Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nm1FiJZQTKfeQZT8RwK5EKKf_hU.roa
File: nm1FiJZQTKfeQZT8RwK5EKKf_hU.roa (raw, json)
Hash identifier: clxgA68A5NRqJDaKZ7BiwFBtgjLhXGcb9RnMunw5JDE=
Subject key identifier: 9E:6D:45:88:96:50:4C:A7:DE:41:94:FC:47:02:B9:10:A2:9F:FE:15
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA60ADACCA4B06DF30F89BE9395828EEE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nm1FiJZQTKfeQZT8RwK5EKKf_hU.roa
Signing time: Tue 26 Dec 2023 12:12:58 +0000
ROA not before: Tue 26 Dec 2023 12:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:0a:da:cc:a4:b0:6d:f3:0f:89:be:93:95:82:8e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 12:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6d458896504ca7de4194fc4702b910a29ffe15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:63:ff:64:21:66:6f:60:dd:6e:2f:c5:10:
94:50:d8:2d:d7:db:ba:95:a7:95:bc:eb:43:a2:83:
3f:d5:d8:32:7d:1e:b8:8a:bb:b7:5b:35:ef:c4:8a:
e7:db:36:65:ef:70:13:cf:de:ee:5a:4f:c9:1d:17:
01:d6:2c:ab:52:ed:b0:f7:0c:ab:74:5f:99:8e:d6:
49:3c:63:b0:7e:7c:db:8f:81:2a:0c:45:49:46:6d:
02:0f:f6:53:7f:4c:6a:73:ac:64:46:24:3e:47:0d:
50:6f:b6:81:c2:0e:c0:5a:f8:fe:fb:38:c2:de:00:
bf:da:f1:16:08:37:67:45:86:36:8b:db:16:10:d4:
10:2b:87:44:f4:88:25:6a:43:f0:f6:7d:f1:ee:f2:
f8:af:59:01:ef:62:6a:1a:87:82:cd:8c:76:e6:a6:
4c:6c:79:89:20:be:18:72:81:2b:7d:1a:d4:03:cb:
f5:fb:de:ba:98:37:ad:a1:65:e2:d1:f6:81:32:68:
19:31:05:af:f4:da:9b:ea:21:cd:ff:cc:f8:e9:62:
91:e7:fb:0e:09:b7:60:f5:28:34:0a:5d:fa:4f:eb:
f7:d9:ab:83:58:26:28:e9:60:84:39:65:cb:27:aa:
67:3d:2d:9b:ad:f3:2a:21:87:ff:3e:6d:15:af:fb:
df:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6D:45:88:96:50:4C:A7:DE:41:94:FC:47:02:B9:10:A2:9F:FE:15
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nm1FiJZQTKfeQZT8RwK5EKKf_hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:f9:a8:65:5d:10:38:24:6f:1f:4c:71:1b:c8:ac:0d:77:ec:
59:ab:3f:88:d4:37:f5:3d:19:70:f9:cc:e3:1a:3d:33:6f:e1:
83:71:6b:79:44:61:41:78:16:e7:5d:4e:36:2e:42:1c:a2:97:
47:12:37:6f:a8:f8:6a:a8:3d:96:b2:19:6b:bd:fe:15:ab:e3:
43:11:6c:e3:e2:33:58:90:df:2d:8d:28:15:6d:e6:72:e7:d9:
59:2c:53:b2:65:07:3a:59:ec:75:37:c5:81:cd:80:a1:60:09:
f9:66:7e:68:19:e4:68:0c:4b:a3:34:b2:34:e1:6b:77:a3:ca:
26:8a:a7:6d:cc:4c:f7:a5:e2:20:6e:54:ad:d0:7c:a6:ad:9b:
dd:ea:9c:0b:2b:21:10:b5:4f:9f:91:16:25:69:ca:ee:4f:30:
f8:84:94:7e:ee:56:aa:2c:7c:45:e5:9c:84:3d:f2:9f:0a:e1:
95:10:95:29:8a:7d:c1:bf:c4:ef:da:75:12:ad:9e:c1:a4:41:
7a:29:6a:fc:3f:63:58:da:be:28:12:f5:a7:f1:c3:ac:a1:06:
b4:19:da:91:d4:d1:1d:97:0c:48:e5:c0:1d:4f:f2:03:54:ea:
bf:cb:5e:5c:69:2a:6c:8c:3b:ed:76:0b:45:bc:d6:77:a1:27:
56:c5:e9:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYymCtrMpLBt8w+JvpOVgo7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZkNDU4ODk2NTA0Y2E3ZGU0MTk0ZmM0NzAyYjkxMGEyOWZmZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2Vj/2QhZm9g3W4vxRCUUNgt19u6
laeVvOtDooM/1dgyfR64iru3WzXvxIrn2zZl73ATz97uWk/JHRcB1iyrUu2w9wyr
dF+ZjtZJPGOwfnzbj4EqDEVJRm0CD/ZTf0xqc6xkRiQ+Rw1Qb7aBwg7AWvj++zjC
3gC/2vEWCDdnRYY2i9sWENQQK4dE9IglakPw9n3x7vL4r1kB72JqGoeCzYx25qZM
bHmJIL4YcoErfRrUA8v1+966mDetoWXi0faBMmgZMQWv9Nqb6iHN/8z46WKR5/sO
Cbdg9Sg0Cl36T+v32auDWCYo6WCEOWXLJ6pnPS2brfMqIYf/Pm0Vr/vffQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ5tRYiWUEyn3kGU/EcCuRCin/4VMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbm0xRmlKWlFUS2ZlUVpUOFJ3SzVFS0tmX2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABL5qGVdEDgkbx9McRvI
rA137FmrP4jUN/U9GXD5zOMaPTNv4YNxa3lEYUF4FuddTjYuQhyil0cSN2+o+Gqo
PZayGWu9/hWr40MRbOPiM1iQ3y2NKBVt5nLn2VksU7JlBzpZ7HU3xYHNgKFgCflm
fmgZ5GgMS6M0sjTha3ejyiaKp23MTPel4iBuVK3QfKatm93qnAsrIRC1T5+RFiVp
yu5PMPiElH7uVqosfEXlnIQ98p8K4ZUQlSmKfcG/xO/adRKtnsGkQXopavw/Y1ja
vigS9afxw6yhBrQZ2pHU0R2XDEjlwB1P8gNU6r/LXlxpKmyMO+12C0W81nehJ1bF
6U4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:58:39 2025 by rpki-client