Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nBPCVsN_a2r4xjcmbETVQ-FdKWY.roa
File: nBPCVsN_a2r4xjcmbETVQ-FdKWY.roa (raw, json)
Hash identifier: rk+NFxeKPgLDWYu95h0ASA3qmU1cnE2jirio6WzNVdA=
Subject key identifier: 9C:13:C2:56:C3:7F:6B:6A:F8:C6:37:26:6C:44:D5:43:E1:5D:29:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFF4D8AADC101A80A3A469393683D82AE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nBPCVsN_a2r4xjcmbETVQ-FdKWY.roa
Signing time: Sat 02 Mar 2024 13:14:48 +0000
ROA not before: Sat 02 Mar 2024 13:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ff:4d:8a:ad:c1:01:a8:0a:3a:46:93:93:68:3d:82:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 13:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c13c256c37f6b6af8c637266c44d543e15d2966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e4:c8:3b:e8:86:5a:d2:af:59:5d:be:02:c7:
33:40:26:3d:02:00:03:b2:a1:ea:3f:bb:87:ec:90:
11:9c:af:71:b9:02:fe:b0:a4:a0:21:ec:6b:8c:cb:
04:ae:ba:3d:9c:48:f4:8b:be:de:63:4e:00:8d:a1:
08:ab:d1:37:2b:a5:d9:25:5b:03:c9:64:5e:da:e1:
d1:46:c6:89:49:5d:ba:24:08:5e:4e:f5:71:e2:25:
aa:a4:8f:53:fa:f8:75:41:52:12:53:e7:fe:d2:11:
dd:1f:b5:04:60:67:ad:8a:ea:a2:40:fb:ad:64:2b:
6e:2f:de:67:6d:32:a8:49:02:d3:5d:07:1c:b8:d9:
b5:75:6b:60:c4:71:93:e7:c5:02:33:67:99:d0:e9:
66:3b:7a:2e:d0:4e:a3:79:f1:b3:b0:76:d6:11:61:
10:24:f9:57:40:f6:62:ce:ce:dd:cf:d0:8b:27:e5:
5b:0c:4d:5a:64:55:77:ab:08:f8:ff:55:74:ad:34:
c1:1d:59:27:01:8f:4b:3a:e7:68:b0:3d:0e:63:55:
8c:e6:ca:a3:f6:59:bc:ad:4f:a4:81:bd:88:a2:e4:
8d:a6:62:70:8b:a9:6a:a7:49:f2:75:a5:55:aa:87:
b3:b5:24:4d:6b:4b:1e:d6:aa:b5:09:a2:0e:2d:24:
e9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:13:C2:56:C3:7F:6B:6A:F8:C6:37:26:6C:44:D5:43:E1:5D:29:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nBPCVsN_a2r4xjcmbETVQ-FdKWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:fd:62:a6:46:9a:d9:69:9b:1d:1d:20:86:70:3d:71:96:73:
eb:c3:6d:8d:fb:70:f4:0c:20:24:e7:29:fa:89:08:b0:8f:17:
c5:53:5c:40:73:0e:d5:58:71:ec:b6:32:59:2c:41:a6:87:19:
63:08:d6:8e:4a:c5:da:17:dc:0c:37:20:00:b6:6f:05:f2:d3:
ba:65:a5:90:32:1e:a7:33:93:2f:56:eb:a9:4a:99:01:da:2a:
3c:61:25:63:4e:d7:b9:e6:de:b1:6d:69:4d:e9:61:7d:28:c1:
23:8c:c8:93:b0:6d:c3:41:3c:72:01:0b:37:15:87:4b:f5:f4:
ab:49:f6:4d:43:74:62:c2:48:f3:79:a0:01:7a:e3:bb:05:34:
8b:c5:65:f4:28:60:f4:64:16:24:c3:85:03:c8:a7:b2:d0:59:
c2:f7:93:1e:9b:5d:91:42:25:2d:1d:c1:99:f0:e2:11:e1:ec:
db:ec:0d:64:9f:6d:46:fe:c6:45:91:a7:9d:cb:ea:e7:42:9e:
b9:25:5d:cf:cf:08:80:cb:8c:f1:0e:79:5a:c9:5d:76:45:93:
3b:6d:68:84:19:73:13:c7:93:59:f8:cb:78:fd:52:1e:e5:9e:
56:9f:f8:45:db:90:d0:6f:5e:77:18:f8:08:21:62:86:53:1f:
b3:9c:50:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3/TYqtwQGoCjpGk5NoPYKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMTMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEzYzI1NmMzN2Y2YjZhZjhjNjM3MjY2YzQ0ZDU0M2UxNWQyOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweTIO+iGWtKvWV2+AsczQCY9AgAD
sqHqP7uH7JARnK9xuQL+sKSgIexrjMsErro9nEj0i77eY04AjaEIq9E3K6XZJVsD
yWRe2uHRRsaJSV26JAheTvVx4iWqpI9T+vh1QVISU+f+0hHdH7UEYGetiuqiQPut
ZCtuL95nbTKoSQLTXQccuNm1dWtgxHGT58UCM2eZ0OlmO3ou0E6jefGzsHbWEWEQ
JPlXQPZizs7dz9CLJ+VbDE1aZFV3qwj4/1V0rTTBHVknAY9LOudosD0OY1WM5sqj
9lm8rU+kgb2IouSNpmJwi6lqp0nydaVVqoeztSRNa0se1qq1CaIOLSTpPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwTwlbDf2tq+MY3JmxE1UPhXSlmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbkJQQ1ZzTl9hMnI0eGpjbWJFVFZRLUZkS1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHf9YqZGmtlpmx0dIIZw
PXGWc+vDbY37cPQMICTnKfqJCLCPF8VTXEBzDtVYcey2MlksQaaHGWMI1o5KxdoX
3Aw3IAC2bwXy07plpZAyHqczky9W66lKmQHaKjxhJWNO17nm3rFtaU3pYX0owSOM
yJOwbcNBPHIBCzcVh0v19KtJ9k1DdGLCSPN5oAF647sFNIvFZfQoYPRkFiTDhQPI
p7LQWcL3kx6bXZFCJS0dwZnw4hHh7NvsDWSfbUb+xkWRp53L6udCnrklXc/PCIDL
jPEOeVrJXXZFkzttaIQZcxPHk1n4y3j9Uh7lnlaf+EXbkNBvXncY+AghYoZTH7Oc
UOI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:18:43 2025 by rpki-client