Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NpAj-RC_khUctMcA3GSvj99oZgM.roa
File: NpAj-RC_khUctMcA3GSvj99oZgM.roa (raw, json)
Hash identifier: CuXm/iNEjjMrBFQjo8DmA/Z95TbyylEJb5UhPI8M3RI=
Subject key identifier: 36:90:23:F9:10:BF:92:15:1C:B4:C7:00:DC:64:AF:8F:DF:68:66:03
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3AC9363E3D49056E04C40A6C710907B9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NpAj-RC_khUctMcA3GSvj99oZgM.roa
Signing time: Mon 28 Aug 2023 06:16:19 +0000
ROA not before: Mon 28 Aug 2023 06:16:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:c9:36:3e:3d:49:05:6e:04:c4:0a:6c:71:09:07:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 06:16:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=369023f910bf92151cb4c700dc64af8fdf686603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:70:c7:24:72:d4:cb:f8:88:ce:2c:6c:ee:
80:12:af:10:70:46:59:b7:a6:4e:0c:2f:e2:d4:d7:
b4:77:6c:3c:ab:86:f0:f3:3f:96:bf:30:99:5a:17:
de:4d:57:41:32:dc:f9:ef:9c:2a:09:72:f7:cb:3e:
13:ba:b6:ac:61:36:fa:47:f7:3a:36:06:44:06:10:
1e:10:52:a6:90:8c:e0:00:ae:7b:df:14:4a:1c:42:
60:cb:aa:bf:d0:82:8b:2a:84:73:ac:f2:1c:4b:d1:
14:c4:84:cf:25:35:6b:4b:39:88:55:87:9a:ea:b2:
7c:ed:b2:9c:7e:46:cd:e5:29:2b:f6:53:30:dc:f7:
f5:d4:72:a8:c7:4c:ef:98:cf:60:1c:4e:db:d3:d4:
f0:4d:a4:cc:68:7a:7b:d4:2e:5b:c2:16:c6:54:6a:
17:9b:81:89:08:0a:96:47:2e:d1:c2:49:3d:c8:42:
d7:ad:59:b5:7a:de:67:ab:e3:cb:7b:86:58:79:a6:
36:79:ab:16:3b:3b:39:54:cd:d4:d4:99:41:e9:cc:
36:b3:30:93:59:df:e4:3f:b5:8d:c9:02:05:5c:7c:
ba:58:65:16:3e:1f:c9:5a:60:0d:0a:1c:42:e6:ca:
6f:56:43:c5:ec:f5:d7:9a:5b:1b:33:68:64:23:aa:
c0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:90:23:F9:10:BF:92:15:1C:B4:C7:00:DC:64:AF:8F:DF:68:66:03
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NpAj-RC_khUctMcA3GSvj99oZgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:e9:84:b6:ed:7b:36:ad:a6:23:bd:67:b9:2b:19:37:59:a0:
7e:d0:0b:19:45:e9:49:7d:80:7e:39:ea:f2:95:14:08:a0:64:
34:ba:18:b5:24:10:37:e4:a1:46:ac:5f:6f:3a:a2:4b:49:f6:
29:76:42:d9:dd:62:e8:57:01:a2:c1:36:1d:3b:4e:de:dd:c3:
8d:54:a7:46:d0:ff:a3:97:51:89:ff:e8:63:ab:9a:db:c1:b9:
9b:cb:55:ce:72:05:50:5c:57:8d:a4:b4:bf:49:df:de:63:a1:
ae:46:27:06:7e:c1:7d:f0:1f:64:5e:80:87:84:d6:d4:03:0f:
2f:87:fb:bc:bb:20:c4:c4:f9:c1:28:03:ab:9f:08:0d:8e:14:
f7:e0:81:d4:d4:64:81:62:c4:82:8d:0b:63:44:d0:38:bf:11:
7c:93:93:75:5e:57:fe:7d:9d:dc:35:b4:08:2c:5f:d3:25:e8:
a2:5b:86:3e:64:ec:03:18:76:73:cb:4b:be:c7:be:5c:92:6b:
5d:d0:26:27:90:dd:34:d7:96:24:85:1a:53:2b:34:75:50:32:
a2:3e:83:b5:3f:b1:04:42:a8:87:49:72:b6:be:cf:dd:75:4f:
10:53:49:f1:1c:5d:21:18:ac:b8:a0:25:28:dc:40:8a:a4:3e:
b1:b5:59:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo6yTY+PUkFbgTECmxxCQe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MDYxNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjkwMjNmOTEwYmY5MjE1MWNiNGM3MDBkYzY0YWY4ZmRmNjg2NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZlwxyRy1Mv4iM4sbO6AEq8QcEZZ
t6ZODC/i1Ne0d2w8q4bw8z+WvzCZWhfeTVdBMtz575wqCXL3yz4TurasYTb6R/c6
NgZEBhAeEFKmkIzgAK573xRKHEJgy6q/0IKLKoRzrPIcS9EUxITPJTVrSzmIVYea
6rJ87bKcfkbN5Skr9lMw3Pf11HKox0zvmM9gHE7b09TwTaTMaHp71C5bwhbGVGoX
m4GJCAqWRy7Rwkk9yELXrVm1et5nq+PLe4ZYeaY2easWOzs5VM3U1JlB6cw2szCT
Wd/kP7WNyQIFXHy6WGUWPh/JWmANChxC5spvVkPF7PXXmlsbM2hkI6rAgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDaQI/kQv5IVHLTHANxkr4/faGYDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTnBBai1SQ19raFVjdE1jQTNHU3ZqOTlvWmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAInphLbtezatpiO9Z7kr
GTdZoH7QCxlF6Ul9gH456vKVFAigZDS6GLUkEDfkoUasX286oktJ9il2QtndYuhX
AaLBNh07Tt7dw41Up0bQ/6OXUYn/6GOrmtvBuZvLVc5yBVBcV42ktL9J395joa5G
JwZ+wX3wH2RegIeE1tQDDy+H+7y7IMTE+cEoA6ufCA2OFPfggdTUZIFixIKNC2NE
0Di/EXyTk3VeV/59ndw1tAgsX9Ml6KJbhj5k7AMYdnPLS77HvlySa13QJieQ3TTX
liSFGlMrNHVQMqI+g7U/sQRCqIdJcra+z911TxBTSfEcXSEYrLigJSjcQIqkPrG1
WY8=
-----END CERTIFICATE-----
Generated at Thu May 1 03:42:03 2025 by rpki-client