Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/naRLX4xWtwUrZFWCk4nf3RW-CJ0.roa
File: naRLX4xWtwUrZFWCk4nf3RW-CJ0.roa (raw, json)
Hash identifier: jXQo7zmTW69YEyeRgDcrzeqtN3guiFAgKlvB97PO+o8=
Subject key identifier: 9D:A4:4B:5F:8C:56:B7:05:2B:64:55:82:93:89:DF:DD:15:BE:08:9D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D623DD69474A69490D98F87415599094D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/naRLX4xWtwUrZFWCk4nf3RW-CJ0.roa
Signing time: Thu 01 Feb 2024 01:17:16 +0000
ROA not before: Thu 01 Feb 2024 01:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:3d:d6:94:74:a6:94:90:d9:8f:87:41:55:99:09:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 1 01:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da44b5f8c56b7052b6455829389dfdd15be089d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:de:6c:d9:a4:f5:cd:82:63:e2:fb:40:75:c0:
36:bc:ef:e5:69:3b:b5:b7:1f:17:d4:8e:e7:52:f1:
dc:b9:a3:b9:f3:be:f7:fa:23:c9:3a:1a:bd:5a:c5:
a7:90:c5:28:9a:d9:ec:45:13:2c:17:99:9f:28:61:
46:8c:e3:69:53:a5:f6:cd:a1:fc:d0:ef:d5:9d:5a:
c3:6a:b9:d8:86:5c:db:7b:bb:d0:f8:fb:16:ed:68:
e5:39:b7:2c:54:2d:f1:d3:0b:d8:ea:36:7f:31:ef:
07:61:13:3f:08:18:4a:d8:65:a2:cb:3f:52:36:b9:
c1:bd:13:6f:c7:31:8c:48:36:00:ae:7b:ee:b5:2c:
3e:59:f9:80:36:fd:54:e4:09:8f:ab:7f:25:44:0c:
a4:7c:9a:04:37:48:dc:e3:79:08:5c:63:16:5d:e8:
f2:67:46:9d:e6:b9:f2:7f:d5:b6:cb:24:f7:07:67:
05:d8:bb:41:91:be:7c:4f:0c:69:ab:51:be:4d:53:
4b:9d:a2:f6:fa:9b:f0:18:7b:47:2a:4e:05:20:f8:
08:01:60:e0:42:f1:45:df:f4:53:e3:d0:47:35:ed:
99:5e:7e:07:e7:41:76:5a:ce:b5:a8:e3:a4:ef:5d:
07:42:0c:ee:32:fb:38:9c:08:41:63:f0:d8:da:0b:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A4:4B:5F:8C:56:B7:05:2B:64:55:82:93:89:DF:DD:15:BE:08:9D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/naRLX4xWtwUrZFWCk4nf3RW-CJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:bb:b0:8e:04:da:4b:a9:37:1c:41:37:ad:6c:0f:7d:82:43:
f0:c6:73:c0:75:f1:13:97:aa:f1:9e:79:df:ec:37:fa:eb:38:
2d:00:d0:7f:94:ba:40:59:ee:52:b2:f7:29:9b:0f:36:22:62:
c0:ca:68:4c:b1:9a:ac:0b:e4:8d:6a:79:27:57:ec:41:fb:1a:
f5:44:8d:6d:03:f6:9c:2f:7b:4c:6c:40:05:a9:c0:33:d7:98:
c4:3a:00:da:ef:c2:80:57:bd:8e:bd:b3:77:09:2d:a1:c8:f6:
1e:97:2b:4b:3f:98:0d:ba:71:ab:6b:73:2b:a6:8f:2f:89:27:
ec:92:78:ab:bc:6b:d5:b6:9b:70:52:75:4f:9c:fd:64:e4:f3:
b3:78:71:aa:cb:2f:cb:4e:74:52:2c:04:ef:a4:4b:e4:a1:e1:
9e:8d:9f:9a:1b:06:4a:c8:3b:58:6a:d9:e3:8e:4c:ab:a4:a4:
95:32:e4:62:68:bd:80:89:22:9b:df:cc:21:d3:40:47:86:3d:
77:67:41:db:ac:46:14:4a:8b:e6:e0:66:dd:8a:1d:35:36:89:
59:fb:4a:ee:d1:45:b3:06:ff:18:85:7e:ea:8f:eb:a0:ed:62:
42:88:f3:98:53:17:b7:7e:0d:24:83:15:5c:9f:09:4c:8a:a8:
c0:c1:26:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1iPdaUdKaUkNmPh0FVmQlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAxMDExNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE0NGI1ZjhjNTZiNzA1MmI2NDU1ODI5Mzg5ZGZkZDE1YmUwODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg95s2aT1zYJj4vtAdcA2vO/laTu1
tx8X1I7nUvHcuaO58773+iPJOhq9WsWnkMUomtnsRRMsF5mfKGFGjONpU6X2zaH8
0O/VnVrDarnYhlzbe7vQ+PsW7WjlObcsVC3x0wvY6jZ/Me8HYRM/CBhK2GWiyz9S
NrnBvRNvxzGMSDYArnvutSw+WfmANv1U5AmPq38lRAykfJoEN0jc43kIXGMWXejy
Z0ad5rnyf9W2yyT3B2cF2LtBkb58Twxpq1G+TVNLnaL2+pvwGHtHKk4FIPgIAWDg
QvFF3/RT49BHNe2ZXn4H50F2Ws61qOOk710HQgzuMvs4nAhBY/DY2guL1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ2kS1+MVrcFK2RVgpOJ390VvgidMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbmFSTFg0eFd0d1VyWkZXQ2s0bmYzUlctQ0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD27sI4E2kupNxxBN61s
D32CQ/DGc8B18ROXqvGeed/sN/rrOC0A0H+UukBZ7lKy9ymbDzYiYsDKaEyxmqwL
5I1qeSdX7EH7GvVEjW0D9pwve0xsQAWpwDPXmMQ6ANrvwoBXvY69s3cJLaHI9h6X
K0s/mA26catrcyumjy+JJ+ySeKu8a9W2m3BSdU+c/WTk87N4carLL8tOdFIsBO+k
S+Sh4Z6Nn5obBkrIO1hq2eOOTKukpJUy5GJovYCJIpvfzCHTQEeGPXdnQdusRhRK
i+bgZt2KHTU2iVn7Su7RRbMG/xiFfuqP66DtYkKI85hTF7d+DSSDFVyfCUyKqMDB
JrM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:28 2025 by rpki-client