Route Origin Authorization
$ rpki-client -vvf rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e203136353039.roa
File: 323030313a3766633a3a2f34372d3437203d3e203136353039.roa (raw, json)
Hash identifier: GWV89B1K+Kijb4rGNqXeNuyXA561UCLk9DNU515j3Jg=
Subject key identifier: 66:FA:65:DF:F1:D8:70:D7:AC:0E:66:43:76:F7:8C:C0:B2:A3:97:86
Certificate issuer: /CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Certificate serial: 2EF291D77D32785F668308CDD25C1560C225FAD6
Authority key identifier: D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject info access: rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e203136353039.roa
Signing time: Tue 05 Jan 2021 15:32:58 +0000
ROA not before: Tue 05 Jan 2021 15:27:58 +0000
ROA not after: Tue 04 Jan 2022 15:32:58 +0000
asID: 16509
IP address blocks: 2001:7fc::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f2:91:d7:7d:32:78:5f:66:83:08:cd:d2:5c:15:60:c2:25:fa:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Validity
Not Before: Jan 5 15:27:58 2021 GMT
Not After : Jan 4 15:32:58 2022 GMT
Subject: CN=3082010A0282010100D0083B4F934232EB9346F4D77F31C9A7D03CF43EC26BEC989D68B5F198C3D890E4AF265940C3E2F2E6F9269F4CE6B4810686408F6369D6B8FD936B0215786DB572EF20DC39ED622AF45826FD49E1E5FA23D9B9DA536C2501DE46784A803A701A8300E76957B28C763273AE61183878A624FF4BA671C375615E9237EBAB59D8E04F9C3FE75F39F70FD09E56173410D65B42C05C1CDB1E687EF132FC3CDAB4B2C404A27D82D682DD17A7D44D7844804C3A4E14276CAA091FC6B08668B5C2002A1530BAD4C5DCC332194B2DBECDEBA92988D0B30D72D8440CDD06FAE5C7AFD8FAE624685D557740EE5C764C96AC36FA8EA0B6070F950C51B537791E4673184248290203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:08:3b:4f:93:42:32:eb:93:46:f4:d7:7f:31:
c9:a7:d0:3c:f4:3e:c2:6b:ec:98:9d:68:b5:f1:98:
c3:d8:90:e4:af:26:59:40:c3:e2:f2:e6:f9:26:9f:
4c:e6:b4:81:06:86:40:8f:63:69:d6:b8:fd:93:6b:
02:15:78:6d:b5:72:ef:20:dc:39:ed:62:2a:f4:58:
26:fd:49:e1:e5:fa:23:d9:b9:da:53:6c:25:01:de:
46:78:4a:80:3a:70:1a:83:00:e7:69:57:b2:8c:76:
32:73:ae:61:18:38:78:a6:24:ff:4b:a6:71:c3:75:
61:5e:92:37:eb:ab:59:d8:e0:4f:9c:3f:e7:5f:39:
f7:0f:d0:9e:56:17:34:10:d6:5b:42:c0:5c:1c:db:
1e:68:7e:f1:32:fc:3c:da:b4:b2:c4:04:a2:7d:82:
d6:82:dd:17:a7:d4:4d:78:44:80:4c:3a:4e:14:27:
6c:aa:09:1f:c6:b0:86:68:b5:c2:00:2a:15:30:ba:
d4:c5:dc:c3:32:19:4b:2d:be:cd:eb:a9:29:88:d0:
b3:0d:72:d8:44:0c:dd:06:fa:e5:c7:af:d8:fa:e6:
24:68:5d:55:77:40:ee:5c:76:4c:96:ac:36:fa:8e:
a0:b6:07:0f:95:0c:51:b5:37:79:1e:46:73:18:42:
48:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FA:65:DF:F1:D8:70:D7:AC:0E:66:43:76:F7:8C:C0:B2:A3:97:86
X509v3 Authority Key Identifier:
keyid:D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/D724C2D90D5BCC9FDA54755EFC8C903ACB01D02E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:7fc::/47
Signature Algorithm: sha256WithRSAEncryption
1e:db:4a:83:9a:16:3c:ed:5e:13:02:04:7a:34:87:4c:f6:2e:
8b:ca:0d:a5:ce:53:ad:f4:5d:8a:10:98:bd:56:06:ca:4f:f9:
a0:b1:95:8d:06:e1:20:f6:59:a2:06:de:30:86:ff:4a:5c:e4:
4e:c4:55:a5:35:7c:04:80:eb:9f:69:13:99:3e:be:d1:8c:21:
