Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NpeoOO2yD_KJJMRDNPMgiUpOE_Q.roa
File: NpeoOO2yD_KJJMRDNPMgiUpOE_Q.roa (raw, json)
Hash identifier: pzAYEl+w8F4EHZoagYKwsLUc9+w0FTCM/YTpIDgCgxs=
Subject key identifier: 36:97:A8:38:ED:B2:0F:F2:89:24:C4:43:34:F3:20:89:4A:4E:13:F4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCAF2E382F517E9CABD5BD7EB35177B39
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NpeoOO2yD_KJJMRDNPMgiUpOE_Q.roa
Signing time: Mon 13 Nov 2023 23:09:57 +0000
ROA not before: Mon 13 Nov 2023 23:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:f2:e3:82:f5:17:e9:ca:bd:5b:d7:eb:35:17:7b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 23:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3697a838edb20ff28924c44334f320894a4e13f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:21:e4:e9:e3:c6:b8:5f:1e:aa:47:ab:0f:
cf:07:18:0b:31:6d:de:04:9e:b1:25:72:bf:4e:46:
83:8d:45:48:07:7f:46:2f:89:64:cd:df:59:bf:13:
e1:08:38:63:6a:c2:ff:44:bd:6c:59:6b:b4:b5:79:
47:a5:f6:aa:d7:a8:1d:96:da:7d:71:d7:92:4d:54:
7c:bc:4e:31:04:64:d3:04:b0:0f:ab:5a:38:7c:b2:
02:e3:31:8f:1f:62:2c:b2:57:d2:9e:33:c7:6c:03:
84:1a:13:4a:00:c1:b6:d6:60:12:f1:2c:1b:a4:b7:
cb:08:a4:a4:72:0a:32:79:44:6c:9d:48:b2:3e:27:
65:77:c9:fd:86:c5:0c:7a:d2:74:f4:98:af:41:83:
50:b0:24:fb:8e:81:a7:4a:df:1e:10:2c:a9:3b:04:
6b:8d:41:ba:55:38:83:8d:0f:91:61:84:56:50:9b:
0c:43:ec:e1:57:13:95:02:42:af:29:0b:ac:b6:b5:
64:42:c4:40:32:73:e7:56:83:79:5e:aa:45:27:bc:
28:4d:aa:f3:21:4b:2b:c5:c1:8c:e8:77:65:77:94:
dd:e6:6d:89:36:5d:eb:3f:c9:0e:f3:e5:fe:8d:fe:
09:a7:71:7a:18:51:1f:88:8f:f7:a6:d9:56:06:4d:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:97:A8:38:ED:B2:0F:F2:89:24:C4:43:34:F3:20:89:4A:4E:13:F4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NpeoOO2yD_KJJMRDNPMgiUpOE_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:22:16:eb:a7:92:20:99:76:8b:15:73:a5:92:23:3d:c4:65:
62:52:3f:c0:b8:69:74:24:6f:f0:2d:45:f9:50:2c:fe:6f:2b:
cf:68:72:f8:32:f5:49:41:69:7a:a5:22:98:a3:1d:2d:d8:f4:
67:64:66:2c:19:a9:6a:fc:17:0e:c5:b8:9d:12:8d:a6:29:45:
e3:ec:60:0a:a9:ec:0c:ee:96:8a:1e:c3:cc:ac:07:b2:c0:e8:
79:2c:2c:dc:b2:1f:49:7a:ef:69:c4:d1:d7:a2:99:c6:b0:97:
4f:4f:02:f6:79:66:a4:6b:48:04:ae:eb:6e:a5:1f:c3:3d:6d:
34:ff:e5:cc:03:ba:aa:9d:44:b9:fb:89:b2:5d:1a:aa:46:4d:
77:d4:a0:fa:5e:67:b2:91:f9:9b:d0:a9:4e:2d:fb:94:3c:a5:
24:81:d8:88:34:78:8f:c6:41:d1:08:96:6e:8f:fb:fd:27:1c:
a1:e7:1e:6c:19:48:ce:00:6f:82:8a:29:3b:af:72:06:a5:73:
01:59:94:1a:fe:34:6e:8f:b9:d4:ab:3e:bc:f3:66:87:68:ed:
01:7c:16:c1:01:90:b8:a7:fc:1b:36:61:ef:d7:ae:c2:f8:14:
2b:0a:ad:02:42:54:27:69:f8:a8:0f:8e:3c:92:87:b7:56:a4:
fb:3b:df:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvK8uOC9Rfpyr1b1+s1F3s5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMjMwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk3YTgzOGVkYjIwZmYyODkyNGM0NDMzNGYzMjA4OTRhNGUxM2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwach5OnjxrhfHqpHqw/PBxgLMW3e
BJ6xJXK/TkaDjUVIB39GL4lkzd9ZvxPhCDhjasL/RL1sWWu0tXlHpfaq16gdltp9
cdeSTVR8vE4xBGTTBLAPq1o4fLIC4zGPH2IsslfSnjPHbAOEGhNKAMG21mAS8Swb
pLfLCKSkcgoyeURsnUiyPidld8n9hsUMetJ09JivQYNQsCT7joGnSt8eECypOwRr
jUG6VTiDjQ+RYYRWUJsMQ+zhVxOVAkKvKQustrVkQsRAMnPnVoN5XqpFJ7woTarz
IUsrxcGM6Hdld5Td5m2JNl3rP8kO8+X+jf4Jp3F6GFEfiI/3ptlWBk1PIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDaXqDjtsg/yiSTEQzTzIIlKThP0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTnBlb09PMnlEX0tKSk1SRE5QTWdpVXBPRV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACIiFuunkiCZdosVc6WS
Iz3EZWJSP8C4aXQkb/AtRflQLP5vK89ocvgy9UlBaXqlIpijHS3Y9GdkZiwZqWr8
Fw7FuJ0SjaYpRePsYAqp7Azulooew8ysB7LA6HksLNyyH0l672nE0deimcawl09P
AvZ5ZqRrSASu626lH8M9bTT/5cwDuqqdRLn7ibJdGqpGTXfUoPpeZ7KR+ZvQqU4t
+5Q8pSSB2Ig0eI/GQdEIlm6P+/0nHKHnHmwZSM4Ab4KKKTuvcgalcwFZlBr+NG6P
udSrPrzzZodo7QF8FsEBkLin/Bs2Ye/XrsL4FCsKrQJCVCdp+KgPjjySh7dWpPs7
3yw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:05:51 2025 by rpki-client