Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nKQFm8sz8tYDtWUJikZXrCNgnyc.roa
File: nKQFm8sz8tYDtWUJikZXrCNgnyc.roa (raw, json)
Hash identifier: lSvIlqikZ/aWWWl+7BEzYA/FGk/Wn3rfK7IFnPqiBsc=
Subject key identifier: 9C:A4:05:9B:CB:33:F2:D6:03:B5:65:09:8A:46:57:AC:23:60:9F:27
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D69B575BAB26A94E2ABE4BE2DEEAF4E71
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nKQFm8sz8tYDtWUJikZXrCNgnyc.roa
Signing time: Fri 02 Feb 2024 12:05:16 +0000
ROA not before: Fri 02 Feb 2024 12:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:69b4:88e6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:b5:75:ba:b2:6a:94:e2:ab:e4:be:2d:ee:af:4e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 2 12:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca4059bcb33f2d603b565098a4657ac23609f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1d:30:e7:c9:a0:b2:86:1e:39:92:6e:5e:73:
3c:ad:9d:39:df:b2:bc:9c:ef:8e:c6:45:63:82:ea:
86:1f:fe:bd:3f:45:df:77:7f:c0:d7:85:c9:b9:42:
5e:87:33:74:3f:2c:14:92:6b:74:66:4d:b2:bd:e8:
13:38:81:d5:ac:2a:92:a5:aa:b4:44:20:24:01:b7:
a9:4a:d4:6a:65:93:6e:17:83:f7:97:f2:52:4a:02:
cb:d4:c4:c1:98:fc:09:f2:76:6a:bf:a3:01:aa:e8:
41:68:af:42:f4:a3:bb:8a:cd:6e:0f:53:2b:20:86:
0b:e2:3e:97:ef:ff:46:05:5d:42:c2:f5:d3:3d:08:
9c:ee:2c:08:eb:85:8e:a4:f9:96:12:ed:5e:09:ad:
b4:ce:fa:e5:9b:82:70:8c:06:0c:30:e1:69:a8:4e:
f7:c5:9b:06:61:13:d6:18:69:f6:59:fd:7f:08:b3:
ae:a6:a2:ba:d2:70:d8:9b:a3:65:ee:e5:05:86:59:
e6:ea:88:79:a4:f7:6b:ee:d8:6e:06:0f:19:1b:f7:
a8:8e:b1:b4:48:e7:ce:3b:4d:77:cd:45:4d:7d:8a:
42:42:16:53:25:ba:b2:ee:d7:02:93:12:a7:e4:77:
19:a0:e3:9b:15:c2:0e:69:28:17:19:9c:e0:36:a3:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A4:05:9B:CB:33:F2:D6:03:B5:65:09:8A:46:57:AC:23:60:9F:27
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nKQFm8sz8tYDtWUJikZXrCNgnyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:3c:24:4e:eb:c6:0d:5a:cf:4c:ea:f6:36:e6:2f:b1:3d:09:
28:31:51:68:c6:21:59:9d:96:3c:af:1c:f5:b4:51:41:b5:a9:
f8:df:e6:f5:0f:f0:1d:2a:bc:cd:65:07:97:a2:f7:7c:ff:80:
61:67:a7:8d:67:c7:8e:96:1e:86:7d:ba:3b:d9:5b:97:1f:e4:
d1:ef:b7:5d:3e:d4:df:60:2d:ad:2f:fc:52:36:d3:05:79:8e:
94:a6:73:f1:e0:33:19:eb:91:28:ad:93:c6:10:c1:58:6a:bf:
fa:34:09:a1:6f:23:91:9f:0e:16:15:cf:c7:0e:d8:84:25:f9:
48:e2:08:40:11:2a:bf:fb:45:58:16:45:ba:1a:71:02:21:96:
79:83:fd:45:ec:79:e5:2b:e1:ed:26:d7:27:bd:64:06:4c:98:
a6:27:17:63:4a:59:fe:e6:9c:8f:f3:bb:5a:70:d4:02:e4:ee:
d4:13:6f:74:9c:99:fc:88:b8:dd:5b:9c:8f:5b:68:4f:67:ba:
02:10:11:71:0e:52:5f:9e:4f:9e:e3:1f:78:ab:e0:08:02:9a:
a7:0e:3a:e4:ac:d0:40:75:84:30:fb:f7:27:96:95:ff:44:85:
d9:8a:79:0b:59:9d:dc:1d:35:0b:de:7f:22:81:82:58:9d:90:
e2:a2:f5:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1ptXW6smqU4qvkvi3ur05xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAyMTIwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E0MDU5YmNiMzNmMmQ2MDNiNTY1MDk4YTQ2NTdhYzIzNjA5ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx0w58mgsoYeOZJuXnM8rZ0537K8
nO+OxkVjguqGH/69P0Xfd3/A14XJuUJehzN0PywUkmt0Zk2yvegTOIHVrCqSpaq0
RCAkAbepStRqZZNuF4P3l/JSSgLL1MTBmPwJ8nZqv6MBquhBaK9C9KO7is1uD1Mr
IIYL4j6X7/9GBV1CwvXTPQic7iwI64WOpPmWEu1eCa20zvrlm4JwjAYMMOFpqE73
xZsGYRPWGGn2Wf1/CLOupqK60nDYm6Nl7uUFhlnm6oh5pPdr7thuBg8ZG/eojrG0
SOfOO013zUVNfYpCQhZTJbqy7tcCkxKn5HcZoOObFcIOaSgXGZzgNqMqQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJykBZvLM/LWA7VlCYpGV6wjYJ8nMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbktRRm04c3o4dFlEdFdVSmlrWlhyQ05nbnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA88JE7rxg1az0zq9jbm
L7E9CSgxUWjGIVmdljyvHPW0UUG1qfjf5vUP8B0qvM1lB5ei93z/gGFnp41nx46W
HoZ9ujvZW5cf5NHvt10+1N9gLa0v/FI20wV5jpSmc/HgMxnrkSitk8YQwVhqv/o0
CaFvI5GfDhYVz8cO2IQl+UjiCEARKr/7RVgWRboacQIhlnmD/UXseeUr4e0m1ye9
ZAZMmKYnF2NKWf7mnI/zu1pw1ALk7tQTb3ScmfyIuN1bnI9baE9nugIQEXEOUl+e
T57jH3ir4AgCmqcOOuSs0EB1hDD79yeWlf9EhdmKeQtZndwdNQvefyKBglidkOKi
9Q8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:49 2025 by rpki-client