d3:b1:1c:f9:6c:63:f5:4f:14:8a:da:25:83:34:b8:26:76:9c:
a4:1c:08:34:44:03:36:18:ae:6d:b8:cb:e9:e8:98:27:9d:ba:
01:18:fe:96:0a:49:39:de:d4:fa:02:2b:4f:79:70:87:ba:49:
8e:d7:5e:ea:29:8c:9b:7c:2a:f8:d4:ee:26:e3:3c:51:40:7f:
2e:b6:d5:fe:6a:7c:d5:75:fb:7e:43:27:c3:e5:8b:ba:e6:d5:
1f:a9:5d:83:1f:30:cf:64:23:78:a4:b0:36:3a:1d:35:d9:67:
f4:bb:2c:d1:07:f0:7d:ac:4f:94:a8:51:1d:df:68:c3:27:7f:
05:b9:d1:25:3b:a4:f3:d9:19:fe:55:88:c5:86:25:97:4d:2d:
b8:51:5e:fe:d3:14:7f:96:c8:c2:b6:0a:5f:3c:fb:97:23:7f:
a8:b1:9c:6b:45:0b:09:9b:2d:60:05:43:36:4c:a9:e2:df:1f:
08:27:75:bf
-----BEGIN CERTIFICATE-----
MIIG0TCCBbmgAwIBAgIULvKR130yeF9mgwjN0lwVYMIl+tYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDcyNGMyZDkwZDViY2M5ZmRhNTQ3NTVlZmM4YzkwM2Fj
YjAxZDAyZTAeFw0yMTAxMDUxNTI3NThaFw0yMjAxMDQxNTMyNThaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDAwODNCNEY5MzQyMzJFQjkz
NDZGNEQ3N0YzMUM5QTdEMDNDRjQzRUMyNkJFQzk4OUQ2OEI1RjE5OEMzRDg5MEU0
QUYyNjU5NDBDM0UyRjJFNkY5MjY5RjRDRTZCNDgxMDY4NjQwOEY2MzY5RDZCOEZE
OTM2QjAyMTU3ODZEQjU3MkVGMjBEQzM5RUQ2MjJBRjQ1ODI2RkQ0OUUxRTVGQTIz
RDlCOURBNTM2QzI1MDFERTQ2Nzg0QTgwM0E3MDFBODMwMEU3Njk1N0IyOEM3NjMy
NzNBRTYxMTgzODc4QTYyNEZGNEJBNjcxQzM3NTYxNUU5MjM3RUJBQjU5RDhFMDRG
OUMzRkU3NUYzOUY3MEZEMDlFNTYxNzM0MTBENjVCNDJDMDVDMUNEQjFFNjg3RUYx
MzJGQzNDREFCNEIyQzQwNEEyN0Q4MkQ2ODJERDE3QTdENDRENzg0NDgwNEMzQTRF
MTQyNzZDQUEwOTFGQzZCMDg2NjhCNUMyMDAyQTE1MzBCQUQ0QzVEQ0MzMzIxOTRC
MkRCRUNERUJBOTI5ODhEMEIzMEQ3MkQ4NDQwQ0REMDZGQUU1QzdBRkQ4RkFFNjI0
Njg1RDU1Nzc0MEVFNUM3NjRDOTZBQzM2RkE4RUEwQjYwNzBGOTUwQzUxQjUzNzc5
MUU0NjczMTg0MjQ4MjkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0Ag7T5NCMuuTRvTXfzHJp9A89D7Ca+yYnWi18ZjD2JDkryZZQMPi
8ub5Jp9M5rSBBoZAj2Np1rj9k2sCFXhttXLvINw57WIq9Fgm/Unh5foj2bnaU2wl
Ad5GeEqAOnAagwDnaVeyjHYyc65hGDh4piT/S6Zxw3VhXpI366tZ2OBPnD/nXzn3
D9CeVhc0ENZbQsBcHNseaH7xMvw82rSyxASifYLWgt0Xp9RNeESATDpOFCdsqgkf
xrCGaLXCACoVMLrUxdzDMhlLLb7N66kpiNCzDXLYRAzdBvrlx6/Y+uYkaF1Vd0Du
XHZMlqw2+o6gtgcPlQxRtTd5HkZzGEJIKQIDAQABo4IB3zCCAdswHQYDVR0OBBYE
FGb6Zd/x2HDXrA5mQ3b3jMCyo5eGMB8GA1UdIwQYMBaAFNckwtkNW8yf2lR1XvyM
kDrLAdAuMA4GA1UdDwEB/wQEAwIHgDBnBgNVHR8EYDBeMFygWqBYhlZyc3luYzov
L3JzeW5jLnJwa2kubmxuZXRsYWJzLm5sL3JlcG8vY2EvMC9ENzI0QzJEOTBENUJD
QzlGREE1NDc1NUVGQzhDOTAzQUNCMDFEMDJFLmNybDBkBggrBgEFBQcBAQRYMFYw
VAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RF
RkFVTFQvMXlUQzJRMWJ6Sl9hVkhWZV9JeVFPc3NCMEM0LmNlcjB8BggrBgEFBQcB
CwRwMG4wbAYIKwYBBQUHMAuGYHJzeW5jOi8vcnN5bmMucnBraS5ubG5ldGxhYnMu
bmwvcmVwby9jYS8wLzMyMzAzMDMxM2EzNzY2NjMzYTNhMmYzNDM3MmQzNDM3MjAz
ZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEH/AAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAe20qDmhY87V4TAgR6NIdM9i6Lyg2lzlOt9F2KEJi9VgbKT/mgsZWNBuEg
9lmiBt4whv9KXOROxFWlNXwEgOufaROZPr7RjCHTsRz5bGP1TxSK2iWDNLgmdpyk
HAg0RAM2GK5tuMvp6JgnnboBGP6WCkk53tT6AitPeXCHukmO117qKYybfCr41O4m
4zxRQH8uttX+anzVdft+QyfD5Yu65tUfqV2DHzDPZCN4pLA2Oh012Wf0uyzRB/B9
rE+UqFEd32jDJ38FudElO6Tz2Rn+VYjFhiWXTS24UV7+0xR/lsjCtgpfPPuXI3+o
sZxrRQsJmy1gBUM2TKni3x8IJ3W/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:53 2023 by rpki-client on console-ams.rpki-client.org