Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NN0mZHXb-0ABc42egiw3r2eiX1E.roa
File: NN0mZHXb-0ABc42egiw3r2eiX1E.roa (raw, json)
Hash identifier: 0UG5JVXQur43vdadG1g7uvMe1O+61w3bYRUOTT0B4qw=
Subject key identifier: 34:DD:26:64:75:DB:FB:40:01:73:8D:9E:82:2C:37:AF:67:A2:5F:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9B196C6FF723E15DEC340D2F3287311C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NN0mZHXb-0ABc42egiw3r2eiX1E.roa
Signing time: Sat 04 Nov 2023 16:10:16 +0000
ROA not before: Sat 04 Nov 2023 16:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:19:6c:6f:f7:23:e1:5d:ec:34:0d:2f:32:87:31:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 16:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34dd266475dbfb4001738d9e822c37af67a25f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:ae:5a:2a:8c:7d:e1:8c:fe:30:6e:c3:fe:
56:a5:b7:b9:19:fb:bb:72:21:cd:19:43:b6:05:48:
02:48:86:d2:b3:18:ea:d1:b0:39:b9:5f:e0:6b:93:
ae:13:f4:9d:18:96:a0:44:3c:0b:0a:83:4d:d4:a2:
09:7e:01:da:9e:9a:bc:ef:cc:7f:a3:9b:81:9f:28:
63:2f:2a:99:22:54:0e:25:e1:53:a8:73:07:6f:f7:
df:50:92:c9:0a:da:40:d5:79:a7:6c:de:6f:5c:97:
31:99:f5:0b:c6:46:ac:f3:8f:e9:c9:b1:fa:11:a6:
1a:9f:9a:30:e7:9b:ad:76:ba:bf:10:38:32:48:f4:
f1:2f:fd:23:c3:54:ab:36:9b:a4:0e:f8:96:a6:ab:
a3:f4:e0:fd:f4:6f:48:59:a0:d0:39:2a:af:b7:f5:
dc:b1:a8:8b:78:53:ad:c5:b0:15:ed:de:96:4d:10:
2d:ce:95:21:57:2e:ff:10:d7:29:9b:88:b9:42:42:
2a:be:bf:1b:6d:fc:33:0f:9d:c3:a0:45:f5:75:9a:
0f:da:29:ac:ba:6d:ea:90:fb:c5:26:44:7c:84:ec:
85:ee:0d:80:5a:ed:c8:f6:fb:c1:df:73:fa:f3:16:
16:6e:0d:5e:27:c0:3e:0d:29:7f:32:a2:81:79:12:
d3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DD:26:64:75:DB:FB:40:01:73:8D:9E:82:2C:37:AF:67:A2:5F:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NN0mZHXb-0ABc42egiw3r2eiX1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:9d:28:10:da:0b:a2:cd:1f:dd:06:3a:5f:17:7d:8e:3d:df:
39:82:4a:69:8a:95:9f:e9:43:a8:0f:61:a6:c0:f8:0e:ea:03:
8f:b7:86:20:d1:b5:6e:ed:3e:4f:dc:74:08:f1:15:de:22:05:
a8:98:3e:8b:28:31:12:7c:88:77:70:65:9d:9d:e3:e2:d9:3c:
a4:cf:fe:4a:f2:cf:e9:e7:4d:f2:5a:df:ff:fc:53:21:73:eb:
28:6d:0a:83:7c:1e:5c:f8:a7:df:33:d7:b5:15:c4:95:42:73:
62:36:9d:32:89:f3:87:b9:28:0d:7d:76:cf:42:83:0d:cf:30:
87:2d:5b:17:ec:d9:54:a5:ad:4b:67:84:25:a3:13:3a:9f:3f:
ef:71:80:ab:20:1c:f8:d5:c4:46:fa:f2:92:f3:53:6a:e0:ab:
b3:92:df:5e:37:3e:70:81:ae:4d:4b:6d:7d:fe:c9:36:59:eb:
80:cb:00:f7:19:8d:02:60:97:98:69:0c:43:6e:c5:6f:d6:52:
19:04:65:ea:8f:0b:ca:a1:69:8a:59:e6:fa:39:fa:c7:79:db:
1b:84:bd:74:dc:a0:40:6c:f4:b0:9a:98:b9:90:17:0e:13:23:
47:05:5b:56:1c:2d:95:aa:9d:ee:c7:36:72:a7:02:7a:14:ab:
a7:c0:92:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYubGWxv9yPhXew0DS8yhzEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MTYxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRkMjY2NDc1ZGJmYjQwMDE3MzhkOWU4MjJjMzdhZjY3YTI1ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnciuWiqMfeGM/jBuw/5Wpbe5Gfu7
ciHNGUO2BUgCSIbSsxjq0bA5uV/ga5OuE/SdGJagRDwLCoNN1KIJfgHanpq878x/
o5uBnyhjLyqZIlQOJeFTqHMHb/ffUJLJCtpA1XmnbN5vXJcxmfULxkas84/pybH6
EaYan5ow55utdrq/EDgySPTxL/0jw1SrNpukDviWpquj9OD99G9IWaDQOSqvt/Xc
saiLeFOtxbAV7d6WTRAtzpUhVy7/ENcpm4i5QkIqvr8bbfwzD53DoEX1dZoP2ims
um3qkPvFJkR8hOyF7g2AWu3I9vvB33P68xYWbg1eJ8A+DSl/MqKBeRLTKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDTdJmR12/tAAXONnoIsN69nol9RMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTk4wbVpIWGItMEFCYzQyZWdpdzNyMmVpWDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHadKBDaC6LNH90GOl8X
fY493zmCSmmKlZ/pQ6gPYabA+A7qA4+3hiDRtW7tPk/cdAjxFd4iBaiYPosoMRJ8
iHdwZZ2d4+LZPKTP/kryz+nnTfJa3//8UyFz6yhtCoN8Hlz4p98z17UVxJVCc2I2
nTKJ84e5KA19ds9Cgw3PMIctWxfs2VSlrUtnhCWjEzqfP+9xgKsgHPjVxEb68pLz
U2rgq7OS3143PnCBrk1LbX3+yTZZ64DLAPcZjQJgl5hpDENuxW/WUhkEZeqPC8qh
aYpZ5vo5+sd52xuEvXTcoEBs9LCamLmQFw4TI0cFW1YcLZWqne7HNnKnAnoUq6fA
krU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:52:34 2025 by rpki-client