Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nol2u4dMMleTH4NtWH7OE_YbV-8.roa
File: nol2u4dMMleTH4NtWH7OE_YbV-8.roa (raw, json)
Hash identifier: O2E/AORVS/1nidcYWdOTbHnWTlBRcpIY2mWEAG3NXEE=
Subject key identifier: 9E:89:76:BB:87:4C:32:57:93:1F:83:6D:58:7E:CE:13:F6:1B:57:EF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCE5AAE2AC81E8FDBBFAF2302B6D954A6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nol2u4dMMleTH4NtWH7OE_YbV-8.roa
Signing time: Wed 03 Jan 2024 08:04:58 +0000
ROA not before: Wed 03 Jan 2024 08:04:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:ce5a:3920/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:5a:ae:2a:c8:1e:8f:db:bf:af:23:02:b6:d9:54:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 08:04:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e8976bb874c3257931f836d587ece13f61b57ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:da:dd:ae:65:df:56:1b:f1:4f:a2:69:bb:80:
da:47:d7:58:2f:2d:4e:40:7b:db:7a:8d:31:c2:88:
45:8d:5f:4d:16:99:1c:4b:bf:22:13:3c:94:34:01:
25:fe:e4:6f:97:25:ab:48:d6:39:8c:42:ed:b6:22:
36:fb:ce:6f:01:c4:db:cb:50:47:3b:85:b6:20:b9:
51:53:b8:c5:9f:af:ac:86:26:2f:5b:c8:f1:19:07:
fa:44:8c:a7:0a:3c:42:a2:69:3f:0b:ea:57:5e:31:
dc:5f:6f:ef:04:d1:06:3c:90:c8:b5:52:aa:fd:f4:
c9:60:4d:1c:73:f8:c1:a1:dc:be:56:8f:d9:20:6b:
45:45:03:cf:58:43:f2:4e:e6:94:05:60:86:2d:f5:
3e:57:2e:fc:3b:d6:47:5e:96:89:11:a7:ba:c9:b3:
10:bd:3a:93:de:1a:6d:07:cc:6a:ac:45:e2:5e:f1:
57:38:23:01:40:6b:68:56:3d:8a:6c:39:77:b6:e2:
a7:8a:35:dc:33:ea:39:bd:7b:66:59:e5:91:54:42:
0a:e4:e7:86:3c:e4:19:f7:84:2c:44:73:4e:c0:d8:
20:17:68:47:91:23:02:ee:54:22:f5:b6:0a:a4:f0:
6a:b7:d5:8b:7e:a1:4a:48:8f:3a:e4:06:46:0f:23:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:89:76:BB:87:4C:32:57:93:1F:83:6D:58:7E:CE:13:F6:1B:57:EF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nol2u4dMMleTH4NtWH7OE_YbV-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:8b:23:d7:df:ad:39:18:93:36:4e:cc:b8:c5:ce:00:b6:7f:
69:6a:1e:fe:2b:53:1b:73:b7:7d:dc:59:43:4c:a9:46:c0:92:
fd:e1:e7:98:62:0d:da:d8:c8:96:a0:21:fd:8e:6d:03:a2:8a:
b6:e1:5b:52:80:f8:af:ee:bf:a3:85:ad:c3:64:6f:15:1e:24:
17:17:c3:b9:87:fd:77:f3:65:e0:f9:6d:2d:97:ee:2b:19:d8:
2a:05:17:3c:d5:ae:11:f9:11:74:d8:1e:1a:84:2c:15:81:71:
d8:a2:74:a8:83:1c:25:c4:9b:e7:d7:14:c0:1a:3b:50:c0:db:
a7:41:f3:f7:56:bc:c7:75:a9:3d:90:5b:84:6e:68:b7:90:63:
87:c8:14:34:ee:d5:b5:b2:22:5c:d3:02:5f:4c:95:c4:af:e8:
ef:88:30:6a:5c:52:39:a3:01:44:e6:1b:a6:dc:b5:18:ce:51:
f9:e0:7c:54:c9:0a:42:26:ff:32:16:42:49:2b:f6:1c:a0:50:
d2:a1:5a:a9:04:3a:1f:d6:51:6f:07:2d:c5:2f:d9:37:9a:60:
db:3a:fe:14:fa:19:cd:b7:73:a5:0a:6c:46:b6:1d:84:6f:55:
5c:54:9f:cb:6d:87:42:dd:75:65:05:40:07:30:53:53:11:cc:
46:ec:8f:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzOWq4qyB6P27+vIwK22VSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMDgwNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg5NzZiYjg3NGMzMjU3OTMxZjgzNmQ1ODdlY2UxM2Y2MWI1N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNrdrmXfVhvxT6Jpu4DaR9dYLy1O
QHvbeo0xwohFjV9NFpkcS78iEzyUNAEl/uRvlyWrSNY5jELttiI2+85vAcTby1BH
O4W2ILlRU7jFn6+shiYvW8jxGQf6RIynCjxComk/C+pXXjHcX2/vBNEGPJDItVKq
/fTJYE0cc/jBody+Vo/ZIGtFRQPPWEPyTuaUBWCGLfU+Vy78O9ZHXpaJEae6ybMQ
vTqT3hptB8xqrEXiXvFXOCMBQGtoVj2KbDl3tuKnijXcM+o5vXtmWeWRVEIK5OeG
POQZ94QsRHNOwNggF2hHkSMC7lQi9bYKpPBqt9WLfqFKSI865AZGDyOxdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ6JdruHTDJXkx+DbVh+zhP2G1fvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbm9sMnU0ZE1NbGVUSDROdFdIN09FX1liVi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD6LI9ffrTkYkzZOzLjF
zgC2f2lqHv4rUxtzt33cWUNMqUbAkv3h55hiDdrYyJagIf2ObQOiirbhW1KA+K/u
v6OFrcNkbxUeJBcXw7mH/XfzZeD5bS2X7isZ2CoFFzzVrhH5EXTYHhqELBWBcdii
dKiDHCXEm+fXFMAaO1DA26dB8/dWvMd1qT2QW4RuaLeQY4fIFDTu1bWyIlzTAl9M
lcSv6O+IMGpcUjmjAUTmG6bctRjOUfngfFTJCkIm/zIWQkkr9hygUNKhWqkEOh/W
UW8HLcUv2TeaYNs6/hT6Gc23c6UKbEa2HYRvVVxUn8tth0LddWUFQAcwU1MRzEbs
j3I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:11:47 2025 by rpki-client