Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NjhB3QKwnDmsIzLUIO2lbfnHUr8.roa
File: NjhB3QKwnDmsIzLUIO2lbfnHUr8.roa (raw, json)
Hash identifier: Wo0Tz6TKC0zcR4Oauz5IEHvyp03zIYRpvf2zEqmTDFg=
Subject key identifier: 36:38:41:DD:02:B0:9C:39:AC:23:32:D4:20:ED:A5:6D:F9:C7:52:BF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6357C945BE0DD38030E8AA0CEC41B453
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NjhB3QKwnDmsIzLUIO2lbfnHUr8.roa
Signing time: Tue 05 Sep 2023 03:16:52 +0000
ROA not before: Tue 05 Sep 2023 03:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:63:57:c9:45:be:0d:d3:80:30:e8:aa:0c:ec:41:b4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 03:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=363841dd02b09c39ac2332d420eda56df9c752bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:55:74:39:01:06:19:42:04:91:45:67:95:06:
1b:bc:2f:90:39:38:2e:c8:a5:96:66:30:5c:2a:2a:
d9:92:18:69:d0:50:8e:eb:00:65:d7:ea:21:fd:ea:
14:83:f2:b2:91:d9:bf:5e:e6:b1:37:c1:0d:b6:6a:
a5:cc:d1:7c:bd:ec:ec:b5:38:ac:91:d2:00:08:d8:
ed:3a:45:6e:94:0e:e1:7f:2e:a2:09:e0:27:58:54:
2a:55:5a:e6:69:ba:9c:26:65:3e:b4:46:fa:ab:ad:
bd:fc:52:48:0e:8b:03:97:5c:c9:89:d9:f9:47:c7:
a2:5b:c4:ed:20:72:55:47:27:da:38:c3:c4:b5:4b:
a6:ba:78:b6:a4:37:e5:d0:88:bd:ff:7e:d7:ca:d0:
a4:2c:8b:77:0c:c8:6a:e5:12:6c:db:14:ea:5a:a5:
67:bb:53:20:17:cc:5c:37:2a:ec:93:db:41:ed:6a:
37:7e:7a:08:23:bc:54:de:6d:92:1c:4a:50:ed:57:
ac:39:21:a0:3b:67:c5:c5:f1:d8:8c:98:48:90:05:
f0:47:92:80:a1:39:6a:b7:68:b7:89:cb:0a:44:d6:
a4:99:66:b5:02:31:a7:9f:7c:56:24:43:b0:66:0e:
8c:0a:18:f3:58:e0:28:44:e2:a2:fd:4f:8a:8e:79:
42:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:38:41:DD:02:B0:9C:39:AC:23:32:D4:20:ED:A5:6D:F9:C7:52:BF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/NjhB3QKwnDmsIzLUIO2lbfnHUr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:8a:5f:b9:d8:0d:ab:c0:e3:92:68:84:c6:ea:dc:2a:89:d9:
f7:32:9d:75:6a:e8:fd:36:5a:29:29:0a:8c:33:2e:b3:d3:dc:
85:bc:04:69:e5:c5:bc:30:6d:fc:ac:d2:0d:61:7f:58:0c:c1:
cf:fa:b0:6f:fe:4d:7f:3c:d5:12:1d:38:aa:9c:17:50:7d:8f:
3b:7d:03:d2:05:90:65:19:b1:5e:c1:db:24:c7:42:1f:15:67:
8f:7f:67:51:56:80:cb:b0:04:e5:a4:aa:e1:b8:13:21:17:20:
b4:24:b9:46:51:29:d3:9a:0d:23:d8:94:a7:8a:63:da:1c:bc:
01:28:c1:c2:30:9d:f2:f9:94:1b:a6:7f:e4:33:cd:86:42:83:
99:0c:0c:ea:66:c3:b0:19:9a:69:9e:b7:f8:6b:07:71:ed:a0:
03:84:46:cf:8f:0a:39:2a:65:76:cd:28:2a:ae:32:76:88:94:
e1:b8:b9:65:d5:b2:48:62:f3:85:1b:6d:16:f7:11:13:ed:54:
03:6a:0d:ab:85:94:a9:7d:5a:16:da:11:f7:a4:b4:05:0d:73:
11:0e:ee:e4:a8:27:b6:8e:59:f3:2f:81:45:f4:c3:b2:6f:44:
1a:8c:80:2f:07:68:d8:cf:3a:e3:b1:36:e2:4b:68:9b:c0:04:
d5:1b:1a:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpjV8lFvg3TgDDoqgzsQbRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MDMxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM4NDFkZDAyYjA5YzM5YWMyMzMyZDQyMGVkYTU2ZGY5Yzc1MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFV0OQEGGUIEkUVnlQYbvC+QOTgu
yKWWZjBcKirZkhhp0FCO6wBl1+oh/eoUg/Kykdm/XuaxN8ENtmqlzNF8vezstTis
kdIACNjtOkVulA7hfy6iCeAnWFQqVVrmabqcJmU+tEb6q629/FJIDosDl1zJidn5
R8eiW8TtIHJVRyfaOMPEtUumuni2pDfl0Ii9/37XytCkLIt3DMhq5RJs2xTqWqVn
u1MgF8xcNyrsk9tB7Wo3fnoII7xU3m2SHEpQ7VesOSGgO2fFxfHYjJhIkAXwR5KA
oTlqt2i3icsKRNakmWa1AjGnn3xWJEOwZg6MChjzWOAoROKi/U+KjnlC9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDY4Qd0CsJw5rCMy1CDtpW35x1K/MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTmpoQjNRS3duRG1zSXpMVUlPMmxiZm5IVXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADWKX7nYDavA45JohMbq
3CqJ2fcynXVq6P02WikpCowzLrPT3IW8BGnlxbwwbfys0g1hf1gMwc/6sG/+TX88
1RIdOKqcF1B9jzt9A9IFkGUZsV7B2yTHQh8VZ49/Z1FWgMuwBOWkquG4EyEXILQk
uUZRKdOaDSPYlKeKY9ocvAEowcIwnfL5lBumf+QzzYZCg5kMDOpmw7AZmmmet/hr
B3HtoAOERs+PCjkqZXbNKCquMnaIlOG4uWXVskhi84UbbRb3ERPtVANqDauFlKl9
WhbaEfektAUNcxEO7uSoJ7aOWfMvgUX0w7JvRBqMgC8HaNjPOuOxNuJLaJvABNUb
Gm8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:37 2025 by rpki-client