Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nxsq7MBBJ52oTGRdx2Wu-jtQH9Q.roa
File: nxsq7MBBJ52oTGRdx2Wu-jtQH9Q.roa (raw, json)
Hash identifier: ja0mam6MBo6Zz0+vve3hI4rPhADlAeW0r+iid3rXwcM=
Subject key identifier: 9F:1B:2A:EC:C0:41:27:9D:A8:4C:64:5D:C7:65:AE:FA:3B:50:1F:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF6B70DBDEA57221F09DD5A4DBD0AE636
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nxsq7MBBJ52oTGRdx2Wu-jtQH9Q.roa
Signing time: Thu 11 Jan 2024 04:10:40 +0000
ROA not before: Thu 11 Jan 2024 04:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:b7:0d:bd:ea:57:22:1f:09:dd:5a:4d:bd:0a:e6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 04:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f1b2aecc041279da84c645dc765aefa3b501fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:ef:b5:db:1d:75:7e:2e:1f:8a:0c:e8:3b:
68:1b:d9:35:87:df:05:14:bf:2a:32:20:13:36:4f:
20:8e:dd:f4:d8:4d:44:57:ea:ac:86:60:3b:9a:9b:
cd:03:a9:66:52:06:77:40:07:ef:27:20:1d:8d:0b:
a8:f6:1d:6a:1f:a2:d0:a6:bc:cc:f6:26:5a:84:2b:
9a:55:5c:cb:9f:c3:35:43:09:1e:84:df:36:f3:0e:
a1:9d:9f:c8:1c:af:58:b8:9c:57:09:4a:d1:6c:35:
7b:9a:33:d2:5d:a7:cd:93:e7:27:83:f7:c1:ef:40:
af:a6:95:90:8e:7e:9f:c6:86:db:aa:f9:d6:52:3d:
ff:4a:91:11:70:a6:30:09:92:86:1e:86:c2:18:c9:
75:ed:f3:30:2c:5d:66:b6:78:5b:a9:4e:d6:d6:a2:
ae:04:18:7e:04:94:09:fa:55:91:aa:44:19:47:ad:
4f:9a:d0:6f:3d:de:21:e0:26:2a:2a:10:3f:9b:b8:
22:fd:15:ea:d4:5c:40:44:c4:22:1e:25:02:c3:f5:
64:f1:8c:8d:e3:50:9b:ac:b8:d4:29:3d:1d:51:cf:
5d:f7:67:09:f1:0a:03:36:84:5c:fd:14:eb:82:80:
13:38:03:a1:a7:10:fe:f5:17:cc:b3:07:ee:9e:4e:
de:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1B:2A:EC:C0:41:27:9D:A8:4C:64:5D:C7:65:AE:FA:3B:50:1F:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nxsq7MBBJ52oTGRdx2Wu-jtQH9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:b8:22:56:30:ce:25:d7:5c:91:8a:34:a7:c3:34:af:e0:43:
30:19:92:f2:d9:bb:d9:b0:5e:c9:1f:ec:aa:0f:c3:14:8a:5d:
d8:31:33:13:70:88:aa:49:3b:d0:1e:16:e8:cd:78:ba:df:21:
93:bd:e7:1b:83:f0:88:c1:09:94:df:d5:30:86:e8:f6:d0:4f:
33:20:ac:a3:39:5b:d1:3f:74:7b:71:ee:f3:f6:fd:93:64:66:
97:45:54:b4:09:06:4f:ec:36:69:b7:12:e8:b2:4f:c4:be:86:
51:03:4c:af:30:52:10:7a:b3:0d:6f:a3:d2:b3:92:64:95:b6:
a7:fd:c6:74:dd:0b:e6:b3:ea:46:98:03:47:49:9e:63:a4:a3:
b9:d6:c3:7f:a6:d7:9d:75:c1:88:0e:7a:42:a2:bc:44:f3:0a:
b0:22:b4:7f:d6:eb:48:58:e3:55:62:ff:17:0a:2c:26:df:ae:
d6:2f:0c:9e:cc:d7:cd:47:8a:73:09:6c:37:f3:14:75:a4:3e:
a2:7a:6c:ac:68:1f:3b:a6:d6:9f:93:98:b9:73:14:40:50:21:
7d:36:c9:e8:2f:3f:9f:42:61:35:04:30:7c:0a:c0:fb:a7:49:
2c:af:f8:c1:b0:b9:da:78:b1:2d:b4:90:22:2a:c5:e7:8c:aa:
7c:78:48:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz2tw296lciHwndWk29CuY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDQxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFiMmFlY2MwNDEyNzlkYTg0YzY0NWRjNzY1YWVmYTNiNTAxZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAbvtdsddX4uH4oM6DtoG9k1h98F
FL8qMiATNk8gjt302E1EV+qshmA7mpvNA6lmUgZ3QAfvJyAdjQuo9h1qH6LQprzM
9iZahCuaVVzLn8M1QwkehN828w6hnZ/IHK9YuJxXCUrRbDV7mjPSXafNk+cng/fB
70CvppWQjn6fxobbqvnWUj3/SpERcKYwCZKGHobCGMl17fMwLF1mtnhbqU7W1qKu
BBh+BJQJ+lWRqkQZR61PmtBvPd4h4CYqKhA/m7gi/RXq1FxARMQiHiUCw/Vk8YyN
41CbrLjUKT0dUc9d92cJ8QoDNoRc/RTrgoATOAOhpxD+9RfMswfunk7e5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8bKuzAQSedqExkXcdlrvo7UB/UMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbnhzcTdNQkJKNTJvVEdSZHgyV3UtanRRSDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABy4IlYwziXXXJGKNKfD
NK/gQzAZkvLZu9mwXskf7KoPwxSKXdgxMxNwiKpJO9AeFujNeLrfIZO95xuD8IjB
CZTf1TCG6PbQTzMgrKM5W9E/dHtx7vP2/ZNkZpdFVLQJBk/sNmm3EuiyT8S+hlED
TK8wUhB6sw1vo9KzkmSVtqf9xnTdC+az6kaYA0dJnmOko7nWw3+m1511wYgOekKi
vETzCrAitH/W60hY41Vi/xcKLCbfrtYvDJ7M181HinMJbDfzFHWkPqJ6bKxoHzum
1p+TmLlzFEBQIX02yegvP59CYTUEMHwKwPunSSyv+MGwudp4sS20kCIqxeeMqnx4
SLU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:06 2025 by rpki-client