Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Npho-6p6s-n7pbSglmzZvWooZdg.roa
File: Npho-6p6s-n7pbSglmzZvWooZdg.roa (raw, json)
Hash identifier: Ma6sQWQt9bZnUkZ4/voi10aKKc5UsSXtrDFuJwqD3uw=
Subject key identifier: 36:98:68:FB:AA:7A:B3:E9:FB:A5:B4:A0:96:6C:D9:BD:6A:28:65:D8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6A24DF2DCC108E72F2A9829D1BB76D96
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Npho-6p6s-n7pbSglmzZvWooZdg.roa
Signing time: Sat 23 Mar 2024 07:09:45 +0000
ROA not before: Sat 23 Mar 2024 07:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:24:df:2d:cc:10:8e:72:f2:a9:82:9d:1b:b7:6d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 07:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=369868fbaa7ab3e9fba5b4a0966cd9bd6a2865d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:20:93:e6:cd:0e:03:21:9b:00:e1:f6:d0:
42:ed:b6:5b:83:19:50:03:21:d4:53:31:64:f0:91:
8f:c0:6a:e1:17:22:4d:16:36:4c:67:2d:6d:07:49:
a8:f8:c0:4a:4b:95:06:95:f0:0d:d4:38:f1:7f:03:
71:bb:a4:ec:0d:75:52:b5:c8:42:06:bb:10:8e:f1:
08:43:12:78:b3:e3:ed:e4:3c:fc:39:a3:47:24:20:
e8:30:d2:1e:77:fb:33:f6:12:49:c1:cf:77:fc:3f:
0a:1c:4a:d5:4e:83:1c:21:d8:a8:af:8d:23:40:22:
24:d5:95:3b:0a:df:c5:cb:a6:e0:10:e4:38:93:39:
9f:3d:77:4d:8a:47:15:0d:68:55:ed:14:49:90:aa:
8f:77:2f:7e:7c:51:e1:dc:aa:8f:04:a3:42:fd:56:
e2:0a:3d:8c:8d:0b:aa:02:4d:a2:9c:9c:f5:4e:f8:
f9:9d:20:71:51:b8:c5:5e:ba:84:ba:7d:7b:82:f6:
2a:0b:e3:53:2e:d6:f9:a3:08:b4:1d:04:d9:4d:41:
ff:30:86:19:c7:a5:d3:b6:f4:f3:ae:4e:09:2a:13:
ff:ac:da:69:c8:f4:d0:d2:d7:73:93:b6:08:3f:e1:
72:66:95:0d:9f:e9:bf:fc:07:f4:48:8d:08:ee:10:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:98:68:FB:AA:7A:B3:E9:FB:A5:B4:A0:96:6C:D9:BD:6A:28:65:D8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Npho-6p6s-n7pbSglmzZvWooZdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:0c:21:33:5d:f6:aa:05:62:5b:ca:c4:7e:3d:aa:61:00:04:
96:6d:ae:04:c4:7c:41:65:a6:6f:9c:87:2c:dd:d8:b8:7f:01:
92:46:ad:05:dd:85:e3:35:8e:3e:d1:84:30:65:6c:d7:c2:1f:
00:27:b7:43:df:86:f3:e6:9b:8d:22:b1:4f:eb:58:9d:10:16:
44:d5:05:da:8f:2e:e4:73:03:a7:01:9a:31:a0:0d:5a:2f:e2:
32:d0:61:3f:50:f5:f4:cd:51:44:2f:da:0d:f6:2e:cb:84:58:
82:7c:96:f5:b7:67:16:22:d7:21:9d:33:4d:82:b5:3e:4c:3c:
fd:c5:9a:dd:ec:12:43:87:01:36:ae:a3:b5:8a:d1:94:d9:aa:
06:eb:5d:15:f6:8f:30:71:2a:5a:18:e1:2e:bc:35:33:63:32:
aa:32:59:18:3a:fe:0a:88:b6:7b:5e:43:f0:23:00:1c:16:d5:
15:d0:4c:33:f3:79:98:4c:7c:58:ed:3c:13:67:25:e0:b8:84:
ef:fc:70:89:f2:92:f1:dd:39:05:23:5a:8a:4b:15:77:dd:ac:
df:4f:65:fb:fc:66:df:80:29:92:f1:a2:3f:4b:4b:98:05:73:
51:25:3d:4a:57:71:55:29:d4:85:71:48:2b:e9:78:79:4a:54:
18:92:99:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5qJN8tzBCOcvKpgp0bt22WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDcwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk4NjhmYmFhN2FiM2U5ZmJhNWI0YTA5NjZjZDliZDZhMjg2NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbwgk+bNDgMhmwDh9tBC7bZbgxlQ
AyHUUzFk8JGPwGrhFyJNFjZMZy1tB0mo+MBKS5UGlfAN1DjxfwNxu6TsDXVStchC
BrsQjvEIQxJ4s+Pt5Dz8OaNHJCDoMNIed/sz9hJJwc93/D8KHErVToMcIdior40j
QCIk1ZU7Ct/Fy6bgEOQ4kzmfPXdNikcVDWhV7RRJkKqPdy9+fFHh3KqPBKNC/Vbi
Cj2MjQuqAk2inJz1Tvj5nSBxUbjFXrqEun17gvYqC+NTLtb5owi0HQTZTUH/MIYZ
x6XTtvTzrk4JKhP/rNppyPTQ0tdzk7YIP+FyZpUNn+m//Af0SI0I7hAOqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDaYaPuqerPp+6W0oJZs2b1qKGXYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTnBoby02cDZzLW43cGJTZ2xtelp2V29vWmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHwMITNd9qoFYlvKxH49
qmEABJZtrgTEfEFlpm+chyzd2Lh/AZJGrQXdheM1jj7RhDBlbNfCHwAnt0PfhvPm
m40isU/rWJ0QFkTVBdqPLuRzA6cBmjGgDVov4jLQYT9Q9fTNUUQv2g32LsuEWIJ8
lvW3ZxYi1yGdM02CtT5MPP3Fmt3sEkOHATauo7WK0ZTZqgbrXRX2jzBxKloY4S68
NTNjMqoyWRg6/gqItnteQ/AjABwW1RXQTDPzeZhMfFjtPBNnJeC4hO/8cInykvHd
OQUjWopLFXfdrN9PZfv8Zt+AKZLxoj9LS5gFc1ElPUpXcVUp1IVxSCvpeHlKVBiS
mWs=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:29:08 2025 by rpki-client