Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NLpz3dqqo_fPXR37br9HoZany6Y.roa
File: NLpz3dqqo_fPXR37br9HoZany6Y.roa (raw, json)
Hash identifier: rJVGbLEjQ3OkCYAssALM51c3X+gVgW/2XY7xOI9Ov68=
Subject key identifier: 34:BA:73:DD:DA:AA:A3:F7:CF:5D:1D:FB:6E:BF:47:A1:96:A7:CB:A6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F41C6C4FBA564738DD9E0464256126DB4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NLpz3dqqo_fPXR37br9HoZany6Y.roa
Signing time: Sat 04 May 2024 04:04:56 +0000
ROA not before: Sat 04 May 2024 04:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:41c6:549e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:41:c6:c4:fb:a5:64:73:8d:d9:e0:46:42:56:12:6d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 04:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34ba73dddaaaa3f7cf5d1dfb6ebf47a196a7cba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:5c:61:d7:4e:61:f8:d0:e2:ef:9a:a0:64:
ea:d6:1d:47:3f:b3:7c:e5:01:d8:25:74:a5:a7:4d:
ba:63:8c:d1:51:92:ff:21:4a:dd:83:af:23:60:57:
d2:3d:7c:26:e1:2d:3d:76:57:66:fe:a9:0e:60:99:
7f:98:c5:ad:a2:17:7b:2f:61:f2:2c:09:fb:6e:c0:
a9:b3:36:f1:92:ec:96:e9:a0:8b:34:73:cf:92:f5:
3c:d8:c6:07:4a:d6:c7:8d:30:7e:7f:86:35:b6:8c:
5f:d1:42:6d:80:2a:40:4b:13:68:b8:dd:ef:5c:46:
ea:d7:ff:df:da:48:48:ef:c1:80:ba:3c:f3:c0:3e:
70:fa:aa:ea:6b:14:54:22:50:6d:52:0b:d8:89:5c:
02:bb:d9:c9:10:2b:a9:11:f1:39:e0:5c:5f:2b:b6:
ab:5d:4e:18:f7:a6:23:14:d0:47:f2:30:7b:ed:6f:
35:5d:81:6f:d8:b9:e8:99:b7:a4:c0:f4:26:b0:be:
70:32:5d:dc:26:d1:b0:b7:1a:3b:80:8f:52:75:59:
a6:43:79:2a:4c:09:f2:22:47:2f:ce:4e:3b:9d:34:
a3:23:86:4b:72:a3:f5:a4:d9:0e:72:8b:e5:1d:f9:
10:b2:3a:58:99:79:8e:91:cc:45:e7:de:4e:38:10:
c9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BA:73:DD:DA:AA:A3:F7:CF:5D:1D:FB:6E:BF:47:A1:96:A7:CB:A6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/NLpz3dqqo_fPXR37br9HoZany6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:aa:72:a2:37:af:ae:e5:91:34:d0:b8:00:03:ff:da:f2:7c:
09:f8:ad:0c:da:86:a7:3e:01:d2:3b:85:71:c5:9b:f4:4c:e7:
7d:9f:d2:7e:ad:cf:71:1f:59:b1:15:4a:9a:78:f0:78:aa:bf:
00:c8:bb:b7:7c:2e:32:d0:39:3b:be:ae:58:45:17:f7:30:7f:
43:14:82:c0:88:58:41:f5:13:0a:fa:71:9f:68:74:d1:32:0f:
df:c2:1d:c1:88:45:d7:32:26:97:58:56:1a:41:3a:93:34:70:
40:b7:34:93:bd:b4:69:5a:8c:fa:1c:0a:6d:b1:7f:04:85:e1:
23:02:bb:8e:a0:9d:4d:33:20:35:ba:e6:08:54:1a:d7:bc:12:
4e:95:43:30:a9:51:2b:73:75:53:5f:cf:c0:ad:d9:4d:ea:29:
5d:71:50:fd:1d:3e:84:55:00:ac:a1:bc:a6:9d:f5:c7:ea:72:
df:e9:1b:72:76:14:28:d6:ef:30:4c:e8:05:28:9f:12:6d:6c:
1b:b1:19:11:a8:92:b2:e2:ab:b5:cb:72:24:1b:80:2a:66:be:
ab:de:c3:68:ce:52:3d:9f:85:d4:30:a3:0c:3f:e7:a5:31:16:
14:bf:fa:6a:1a:6e:be:0f:e7:83:3c:75:3c:9f:3e:ff:e9:83:
12:b8:b6:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9BxsT7pWRzjdngRkJWEm20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MDQwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJhNzNkZGRhYWFhM2Y3Y2Y1ZDFkZmI2ZWJmNDdhMTk2YTdjYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOdcYddOYfjQ4u+aoGTq1h1HP7N8
5QHYJXSlp026Y4zRUZL/IUrdg68jYFfSPXwm4S09dldm/qkOYJl/mMWtohd7L2Hy
LAn7bsCpszbxkuyW6aCLNHPPkvU82MYHStbHjTB+f4Y1toxf0UJtgCpASxNouN3v
XEbq1//f2khI78GAujzzwD5w+qrqaxRUIlBtUgvYiVwCu9nJECupEfE54FxfK7ar
XU4Y96YjFNBH8jB77W81XYFv2LnombekwPQmsL5wMl3cJtGwtxo7gI9SdVmmQ3kq
TAnyIkcvzk47nTSjI4ZLcqP1pNkOcovlHfkQsjpYmXmOkcxF595OOBDJxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDS6c93aqqP3z10d+26/R6GWp8umMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTkxwejNkcXFvX2ZQWFIzN2JyOUhvWmFueTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACSqcqI3r67lkTTQuAAD
/9ryfAn4rQzahqc+AdI7hXHFm/RM532f0n6tz3EfWbEVSpp48HiqvwDIu7d8LjLQ
OTu+rlhFF/cwf0MUgsCIWEH1Ewr6cZ9odNEyD9/CHcGIRdcyJpdYVhpBOpM0cEC3
NJO9tGlajPocCm2xfwSF4SMCu46gnU0zIDW65ghUGte8Ek6VQzCpUStzdVNfz8Ct
2U3qKV1xUP0dPoRVAKyhvKad9cfqct/pG3J2FCjW7zBM6AUonxJtbBuxGRGokrLi
q7XLciQbgCpmvqvew2jOUj2fhdQwoww/56UxFhS/+moabr4P54M8dTyfPv/pgxK4
tt8=
-----END CERTIFICATE-----
Generated at Tue Apr 29 18:38:04 2025 by rpki-client