Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NjHHt3Jk7r2GDVqoPwloAPhUyds.roa
File: NjHHt3Jk7r2GDVqoPwloAPhUyds.roa (raw, json)
Hash identifier: B5dr0mVKzxv3ko4W6/pNCNuKJreByKkZg4irq6wXTWk=
Subject key identifier: 36:31:C7:B7:72:64:EE:BD:86:0D:5A:A8:3F:09:68:00:F8:54:C9:DB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7C342C953F46C988EA77FA9D7E113EF3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NjHHt3Jk7r2GDVqoPwloAPhUyds.roa
Signing time: Sun 29 Oct 2023 16:11:15 +0000
ROA not before: Sun 29 Oct 2023 16:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:34:2c:95:3f:46:c9:88:ea:77:fa:9d:7e:11:3e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 16:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3631c7b77264eebd860d5aa83f096800f854c9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a6:f9:36:50:e4:62:c0:3e:95:9a:e5:e2:e9:
74:1e:6b:4d:3f:ec:62:e1:a9:e2:1d:b1:7d:3d:6b:
bc:87:bc:10:0a:0f:dd:86:94:8e:c3:90:6e:08:b0:
4b:4f:c1:f5:af:5e:d1:98:65:e3:65:18:f8:97:60:
bb:34:94:1f:2f:0f:b8:46:5c:c4:7a:a9:0a:94:f5:
dc:88:47:23:a6:8c:ad:b3:b0:cc:18:d0:3d:c6:d7:
4d:fa:f0:29:85:2f:9c:da:1c:8a:97:06:87:94:2e:
43:e3:f5:13:65:b6:13:d8:f7:7e:99:c5:33:d6:bc:
db:a7:4c:1a:7b:6d:27:1b:c3:a0:c5:d5:2b:63:8d:
4c:3d:a3:d5:1d:56:61:bf:8a:29:d3:28:ca:48:f4:
c6:36:3e:5b:fb:48:a5:fa:af:9c:99:2d:27:0c:99:
81:48:cd:00:d8:52:59:bd:72:79:31:cc:2d:32:bc:
47:ff:43:9c:5d:77:f4:fe:a1:8f:06:18:e4:91:68:
39:21:e9:e4:40:3a:b1:3b:18:d4:81:38:4e:97:1f:
d9:c7:d6:d9:82:01:2d:98:f3:91:3c:6b:b5:86:4e:
7d:27:e0:1c:7a:52:08:a5:3b:c6:15:7e:ac:8e:f3:
5e:50:e1:d5:42:43:92:c8:40:bc:c3:ef:c4:1e:f1:
4a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:31:C7:B7:72:64:EE:BD:86:0D:5A:A8:3F:09:68:00:F8:54:C9:DB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NjHHt3Jk7r2GDVqoPwloAPhUyds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:9f:a4:02:e2:82:af:01:6d:0f:80:f8:83:a2:7b:22:64:59:
de:44:b2:6e:b9:eb:59:ae:fb:f2:f7:27:74:ae:90:9e:76:5b:
6b:d8:67:6c:10:92:f9:a2:f9:39:42:97:82:a6:11:55:61:4d:
99:bd:eb:a4:bc:06:98:72:e5:f9:26:59:5e:1e:60:36:db:c0:
19:3a:ec:db:3e:76:39:ab:04:ac:dd:95:53:02:b6:1a:7d:f6:
8d:5f:e5:68:7c:a3:8f:56:54:81:ec:e2:7f:d3:37:2d:db:d2:
dd:70:24:92:a6:26:1e:3b:c5:10:86:d5:49:a0:9d:9a:f8:e6:
4a:f5:e9:1e:fe:05:61:db:0d:ea:53:24:c7:5e:01:d2:5a:ff:
dc:98:40:22:f3:f6:5b:f0:b8:f3:3f:da:e0:a2:06:43:ab:e8:
74:01:f7:4c:16:af:34:90:e5:c1:69:b5:15:a7:66:36:8f:6d:
3e:83:08:a4:b5:2f:2e:2a:3b:a9:41:39:f8:56:ae:fb:e2:d5:
09:3a:21:8e:40:76:2e:29:83:eb:bf:bd:13:3e:f8:fa:73:12:
34:16:99:b5:4d:2a:5b:51:2f:ec:b2:c2:c2:b3:bd:9b:8b:e2:
26:1e:f2:7d:b2:e7:ba:6d:50:e4:00:23:4e:8d:ff:df:1f:a5:
f2:9f:5e:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt8NCyVP0bJiOp3+p1+ET7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTYxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjMxYzdiNzcyNjRlZWJkODYwZDVhYTgzZjA5NjgwMGY4NTRjOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoab5NlDkYsA+lZrl4ul0HmtNP+xi
4aniHbF9PWu8h7wQCg/dhpSOw5BuCLBLT8H1r17RmGXjZRj4l2C7NJQfLw+4RlzE
eqkKlPXciEcjpoyts7DMGNA9xtdN+vAphS+c2hyKlwaHlC5D4/UTZbYT2Pd+mcUz
1rzbp0wae20nG8OgxdUrY41MPaPVHVZhv4op0yjKSPTGNj5b+0il+q+cmS0nDJmB
SM0A2FJZvXJ5McwtMrxH/0OcXXf0/qGPBhjkkWg5IenkQDqxOxjUgThOlx/Zx9bZ
ggEtmPORPGu1hk59J+AcelIIpTvGFX6sjvNeUOHVQkOSyEC8w+/EHvFKQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYxx7dyZO69hg1aqD8JaAD4VMnbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTmpISHQzSms3cjJHRFZxb1B3bG9BUGhVeWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+fpALigq8BbQ+A+IOi
eyJkWd5Esm6561mu+/L3J3SukJ52W2vYZ2wQkvmi+TlCl4KmEVVhTZm966S8Bphy
5fkmWV4eYDbbwBk67Ns+djmrBKzdlVMCthp99o1f5Wh8o49WVIHs4n/TNy3b0t1w
JJKmJh47xRCG1UmgnZr45kr16R7+BWHbDepTJMdeAdJa/9yYQCLz9lvwuPM/2uCi
BkOr6HQB90wWrzSQ5cFptRWnZjaPbT6DCKS1Ly4qO6lBOfhWrvvi1Qk6IY5Adi4p
g+u/vRM++PpzEjQWmbVNKltRL+yywsKzvZuL4iYe8n2y57ptUOQAI06N/98fpfKf
Xoc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:14 2025 by rpki-client