Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NL6fSdyG2sPqKxPvcsWlelzCkew.roa
File: NL6fSdyG2sPqKxPvcsWlelzCkew.roa (raw, json)
Hash identifier: Y40DCSSOUE8o66RICxA2AmC3Cfx8hr/CcOeEq+GQmY8=
Subject key identifier: 34:BE:9F:49:DC:86:DA:C3:EA:2B:13:EF:72:C5:A5:7A:5C:C2:91:EC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4884F8E787F752F3B62C5E5C11984D18
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NL6fSdyG2sPqKxPvcsWlelzCkew.roa
Signing time: Thu 19 Oct 2023 15:19:15 +0000
ROA not before: Thu 19 Oct 2023 15:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:84:f8:e7:87:f7:52:f3:b6:2c:5e:5c:11:98:4d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 15:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34be9f49dc86dac3ea2b13ef72c5a57a5cc291ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5e:5b:26:26:43:e9:16:33:b9:47:e9:5b:8f:
f5:84:c7:81:5c:68:ef:a9:ca:7c:9e:91:3a:61:9c:
4d:fb:c3:f8:30:eb:7e:f8:45:ce:a4:df:ee:a4:6a:
5d:18:5a:fb:67:14:5e:a3:e1:3e:a8:90:59:21:e0:
cc:89:98:42:62:b5:56:b8:20:89:6e:b9:38:90:ed:
d2:b0:6b:58:9b:37:72:e4:79:54:79:18:97:3e:3b:
e0:9c:2c:54:28:f6:f4:73:be:64:67:3d:3f:51:53:
fd:7a:d5:27:4e:70:4d:94:99:03:7b:81:98:df:fc:
c5:c9:66:9e:8f:42:f5:d1:e2:fb:bd:00:a3:23:a5:
5e:a2:0e:6f:3f:e3:9c:02:c1:ce:7b:62:ec:b2:50:
8e:0c:d5:16:c4:b7:b0:a5:15:1a:fe:82:4f:03:5f:
eb:9c:eb:2f:48:ff:ad:04:f4:80:32:a1:67:cb:54:
9b:54:0a:6a:65:e0:c5:94:97:00:95:e1:a5:7e:a6:
8a:79:99:fe:cd:b8:ce:5e:52:85:c9:4c:77:45:0e:
b6:59:9a:5b:1f:28:ab:9a:db:55:77:58:b7:d4:68:
37:a6:5b:89:7d:31:2d:ef:0c:3a:fd:62:b4:a2:71:
14:51:42:a9:b6:d2:80:8d:fb:e8:41:dd:2c:b1:f1:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BE:9F:49:DC:86:DA:C3:EA:2B:13:EF:72:C5:A5:7A:5C:C2:91:EC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NL6fSdyG2sPqKxPvcsWlelzCkew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:f0:aa:df:87:19:20:23:31:19:f4:ec:4c:b8:d8:a0:93:98:
71:5d:09:89:cc:bb:9b:43:93:82:e0:7f:93:0e:e9:7a:e9:cc:
2a:1c:80:bd:a1:22:b9:89:74:21:93:4c:ca:32:e7:6b:64:d9:
ce:48:5b:80:16:a0:2f:e2:e4:50:cd:b5:42:ad:0f:1c:16:d0:
55:c9:2f:0b:22:46:14:54:ba:e5:6a:6a:84:83:cd:77:00:1b:
c1:f4:77:77:10:5f:ee:8a:65:e0:8c:ad:dd:0b:92:a1:61:b2:
80:12:06:18:16:40:16:b4:0b:f5:5e:74:27:b3:8c:9c:d4:f6:
94:4a:c9:1b:3c:46:26:28:c4:87:6e:6f:bd:f5:90:c8:42:55:
e1:8e:7e:61:b5:53:70:0a:32:ca:b6:4e:4c:6f:6d:0a:67:00:
9f:d3:1e:87:26:1c:20:1c:b6:06:a3:52:cc:ad:c9:76:7b:5d:
10:f9:e2:42:50:5a:ac:40:e1:0a:9b:62:7d:63:cb:13:12:10:
aa:10:cf:ae:d2:78:c1:37:f2:d1:8a:c8:53:b0:5b:9e:7d:29:
2c:a5:20:14:3a:3d:7b:63:9a:25:93:31:31:92:02:b7:e5:8e:
70:8b:75:cf:a0:87:2a:98:97:7a:fb:b3:42:8c:4d:e2:3a:5f:
73:8f:fb:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtIhPjnh/dS87YsXlwRmE0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MTUxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJlOWY0OWRjODZkYWMzZWEyYjEzZWY3MmM1YTU3YTVjYzI5MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl5bJiZD6RYzuUfpW4/1hMeBXGjv
qcp8npE6YZxN+8P4MOt++EXOpN/upGpdGFr7ZxReo+E+qJBZIeDMiZhCYrVWuCCJ
brk4kO3SsGtYmzdy5HlUeRiXPjvgnCxUKPb0c75kZz0/UVP9etUnTnBNlJkDe4GY
3/zFyWaej0L10eL7vQCjI6Veog5vP+OcAsHOe2LsslCODNUWxLewpRUa/oJPA1/r
nOsvSP+tBPSAMqFny1SbVApqZeDFlJcAleGlfqaKeZn+zbjOXlKFyUx3RQ62WZpb
HyirmttVd1i31Gg3pluJfTEt7ww6/WK0onEUUUKpttKAjfvoQd0ssfGqnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDS+n0nchtrD6isT73LFpXpcwpHsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTkw2ZlNkeUcyc1BxS3hQdmNzV2xlbHpDa2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/wqt+HGSAjMRn07Ey4
2KCTmHFdCYnMu5tDk4Lgf5MO6XrpzCocgL2hIrmJdCGTTMoy52tk2c5IW4AWoC/i
5FDNtUKtDxwW0FXJLwsiRhRUuuVqaoSDzXcAG8H0d3cQX+6KZeCMrd0LkqFhsoAS
BhgWQBa0C/VedCezjJzU9pRKyRs8RiYoxIdub731kMhCVeGOfmG1U3AKMsq2Tkxv
bQpnAJ/THocmHCActgajUsytyXZ7XRD54kJQWqxA4QqbYn1jyxMSEKoQz67SeME3
8tGKyFOwW559KSylIBQ6PXtjmiWTMTGSArfljnCLdc+ghyqYl3r7s0KMTeI6X3OP
+xw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:38:53 2025 by rpki-client