Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nhWDlrnnfGqMJUcUJHP_TMfg9Co.roa
File: nhWDlrnnfGqMJUcUJHP_TMfg9Co.roa (raw, json)
Hash identifier: DfZFQuUv3noR7D2bP8ILEWUGaFJkodRoJqtfXrNsRWY=
Subject key identifier: 9E:15:83:96:B9:E7:7C:6A:8C:25:47:14:24:73:FF:4C:C7:E0:F4:2A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBB3C977A02B7C2F18FF23763213EAAC8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nhWDlrnnfGqMJUcUJHP_TMfg9Co.roa
Signing time: Mon 08 Apr 2024 01:04:54 +0000
ROA not before: Mon 08 Apr 2024 01:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:bb3c:d07/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bb:3c:97:7a:02:b7:c2:f1:8f:f2:37:63:21:3e:aa:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 01:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e158396b9e77c6a8c2547142473ff4cc7e0f42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:57:5a:78:0f:c6:cf:30:bc:fd:5f:e8:02:71:
c1:05:00:1e:c1:7f:2f:c1:ff:c5:db:52:b8:60:41:
7e:73:f2:97:46:40:43:ea:88:dd:1c:1c:8c:e6:c0:
1d:6e:b5:26:7f:35:ab:c4:f5:3c:ae:30:0a:ab:2b:
cc:1e:2e:78:87:38:76:f7:a4:7a:92:d2:49:4d:6b:
39:89:e8:97:45:25:d0:a5:ff:09:a5:cb:8f:75:4b:
6e:74:89:83:bc:e4:39:8b:b8:ed:4f:b1:2d:e1:70:
68:30:5d:f4:09:b0:00:c9:2f:34:55:36:8f:8e:40:
b9:db:b4:3e:0c:63:97:94:a6:17:2a:34:4d:51:fb:
d8:d3:da:b6:e9:33:f6:e9:00:08:eb:01:a6:cd:f0:
7b:f3:46:13:cb:b4:ee:82:98:38:5d:4f:52:d7:09:
92:fe:4c:38:9f:a5:df:81:12:1e:22:f7:b8:6e:8b:
06:da:0d:a7:72:73:56:b6:a9:ac:4d:e8:37:ef:20:
b8:82:f1:ab:39:ca:40:3c:38:a5:70:53:48:a1:b4:
9e:11:08:c0:2c:f4:f1:b7:13:fb:be:51:32:ff:22:
03:b0:de:5a:5c:c4:2d:5c:01:9a:2b:45:cd:7d:5a:
fb:17:da:b8:85:80:a6:09:2d:fe:80:5e:57:4d:7e:
e8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:15:83:96:B9:E7:7C:6A:8C:25:47:14:24:73:FF:4C:C7:E0:F4:2A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nhWDlrnnfGqMJUcUJHP_TMfg9Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:d3:7a:29:34:62:4c:f9:5a:f2:20:20:46:72:59:0a:5f:05:
38:a1:11:48:03:92:2a:03:17:1d:0c:cf:f0:9c:1c:e3:5b:30:
af:ed:e8:4f:c2:eb:9b:97:6b:a0:81:01:9c:b8:17:1c:40:d5:
2e:1a:d2:22:5a:bf:3a:ba:f7:31:a5:f1:d6:ae:30:86:23:1a:
18:eb:47:19:c2:c9:f4:b2:3c:25:62:f6:a9:f0:4d:8b:a0:39:
aa:7e:1b:04:44:b5:b1:41:1c:28:6e:0b:eb:7c:2b:c7:d6:22:
f9:9f:10:40:d7:7c:54:8c:f4:0d:08:48:10:a6:2b:43:d4:e7:
56:e2:35:93:a8:42:4e:13:c1:da:fc:21:fd:75:84:48:0b:34:
ef:9b:f7:8e:f8:44:3d:52:01:63:b8:ad:54:ea:a6:cd:9b:79:
8c:98:c7:21:21:31:f0:98:ad:72:e7:1a:06:23:bc:78:53:f0:
a2:8b:79:8a:78:5c:0d:4c:af:6d:63:f4:b2:ea:61:58:4f:89:
bb:70:0b:bb:43:e0:02:57:35:68:6c:16:99:3c:cf:1f:a8:ff:
4b:88:aa:c2:02:56:ed:6a:4c:1f:d0:28:62:a9:14:b2:bd:c7:
05:30:a7:de:f9:c9:95:5a:67:80:a5:74:34:df:9d:28:a5:c2:
29:58:eb:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY67PJd6ArfC8Y/yN2MhPqrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MDEwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTE1ODM5NmI5ZTc3YzZhOGMyNTQ3MTQyNDczZmY0Y2M3ZTBmNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVdaeA/GzzC8/V/oAnHBBQAewX8v
wf/F21K4YEF+c/KXRkBD6ojdHByM5sAdbrUmfzWrxPU8rjAKqyvMHi54hzh296R6
ktJJTWs5ieiXRSXQpf8JpcuPdUtudImDvOQ5i7jtT7Et4XBoMF30CbAAyS80VTaP
jkC527Q+DGOXlKYXKjRNUfvY09q26TP26QAI6wGmzfB780YTy7Tugpg4XU9S1wmS
/kw4n6XfgRIeIve4bosG2g2ncnNWtqmsTeg37yC4gvGrOcpAPDilcFNIobSeEQjA
LPTxtxP7vlEy/yIDsN5aXMQtXAGaK0XNfVr7F9q4hYCmCS3+gF5XTX7o/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ4Vg5a553xqjCVHFCRz/0zH4PQqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbmhXRGxybm5mR3FNSlVjVUpIUF9UTWZnOUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABfTeik0Ykz5WvIgIEZy
WQpfBTihEUgDkioDFx0Mz/CcHONbMK/t6E/C65uXa6CBAZy4FxxA1S4a0iJavzq6
9zGl8dauMIYjGhjrRxnCyfSyPCVi9qnwTYugOap+GwREtbFBHChuC+t8K8fWIvmf
EEDXfFSM9A0ISBCmK0PU51biNZOoQk4Twdr8If11hEgLNO+b9474RD1SAWO4rVTq
ps2beYyYxyEhMfCYrXLnGgYjvHhT8KKLeYp4XA1Mr21j9LLqYVhPibtwC7tD4AJX
NWhsFpk8zx+o/0uIqsICVu1qTB/QKGKpFLK9xwUwp975yZVaZ4CldDTfnSilwilY
64I=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:40:06 2025 by rpki-client