Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXZXecRBly7iDIxNIj_gRbB2aN8.roa
File: NXZXecRBly7iDIxNIj_gRbB2aN8.roa (raw, json)
Hash identifier: 9M6OhvQauEbC3IeuvStduhMMTa65nD1sAHj5RjTojzE=
Subject key identifier: 35:76:57:79:C4:41:97:2E:E2:0C:8C:4D:22:3F:E0:45:B0:76:68:DF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184DB54F35DD0A2D7B567C8B2674DDAFE90
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXZXecRBly7iDIxNIj_gRbB2aN8.roa
Signing time: Sun 04 Dec 2022 04:11:28 +0000
ROA not before: Sun 04 Dec 2022 04:11:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:db:54:f3:5d:d0:a2:d7:b5:67:c8:b2:67:4d:da:fe:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 4 04:11:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35765779c441972ee20c8c4d223fe045b07668df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:85:aa:6e:65:61:2b:66:7d:23:f3:02:2a:a4:
71:b4:d7:70:e6:81:3c:05:43:74:75:1e:91:d8:c4:
3c:1b:ae:62:f3:cb:19:15:87:29:b8:2b:a4:d0:ea:
2e:e2:a1:9e:18:2d:99:e0:d1:1b:48:bd:37:72:cd:
d4:bb:f9:d2:f9:ca:a1:09:0d:6d:2a:f0:5c:31:e0:
c4:52:f9:91:26:5d:39:95:44:f9:4c:a4:83:9e:d2:
90:b1:d8:4a:7a:b9:47:ab:49:c9:62:bf:6a:b2:ea:
4f:92:68:4c:16:2d:8c:06:6f:75:34:93:c2:ae:6e:
83:8b:f1:d5:41:57:73:9e:44:aa:94:66:3b:9e:4e:
0b:0e:ba:6c:f2:62:68:af:54:0e:39:bb:de:09:af:
cc:04:63:47:b8:0b:62:bb:d1:45:11:ac:ef:03:b1:
b6:a6:75:57:72:e5:32:d4:ba:69:71:4b:c2:4c:5b:
13:4a:0e:83:47:56:14:39:03:20:03:2d:b5:22:61:
4b:50:61:73:67:6c:59:57:4e:cb:f7:8d:00:47:c5:
c7:e8:d9:20:28:1a:51:d6:f4:3a:64:20:02:ce:15:
ca:29:86:1d:f7:c9:a1:d9:d3:14:49:87:d1:e1:a9:
5e:5e:eb:4e:77:0f:bc:c1:56:60:7c:76:a2:1b:b7:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:76:57:79:C4:41:97:2E:E2:0C:8C:4D:22:3F:E0:45:B0:76:68:DF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXZXecRBly7iDIxNIj_gRbB2aN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:8c:8a:d1:12:77:0c:b7:84:08:06:f3:c2:b7:b7:5d:5e:6b:
ce:eb:97:dc:dd:85:ee:e2:13:61:9a:cd:9c:37:31:fa:1e:22:
04:70:74:30:d4:08:a3:fc:77:a1:23:55:07:80:2d:f0:64:37:
87:32:06:bf:16:1a:2c:e1:f7:54:b2:ef:7d:6c:d0:44:7b:87:
e7:3e:9a:ad:24:fe:89:79:91:12:77:08:09:6f:15:fe:7b:24:
54:94:0b:ec:2e:6d:04:85:c7:ec:34:71:d3:cb:65:ff:1e:36:
e4:c5:0a:9b:bc:c5:24:e2:a6:03:c4:e0:3a:f4:8d:59:5a:e2:
a9:de:4a:a6:bb:03:85:2e:6d:39:d6:50:8a:07:d2:cf:3d:b0:
b8:31:52:a4:f6:27:03:57:d3:cd:b0:bb:aa:aa:d8:88:49:de:
da:64:31:a4:4d:96:eb:25:96:d7:10:86:50:4a:6c:b7:cd:c1:
87:27:cf:d7:67:d8:ed:7d:49:31:2f:87:d3:f8:56:49:e5:16:
ce:b2:52:36:54:8d:ec:91:28:b5:6b:a8:75:87:8f:7a:05:04:
c0:03:4b:14:41:eb:d6:00:aa:fc:ae:58:04:1e:52:11:91:c2:
1d:c4:91:b7:74:9b:6e:26:bc:12:c8:4b:48:e2:bc:22:6a:23:
5b:ec:4c:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTbVPNd0KLXtWfIsmdN2v6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA0MDQxMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc2NTc3OWM0NDE5NzJlZTIwYzhjNGQyMjNmZTA0NWIwNzY2OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoWqbmVhK2Z9I/MCKqRxtNdw5oE8
BUN0dR6R2MQ8G65i88sZFYcpuCuk0Oou4qGeGC2Z4NEbSL03cs3Uu/nS+cqhCQ1t
KvBcMeDEUvmRJl05lUT5TKSDntKQsdhKerlHq0nJYr9qsupPkmhMFi2MBm91NJPC
rm6Di/HVQVdznkSqlGY7nk4LDrps8mJor1QOObveCa/MBGNHuAtiu9FFEazvA7G2
pnVXcuUy1LppcUvCTFsTSg6DR1YUOQMgAy21ImFLUGFzZ2xZV07L940AR8XH6Nkg
KBpR1vQ6ZCACzhXKKYYd98mh2dMUSYfR4aleXutOdw+8wVZgfHaiG7esowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDV2V3nEQZcu4gyMTSI/4EWwdmjfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlhaWGVjUkJseTdpREl4TklqX2dSYkIyYU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByMitESdwy3hAgG88K3
t11ea87rl9zdhe7iE2GazZw3MfoeIgRwdDDUCKP8d6EjVQeALfBkN4cyBr8WGizh
91Sy731s0ER7h+c+mq0k/ol5kRJ3CAlvFf57JFSUC+wubQSFx+w0cdPLZf8eNuTF
Cpu8xSTipgPE4Dr0jVla4qneSqa7A4UubTnWUIoH0s89sLgxUqT2JwNX082wu6qq
2IhJ3tpkMaRNluslltcQhlBKbLfNwYcnz9dn2O19STEvh9P4VknlFs6yUjZUjeyR
KLVrqHWHj3oFBMADSxRB69YAqvyuWAQeUhGRwh3Ekbd0m24mvBLIS0jivCJqI1vs
TNU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:58:48 2025 by rpki-client