Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nNWMWV22yRDJXzbmFRR6ed53XRA.roa
File: nNWMWV22yRDJXzbmFRR6ed53XRA.roa (raw, json)
Hash identifier: bvEAwfNeh/fEA9cO+qKgnDNzvz6Wh82eod6Jz3i6/Yg=
Subject key identifier: 9C:D5:8C:59:5D:B6:C9:10:C9:5F:36:E6:15:14:7A:79:DE:77:5D:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5F7181061D36C31A5E47308CC88C4A46
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nNWMWV22yRDJXzbmFRR6ed53XRA.roa
Signing time: Tue 24 Oct 2023 02:09:15 +0000
ROA not before: Tue 24 Oct 2023 02:09:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5f:71:81:06:1d:36:c3:1a:5e:47:30:8c:c8:8c:4a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 02:09:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd58c595db6c910c95f36e615147a79de775d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4e:75:ce:60:d8:28:e3:d4:e0:59:b6:04:30:
20:56:97:1f:1f:82:52:1a:60:88:9a:e4:1c:b2:fe:
bf:d7:cc:8a:af:21:e2:62:9a:57:67:a7:06:7c:10:
4f:d5:ff:26:19:da:eb:13:9d:b1:a1:c4:3b:b9:b5:
32:8d:68:25:f5:12:1e:25:1c:14:b0:e5:2c:b2:88:
31:b2:d3:cc:fa:c9:5b:03:12:04:02:51:41:b0:b0:
54:1d:b3:53:47:a9:0d:83:1d:a0:80:27:1c:50:2c:
b9:c3:9d:8b:4d:0c:be:f1:89:76:62:ad:c5:29:fc:
75:be:3e:fc:2a:57:63:96:65:2e:e6:82:3d:a9:1b:
45:db:cf:a9:0e:93:36:2c:54:36:b5:43:f1:d8:ca:
ab:d6:fb:c2:12:34:f4:36:9f:20:c3:60:94:8d:6d:
f6:6c:e0:82:24:fa:29:e8:61:32:20:77:c6:1a:c1:
4e:ef:1f:e0:ba:27:68:2e:04:56:7e:9a:32:31:bb:
bf:02:7d:3f:cf:18:1f:4b:ec:eb:df:31:26:65:b8:
b8:a7:d5:cc:5b:1d:79:2e:2c:5e:b2:52:2c:ad:4b:
2d:a4:de:38:68:9a:5b:c0:5a:63:47:0b:22:c1:91:
82:e8:3a:6f:ba:83:c3:68:be:c6:ad:3d:1e:b3:21:
c9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D5:8C:59:5D:B6:C9:10:C9:5F:36:E6:15:14:7A:79:DE:77:5D:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nNWMWV22yRDJXzbmFRR6ed53XRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:68:46:39:a9:39:9c:94:63:7c:a3:97:a7:ef:d1:07:d8:d8:
df:ca:ba:83:5d:95:8d:4c:27:73:f1:cc:65:1e:f4:e4:e3:c4:
76:4d:00:30:7a:6e:cf:af:e8:1e:e6:b8:38:e9:85:ef:75:b1:
7a:d8:28:c5:8b:50:76:cd:3b:1e:ad:7d:86:4d:ac:a5:ad:cb:
1d:a9:e6:94:52:34:12:55:32:84:11:ca:46:f8:4e:b2:b0:eb:
08:db:5e:46:13:6c:4c:c4:fb:47:f0:5a:92:fa:35:56:84:fe:
88:68:95:a8:fe:cf:80:a5:1e:dc:0c:cb:86:21:25:db:51:86:
b7:75:4e:d4:41:37:ae:9f:0a:42:4d:29:3f:8f:33:50:e2:64:
84:71:b6:7c:9e:65:b4:d0:8b:6b:7c:f9:42:d5:1f:ca:c5:28:
f3:2c:8d:d4:8f:39:25:e3:cd:a8:af:b7:c1:38:95:03:0e:5b:
6f:e1:26:06:e4:da:19:fc:9f:04:b8:83:c9:49:2c:78:72:2b:
90:d6:f5:0c:50:cc:cf:69:de:64:15:73:f4:99:15:39:33:33:
b6:6f:a6:98:ec:e7:f5:13:9c:1c:91:94:73:24:4f:85:06:11:
16:09:e2:6e:17:2b:75:5e:47:28:e6:8e:8f:22:e5:0a:0e:4f:
38:2c:9e:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtfcYEGHTbDGl5HMIzIjEpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MDIwOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q1OGM1OTVkYjZjOTEwYzk1ZjM2ZTYxNTE0N2E3OWRlNzc1ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk51zmDYKOPU4Fm2BDAgVpcfH4JS
GmCImuQcsv6/18yKryHiYppXZ6cGfBBP1f8mGdrrE52xocQ7ubUyjWgl9RIeJRwU
sOUssogxstPM+slbAxIEAlFBsLBUHbNTR6kNgx2ggCccUCy5w52LTQy+8Yl2Yq3F
Kfx1vj78KldjlmUu5oI9qRtF28+pDpM2LFQ2tUPx2Mqr1vvCEjT0Np8gw2CUjW32
bOCCJPop6GEyIHfGGsFO7x/guidoLgRWfpoyMbu/An0/zxgfS+zr3zEmZbi4p9XM
Wx15LixeslIsrUstpN44aJpbwFpjRwsiwZGC6DpvuoPDaL7GrT0esyHJdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJzVjFldtskQyV825hUUenned10QMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbk5XTVdWMjJ5UkRKWHpibUZSUjZlZDUzWFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVoRjmpOZyUY3yjl6fv
0QfY2N/KuoNdlY1MJ3PxzGUe9OTjxHZNADB6bs+v6B7muDjphe91sXrYKMWLUHbN
Ox6tfYZNrKWtyx2p5pRSNBJVMoQRykb4TrKw6wjbXkYTbEzE+0fwWpL6NVaE/oho
laj+z4ClHtwMy4YhJdtRhrd1TtRBN66fCkJNKT+PM1DiZIRxtnyeZbTQi2t8+ULV
H8rFKPMsjdSPOSXjzaivt8E4lQMOW2/hJgbk2hn8nwS4g8lJLHhyK5DW9QxQzM9p
3mQVc/SZFTkzM7Zvppjs5/UTnByRlHMkT4UGERYJ4m4XK3VeRyjmjo8i5QoOTzgs
niU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:26:10 2025 by rpki-client