNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzZhMDZkMTcwNWU3NDFjZDlhMDdlYzgwN2FiYWU2NTg0YmUyN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0eJm9Kua0nuLtzQCvAvSGl+v9DK
4TOium1sNejpmv976IsQNib23WVV+wjtTG7gvxfWgkSMFtiQSCP5AFqyZKQKe81o
GL0Wh7MWiUBhWXi0uR8V46yXT4i664ITxfw7eXdWcTIZhepH0pIlHnxYc7rcfNRR
InZoGqGVp3cZ+93ElK5lwEjgiH6b1Mw+zksnDv1ttaR4KNHxsYdFgoGfywyJio6e
iLaLYevjmsFnt3Zk70N6boqJO0Kh8defiEqxcG6eziJwVmCa1L9E1MBSbRsu7iyD
vqtKC/O9bB+qxVhscvkuL3g+TLj59zhmM5sWN5a2IiXvG7empknaD6EiUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJxqBtFwXnQc2aB+yAerrmWEvifQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbkdvRzBYQmVkQnpab0g3SUI2dXVaWVMtSjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACpbDl+ycAs+6Rwrnwqq
cpQhI8ORv9jU/Rou1iY+vOMj50lNr6LsAsejte416qjEQfV5Kgz/R9L5WYthfxZf
kOi0bmrAQWNfTVqIuy0Rco5O7K+RIWrnB0WHCmPjGVKI03EoIS7AVOHS9xhbVrs4
3n8oFSczh32668ITO7n++/Hrzyq/mp914w9mPVmD8oXtRqqZ4+BmZASr4hVfOHuY
uBKVkbI8zxsZb+/bJDvIM4eJH726WEYTTsGL/vdJubFJvt1a/eCg8ZBZ3oFAn4CI
I7cr9FTZ6Yta9M/UCQ4x1qrIeEFjI09XgWULd4VbAVA2BG3Luj+9i/ZgR3zYvCVX
fdM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:02 2025 by rpki-client