Route Origin Authorization
$ rpki-client -vvf rsync.rpki.nlnetlabs.nl/repo/ca/0/3138352e34392e3134332e302f32342d3234203d3e203134363138.roa
File: 3138352e34392e3134332e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: +EmxBBhkx0PBkdzcnvgQLu/U4Q2Bh/RxvBr9ORaB5eY=
Subject key identifier: D3:D2:37:40:10:FE:40:0D:86:FA:C6:54:31:F8:A7:17:8A:57:1A:3D
Certificate issuer: /CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Certificate serial: 7EB0CEE2FAF922C5FA2982BEEB607825E484F223
Authority key identifier: D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject info access: rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/3138352e34392e3134332e302f32342d3234203d3e203134363138.roa
Signing time: Thu 19 Nov 2020 10:37:21 +0000
ROA not before: Thu 19 Nov 2020 10:32:21 +0000
ROA not after: Thu 18 Nov 2021 10:37:21 +0000
asID: 14618
IP address blocks: 185.49.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:b0:ce:e2:fa:f9:22:c5:fa:29:82:be:eb:60:78:25:e4:84:f2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Validity
Not Before: Nov 19 10:32:21 2020 GMT
Not After : Nov 18 10:37:21 2021 GMT
Subject: CN=3082010A0282010100D0316EA3D1EAC2A53D21CE340FFAE2CC598FCAC1F003B5C83F319D5FC3BFAB4EFD536262BB68F3F85F0AA6E528E6AC950561F689D89EED85D948288EAF0330B57CA055FDC30C400B2D61CA7EF8C3AE407093369510DEC5CAAA02023BC6ECE60F9ADFA889F754E9E51F3274882B1B3974A29E34922A95D0D49382C449C897A499C3389CC5C443611443400053F9BCE719804BBF660C2CE62FF760A2B49A859CDB46579952C884EA9F49F7B72684C94227792D495EDA8AF5BC5E58E308E5782AEB0760FEA58DEF77A51F0B4C9ABF297DBF40A2D28F63CDC44700BE13154E126E42C7E77658F7D259C05644081919B01F27BCD6808D848D8FC3CB44C34F2E703AC70203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:6e:a3:d1:ea:c2:a5:3d:21:ce:34:0f:fa:
e2:cc:59:8f:ca:c1:f0:03:b5:c8:3f:31:9d:5f:c3:
bf:ab:4e:fd:53:62:62:bb:68:f3:f8:5f:0a:a6:e5:
28:e6:ac:95:05:61:f6:89:d8:9e:ed:85:d9:48:28:
8e:af:03:30:b5:7c:a0:55:fd:c3:0c:40:0b:2d:61:
ca:7e:f8:c3:ae:40:70:93:36:95:10:de:c5:ca:aa:
02:02:3b:c6:ec:e6:0f:9a:df:a8:89:f7:54:e9:e5:
1f:32:74:88:2b:1b:39:74:a2:9e:34:92:2a:95:d0:
d4:93:82:c4:49:c8:97:a4:99:c3:38:9c:c5:c4:43:
61:14:43:40:00:53:f9:bc:e7:19:80:4b:bf:66:0c:
2c:e6:2f:f7:60:a2:b4:9a:85:9c:db:46:57:99:52:
c8:84:ea:9f:49:f7:b7:26:84:c9:42:27:79:2d:49:
5e:da:8a:f5:bc:5e:58:e3:08:e5:78:2a:eb:07:60:
fe:a5:8d:ef:77:a5:1f:0b:4c:9a:bf:29:7d:bf:40:
a2:d2:8f:63:cd:c4:47:00:be:13:15:4e:12:6e:42:
c7:e7:76:58:f7:d2:59:c0:56:44:08:19:19:b0:1f:
27:bc:d6:80:8d:84:8d:8f:c3:cb:44:c3:4f:2e:70:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D2:37:40:10:FE:40:0D:86:FA:C6:54:31:F8:A7:17:8A:57:1A:3D
X509v3 Authority Key Identifier:
keyid:D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/D724C2D90D5BCC9FDA54755EFC8C903ACB01D02E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/3138352e34392e3134332e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:07:d3:21:9b:a3:9b:12:59:1e:67:31:8f:f0:df:96:9a:cc:
f8:00:77:d3:44:4f:22:da:59:71:42:c4:67:f8:1d:8a:fa:d9:
14:93:a0:5d:9f:96:ca:30:32:00:75:cb:44:a9:ad:4b:b8:34:
