Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nwlM9grikyAFAS9gYWwzcFQ-R_I.roa
File: nwlM9grikyAFAS9gYWwzcFQ-R_I.roa (raw, json)
Hash identifier: 6st75zJxiE0IlM30kZoi3DWCQpKPL6JB0/lkU/FkG+4=
Subject key identifier: 9F:09:4C:F6:0A:E2:93:20:05:01:2F:60:61:6C:33:70:54:3E:47:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5BBFE0571CB85F2CECF5E5BFE81D9E6A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nwlM9grikyAFAS9gYWwzcFQ-R_I.roa
Signing time: Wed 20 Mar 2024 12:04:45 +0000
ROA not before: Wed 20 Mar 2024 12:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5bbf:70e5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:bf:e0:57:1c:b8:5f:2c:ec:f5:e5:bf:e8:1d:9e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 12:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f094cf60ae2932005012f60616c3370543e47f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:da:60:06:f0:53:0b:2c:8f:71:ce:64:24:
59:b0:ce:82:b5:fa:55:5e:8e:8c:66:61:7c:86:39:
38:03:ea:5a:ef:42:dd:a9:ee:90:a3:de:ee:44:a9:
b8:32:50:da:0d:37:d9:38:fe:ea:a8:8d:a8:be:d2:
ab:c4:d7:09:ee:e7:76:9f:46:7b:99:74:5f:98:18:
92:f0:ca:59:83:58:9a:0b:7d:82:c1:1b:d7:8f:ff:
b6:4d:f5:07:73:d2:1a:fa:f7:db:d3:96:c4:a6:b4:
a0:f2:92:ef:80:99:b4:9a:21:8b:4e:b9:59:52:a0:
68:84:08:8e:62:81:82:84:9f:5f:69:a0:ad:2c:2a:
03:3a:ee:cc:f3:e1:0b:18:6b:35:29:94:cc:c9:f1:
93:74:57:20:50:76:37:55:fb:99:26:07:72:90:9b:
90:ae:39:92:54:82:c6:83:83:9c:df:8b:e6:c3:3f:
3f:29:02:21:ff:3c:ff:76:b2:f5:71:e0:08:ac:b5:
bd:8c:9e:f0:e3:09:de:cb:82:e1:90:80:4d:49:dd:
a6:da:5f:a4:1d:fa:5f:5b:dd:34:3e:f2:fc:a9:bf:
ba:24:9e:71:7a:3b:37:2b:3f:8b:91:90:31:79:4d:
74:fd:60:82:2a:88:d5:0e:0e:69:42:12:6f:49:a9:
c4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:09:4C:F6:0A:E2:93:20:05:01:2F:60:61:6C:33:70:54:3E:47:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nwlM9grikyAFAS9gYWwzcFQ-R_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:eb:66:b1:fc:e5:09:ab:a6:6e:b6:0e:6b:63:2d:ca:30:1c:
77:d3:79:9b:7d:04:fe:d1:40:1e:08:0b:71:53:8f:b1:ab:3e:
cc:25:38:04:05:de:cb:22:ef:5f:e6:64:f1:9c:08:62:b1:42:
44:61:c2:e5:f9:34:17:dc:26:89:6c:4a:5e:29:d1:8b:db:e7:
ef:8d:8e:4d:ec:0c:3f:25:ed:f1:1d:2d:be:94:6a:47:b4:a9:
c4:b5:c5:9e:06:90:e8:44:22:f0:f5:12:2f:8d:d5:8f:f3:02:
37:74:4a:a3:27:ec:a4:64:7a:9b:6e:5a:9d:56:17:ac:0c:15:
21:44:75:32:cd:6a:43:b3:22:42:48:40:91:76:86:52:cd:e8:
1e:79:fa:44:29:f3:7e:55:fe:a7:78:ba:ae:a6:ab:e8:3f:b9:
1a:02:9b:8f:22:f6:60:dc:e4:fe:cf:29:da:78:2f:1c:97:88:
d4:78:fc:cd:b4:34:20:59:5e:03:af:43:70:0d:05:13:05:10:
3d:97:a7:4b:0b:d5:c4:85:21:cc:d5:6b:69:1c:f7:41:03:96:
6e:e5:2e:f0:dd:17:39:44:f7:52:6b:36:ab:ec:4b:dd:79:e8:
c2:66:3b:ec:d7:1b:b5:8b:f7:06:a3:6d:c7:cc:47:e6:69:5a:
16:8b:8c:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5bv+BXHLhfLOz15b/oHZ5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMTIwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA5NGNmNjBhZTI5MzIwMDUwMTJmNjA2MTZjMzM3MDU0M2U0N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1zaYAbwUwssj3HOZCRZsM6CtfpV
Xo6MZmF8hjk4A+pa70Ldqe6Qo97uRKm4MlDaDTfZOP7qqI2ovtKrxNcJ7ud2n0Z7
mXRfmBiS8MpZg1iaC32CwRvXj/+2TfUHc9Ia+vfb05bEprSg8pLvgJm0miGLTrlZ
UqBohAiOYoGChJ9faaCtLCoDOu7M8+ELGGs1KZTMyfGTdFcgUHY3VfuZJgdykJuQ
rjmSVILGg4Oc34vmwz8/KQIh/zz/drL1ceAIrLW9jJ7w4wney4LhkIBNSd2m2l+k
HfpfW900PvL8qb+6JJ5xejs3Kz+LkZAxeU10/WCCKojVDg5pQhJvSanEdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8JTPYK4pMgBQEvYGFsM3BUPkfyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbndsTTlncmlreUFGQVM5Z1lXd3pjRlEtUl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADnrZrH85Qmrpm62Dmtj
LcowHHfTeZt9BP7RQB4IC3FTj7GrPswlOAQF3ssi71/mZPGcCGKxQkRhwuX5NBfc
JolsSl4p0Yvb5++Njk3sDD8l7fEdLb6Uake0qcS1xZ4GkOhEIvD1Ei+N1Y/zAjd0
SqMn7KRkeptuWp1WF6wMFSFEdTLNakOzIkJIQJF2hlLN6B55+kQp835V/qd4uq6m
q+g/uRoCm48i9mDc5P7PKdp4LxyXiNR4/M20NCBZXgOvQ3ANBRMFED2Xp0sL1cSF
IczVa2kc90EDlm7lLvDdFzlE91JrNqvsS9156MJmO+zXG7WL9wajbcfMR+ZpWhaL
jLs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:49 2025 by rpki-client