Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nbGh_K7jLkOyl8ZUgnoSKgGvNIY.roa
File: nbGh_K7jLkOyl8ZUgnoSKgGvNIY.roa (raw, json)
Hash identifier: rFkc5E163wHU0sBtHc8l/RN97RvdWxp1AT3ZjDZZmUY=
Subject key identifier: 9D:B1:A1:FC:AE:E3:2E:43:B2:97:C6:54:82:7A:12:2A:01:AF:34:86
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8BC36AB3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nbGh_K7jLkOyl8ZUgnoSKgGvNIY.roa
Signing time: Sat 11 Jun 2022 06:12:02 +0000
ROA not before: Sat 11 Jun 2022 06:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2344839859 (0x8bc36ab3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 11 06:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9db1a1fcaee32e43b297c654827a122a01af3486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:df:f6:ae:ad:27:69:a1:51:8a:75:4c:3a:
26:c1:15:58:74:fb:5a:0f:14:cb:6e:da:69:c4:0a:
03:6e:fc:36:a1:ef:0d:c1:a3:64:d5:2e:3b:44:8f:
19:dc:c2:81:16:08:bb:5c:30:28:a6:46:20:92:c4:
1e:cb:16:5f:dd:a4:47:28:1b:72:9f:05:8a:62:ce:
93:3f:79:4b:1d:ea:2d:df:ed:d2:14:28:39:a9:1a:
0a:77:fb:aa:53:c4:5c:81:2c:90:93:68:6a:e5:f5:
43:e0:3f:73:26:aa:74:da:73:ba:24:0a:7f:21:cb:
41:f0:bc:6e:71:70:22:41:f7:0a:ba:b8:5a:4d:17:
93:e0:17:6d:4c:1a:64:24:85:3f:12:37:d9:dc:96:
b1:8e:25:25:d3:a0:94:39:ec:b3:d6:75:a6:50:67:
da:8b:41:83:7f:06:5f:6f:87:41:88:75:fb:11:e6:
80:55:46:39:b4:70:6c:3e:52:81:80:54:0c:ec:de:
b7:57:67:24:97:7a:ed:8c:d4:fa:0f:e7:08:a9:9b:
14:aa:1c:c5:fd:15:b7:a5:88:42:4e:2f:05:64:47:
10:e8:83:7e:4b:8e:08:76:bd:19:96:34:65:d7:3c:
fa:bd:59:75:52:e1:d8:b0:1b:f1:35:b7:07:49:53:
29:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B1:A1:FC:AE:E3:2E:43:B2:97:C6:54:82:7A:12:2A:01:AF:34:86
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nbGh_K7jLkOyl8ZUgnoSKgGvNIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:e9:f8:38:23:39:67:61:7b:12:6d:d3:48:ea:44:65:c9:3b:
84:cf:7b:32:df:5d:7b:3f:3c:0d:35:ea:fa:cc:8c:4b:79:36:
a5:97:02:66:56:a9:d1:a6:80:25:9c:19:4c:66:0b:73:64:e1:
f0:e4:1c:36:04:63:2f:06:26:b9:db:1f:e5:cf:29:e8:f9:bc:
5e:3c:2e:27:5f:6a:f4:8f:29:7a:76:15:0c:44:89:ae:32:6f:
24:f4:fe:68:f0:51:04:bb:12:a4:43:49:96:47:58:18:86:3a:
a4:69:17:71:5f:72:dd:01:a2:42:f8:c2:74:b9:b5:dc:1e:92:
db:22:8e:84:92:dc:88:92:50:14:8c:94:15:89:98:90:90:6b:
37:63:f4:0e:cc:24:b2:b0:e6:eb:96:ad:3d:b6:e1:9f:f6:71:
35:21:d4:bb:56:b3:04:d2:f0:7f:27:6d:aa:6d:a9:73:36:6f:
a3:1e:2e:5a:f7:69:96:c9:ca:e6:5b:14:6c:e5:8e:b8:3e:9d:
ae:d6:91:69:67:d5:70:50:78:f3:9f:2f:8d:33:97:ab:3f:81:
33:d9:c0:7f:c7:09:78:68:b0:81:c5:af:3d:c0:b0:f6:38:1b:
03:fb:51:38:74:41:0b:6a:76:b2:f0:c7:27:96:35:e3:7e:b8:
41:e5:23:56
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIvDarMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MTEwNjEyMDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDlkYjFhMWZjYWVl
MzJlNDNiMjk3YzY1NDgyN2ExMjJhMDFhZjM0ODYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzjt/2rq0naaFRinVMOibBFVh0+1oPFMtu2mnECgNu/Dah
7w3Bo2TVLjtEjxncwoEWCLtcMCimRiCSxB7LFl/dpEcoG3KfBYpizpM/eUsd6i3f
7dIUKDmpGgp3+6pTxFyBLJCTaGrl9UPgP3MmqnTac7okCn8hy0HwvG5xcCJB9wq6
uFpNF5PgF21MGmQkhT8SN9nclrGOJSXToJQ57LPWdaZQZ9qLQYN/Bl9vh0GIdfsR
5oBVRjm0cGw+UoGAVAzs3rdXZySXeu2M1PoP5wipmxSqHMX9FbeliEJOLwVkRxDo
g35Ljgh2vRmWNGXXPPq9WXVS4diwG/E1twdJUynVAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUnbGh/K7jLkOyl8ZUgnoSKgGvNIYwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9uYkdoX0s3akxrT3lsOFpVZ25vU0tnR3ZOSVkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEADOn4OCM5Z2F7Em3TSOpEZck7hM97Mt9dez88
DTXq+syMS3k2pZcCZlap0aaAJZwZTGYLc2Th8OQcNgRjLwYmudsf5c8p6Pm8Xjwu
J19q9I8penYVDESJrjJvJPT+aPBRBLsSpENJlkdYGIY6pGkXcV9y3QGiQvjCdLm1
3B6S2yKOhJLciJJQFIyUFYmYkJBrN2P0DswksrDm65atPbbhn/ZxNSHUu1azBNLw
fydtqm2pczZvox4uWvdplsnK5lsUbOWOuD6drtaRaWfVcFB4858vjTOXqz+BM9nA
f8cJeGiwgcWvPcCw9jgbA/tROHRBC2p2svDHJ5Y14364QeUjVg==
-----END CERTIFICATE-----
Generated at Mon May 5 03:55:56 2025 by rpki-client