ef:7d:43:39:93:e8:29:28:0f:d0:3a:fa:b1:a3:7d:de:8a:eb:
68:ce:1d:ea:a9:86:4b:b2:3b:6f:e1:02:c9:13:52:a0:dd:f5:
40:d7:0d:71:2e:9d:73:80:9d:13:e0:e4:6f:d8:33:79:ce:68:
b0:ad:4c:0c:45:8c:75:29:82:bd:d2:d4:ce:06:47:e8:99:4e:
59:d8:93:c6:3c:c8:1c:ee:33:01:e9:e9:34:6f:1a:ba:09:77:
97:8d:2d:57:31:0f:fe:03:f9:62:83:2b:b0:c0:fb:a7:11:8c:
7c:e8:9f:b8:b0:b9:61:56:42:11:03:19:fa:a0:a7:95:a9:ae:
2b:80:24:5b:ed:15:f1:bb:72:88:12:b4:85:27:f5:51:e9:33:
37:0c:c7:4a:7d:45:65:7e:8a:17:30:f7:9c:50:50:aa:25:08:
e2:37:58:06:30:4b:40:75:40:f3:30:32:2b:f3:a7:6f:a0:cd:
06:46:2c:7b:55:ce:54:a0:9b:84:6a:9d:20:0c:95:99:53:d6:
ec:ce:7e:30
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIUfrDO4vr5IsX6KYK+62B4JeSE8iMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDcyNGMyZDkwZDViY2M5ZmRhNTQ3NTVlZmM4YzkwM2Fj
YjAxZDAyZTAeFw0yMDExMTkxMDMyMjFaFw0yMTExMTgxMDM3MjFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDAzMTZFQTNEMUVBQzJBNTNE
MjFDRTM0MEZGQUUyQ0M1OThGQ0FDMUYwMDNCNUM4M0YzMTlENUZDM0JGQUI0RUZE
NTM2MjYyQkI2OEYzRjg1RjBBQTZFNTI4RTZBQzk1MDU2MUY2ODlEODlFRUQ4NUQ5
NDgyODhFQUYwMzMwQjU3Q0EwNTVGREMzMEM0MDBCMkQ2MUNBN0VGOEMzQUU0MDcw
OTMzNjk1MTBERUM1Q0FBQTAyMDIzQkM2RUNFNjBGOUFERkE4ODlGNzU0RTlFNTFG
MzI3NDg4MkIxQjM5NzRBMjlFMzQ5MjJBOTVEMEQ0OTM4MkM0NDlDODk3QTQ5OUMz
Mzg5Q0M1QzQ0MzYxMTQ0MzQwMDA1M0Y5QkNFNzE5ODA0QkJGNjYwQzJDRTYyRkY3
NjBBMkI0OUE4NTlDREI0NjU3OTk1MkM4ODRFQTlGNDlGN0I3MjY4NEM5NDIyNzc5
MkQ0OTVFREE4QUY1QkM1RTU4RTMwOEU1NzgyQUVCMDc2MEZFQTU4REVGNzdBNTFG
MEI0QzlBQkYyOTdEQkY0MEEyRDI4RjYzQ0RDNDQ3MDBCRTEzMTU0RTEyNkU0MkM3
RTc3NjU4RjdEMjU5QzA1NjQ0MDgxOTE5QjAxRjI3QkNENjgwOEQ4NDhEOEZDM0NC
NDRDMzRGMkU3MDNBQzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0DFuo9HqwqU9Ic40D/rizFmPysHwA7XIPzGdX8O/q079U2Jiu2jz
+F8KpuUo5qyVBWH2idie7YXZSCiOrwMwtXygVf3DDEALLWHKfvjDrkBwkzaVEN7F
yqoCAjvG7OYPmt+oifdU6eUfMnSIKxs5dKKeNJIqldDUk4LESciXpJnDOJzFxENh
FENAAFP5vOcZgEu/Zgws5i/3YKK0moWc20ZXmVLIhOqfSfe3JoTJQid5LUle2or1
vF5Y4wjleCrrB2D+pY3vd6UfC0yavyl9v0Ci0o9jzcRHAL4TFU4SbkLH53ZY99JZ
wFZECBkZsB8nvNaAjYSNj8PLRMNPLnA6xwIDAQABo4IB4TCCAd0wHQYDVR0OBBYE
FNPSN0AQ/kANhvrGVDH4pxeKVxo9MB8GA1UdIwQYMBaAFNckwtkNW8yf2lR1XvyM
kDrLAdAuMA4GA1UdDwEB/wQEAwIHgDBnBgNVHR8EYDBeMFygWqBYhlZyc3luYzov
L3JzeW5jLnJwa2kubmxuZXRsYWJzLm5sL3JlcG8vY2EvMC9ENzI0QzJEOTBENUJD
QzlGREE1NDc1NUVGQzhDOTAzQUNCMDFEMDJFLmNybDBkBggrBgEFBQcBAQRYMFYw
VAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RF
RkFVTFQvMXlUQzJRMWJ6Sl9hVkhWZV9JeVFPc3NCMEM0LmNlcjCBgAYIKwYBBQUH
AQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3JzeW5jLnJwa2kubmxuZXRsYWJz
Lm5sL3JlcG8vY2EvMC8zMTM4MzUyZTM0MzkyZTMxMzQzMzJlMzAyZjMyMzQyZDMy
MzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5MY8wDQYJKoZIhvcNAQEL
BQADggEBAC4H0yGbo5sSWR5nMY/w35aazPgAd9NETyLaWXFCxGf4HYr62RSToF2f
lsowMgB1y0SprUu4NO99QzmT6CkoD9A6+rGjfd6K62jOHeqphkuyO2/hAskTUqDd
9UDXDXEunXOAnRPg5G/YM3nOaLCtTAxFjHUpgr3S1M4GR+iZTlnYk8Y8yBzuMwHp
6TRvGroJd5eNLVcxD/4D+WKDK7DA+6cRjHzon7iwuWFWQhEDGfqgp5WpriuAJFvt
FfG7cogStIUn9VHpMzcMx0p9RWV+ihcw95xQUKolCOI3WAYwS0B1QPMwMivzp2+g
zQZGLHtVzlSgm4RqnSAMlZlT1uzOfjA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:35:21 2025 by rpki-client