Route Origin Authorization
$ rpki-client -vvf rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e2031313333.roa
File: 323030313a3766633a3a2f34372d3437203d3e2031313333.roa (raw, json)
Hash identifier: ejg+jEbuL2i1hDUn1R9MOwaxcWmnigjTZCECnuc2ogQ=
Subject key identifier: 41:A9:73:EF:38:E5:9A:15:0F:DB:C3:11:72:3A:CC:2D:DF:60:62:47
Certificate issuer: /CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Certificate serial: 50EB0124B3D9880DA1A735BE95F2088DCA80DCAB
Authority key identifier: D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject info access: rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e2031313333.roa
Signing time: Fri 15 Jan 2021 11:01:48 +0000
ROA not before: Fri 15 Jan 2021 10:56:48 +0000
ROA not after: Fri 14 Jan 2022 11:01:48 +0000
asID: 1133
IP address blocks: 2001:7fc::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:eb:01:24:b3:d9:88:0d:a1:a7:35:be:95:f2:08:8d:ca:80:dc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d724c2d90d5bcc9fda54755efc8c903acb01d02e
Validity
Not Before: Jan 15 10:56:48 2021 GMT
Not After : Jan 14 11:01:48 2022 GMT
Subject: CN=3082010A0282010100F6006982477CBAA25E1EDEF5E03A49C4688949D9F9F5383B4FF1F92CF9F43C6ED2DF0358EAA44A0F861EC376AE386A4CE123B708E28BA6F191E2564D6637209ED5DAB11517030E10325940B4D5B70D0C497E1211988438AE5B8A6944E278C2F342A253A1084F755981818EA6721EBEC8B017B1A193DEE2C598018C34D3236E0DF332890B1F1AB55E8EB06847AAF47CF98C679D380E5AC73A8F07E14172C780EBB79C8D38A4AD705170E8EBA4178AE4BB2DE76B3537E0444DEB69488D482D4DC4B04CD673E409D3D49EC6AE0E0AB08B3A61D10EFD5FE75A5F3A4244CFDC61E26027E34271B941ADAD1C9790F4EF2161EBE3F53720F74DD53FF5826C9F4C5365E70203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:00:69:82:47:7c:ba:a2:5e:1e:de:f5:e0:3a:
49:c4:68:89:49:d9:f9:f5:38:3b:4f:f1:f9:2c:f9:
f4:3c:6e:d2:df:03:58:ea:a4:4a:0f:86:1e:c3:76:
ae:38:6a:4c:e1:23:b7:08:e2:8b:a6:f1:91:e2:56:
4d:66:37:20:9e:d5:da:b1:15:17:03:0e:10:32:59:
40:b4:d5:b7:0d:0c:49:7e:12:11:98:84:38:ae:5b:
8a:69:44:e2:78:c2:f3:42:a2:53:a1:08:4f:75:59:
81:81:8e:a6:72:1e:be:c8:b0:17:b1:a1:93:de:e2:
c5:98:01:8c:34:d3:23:6e:0d:f3:32:89:0b:1f:1a:
b5:5e:8e:b0:68:47:aa:f4:7c:f9:8c:67:9d:38:0e:
5a:c7:3a:8f:07:e1:41:72:c7:80:eb:b7:9c:8d:38:
a4:ad:70:51:70:e8:eb:a4:17:8a:e4:bb:2d:e7:6b:
35:37:e0:44:4d:eb:69:48:8d:48:2d:4d:c4:b0:4c:
d6:73:e4:09:d3:d4:9e:c6:ae:0e:0a:b0:8b:3a:61:
d1:0e:fd:5f:e7:5a:5f:3a:42:44:cf:dc:61:e2:60:
27:e3:42:71:b9:41:ad:ad:1c:97:90:f4:ef:21:61:
eb:e3:f5:37:20:f7:4d:d5:3f:f5:82:6c:9f:4c:53:
65:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A9:73:EF:38:E5:9A:15:0F:DB:C3:11:72:3A:CC:2D:DF:60:62:47
X509v3 Authority Key Identifier:
keyid:D7:24:C2:D9:0D:5B:CC:9F:DA:54:75:5E:FC:8C:90:3A:CB:01:D0:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/D724C2D90D5BCC9FDA54755EFC8C903ACB01D02E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yTC2Q1bzJ_aVHVe_IyQOssB0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rpki.nlnetlabs.nl/repo/ca/0/323030313a3766633a3a2f34372d3437203d3e2031313333.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:7fc::/47
Signature Algorithm: sha256WithRSAEncryption
5b:68:73:49:42:52:19:fa:b9:07:07:d6:c4:39:85:a0:27:26:
92:91:e9:47:b6:47:41:2c:cf:f2:bc:53:e2:9a:2c:44:02:e1:
8b:69:8c:55:b2:b5:9c:59:cd:a8:3b:49:1f:0a:ed:22:99:27:
f5:e8:fc:65:70:d8:0c:1c:cd:37:65:12:01:4c:72:fb:0a:c3:
43:e0:27:ad:ba:9f:f1:1a:be:8f:3e:bf:d0:5c:2f:0a:47:2f:
de:67:3c:dd:ab:be:5c:c4:9d:60:d8:8d:05:8d:92:6e:ce:bc:
c0:30:3f:21:00:34:b8:47:08:04:2f:c5:da:9e:fd:1d:9f:49:
7b:b3:3a:61:48:48:d0:14:2b:af:ef:e8:34:08:5e:e9:9d:34:
c1:07:5b:db:98:2a:e9:6b:05:71:b8:0e:54:b3:0f:d0:3c:4b:
39:e2:14:03:09:c6:1a:d8:37:40:18:69:9e:b3:98:2c:6a:29:
05:7f:f3:5f:ba:f7:98:30:b9:cb:e0:f3:3a:30:11:52:aa:33:
fb:4c:53:8e:4b:bf:94:54:a7:a0:c6:93:a3:13:f5:08:dc:cc:
e1:ce:0e:bc:e4:3a:73:d7:29:db:1a:42:7d:7d:1d:d4:b3:2c:
7a:b2:2e:db:19:1c:35:7f:62:5a:b0:b7:41:69:69:84:e5:c7:
83:18:f3:b8
-----BEGIN CERTIFICATE-----
MIIGzzCCBbegAwIBAgIUUOsBJLPZiA2hpzW+lfIIjcqA3KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDcyNGMyZDkwZDViY2M5ZmRhNTQ3NTVlZmM4YzkwM2Fj
YjAxZDAyZTAeFw0yMTAxMTUxMDU2NDhaFw0yMjAxMTQxMTAxNDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRjYwMDY5ODI0NzdDQkFBMjVF
MUVERUY1RTAzQTQ5QzQ2ODg5NDlEOUY5RjUzODNCNEZGMUY5MkNGOUY0M0M2RUQy
REYwMzU4RUFBNDRBMEY4NjFFQzM3NkFFMzg2QTRDRTEyM0I3MDhFMjhCQTZGMTkx
RTI1NjRENjYzNzIwOUVENURBQjExNTE3MDMwRTEwMzI1OTQwQjRENUI3MEQwQzQ5
N0UxMjExOTg4NDM4QUU1QjhBNjk0NEUyNzhDMkYzNDJBMjUzQTEwODRGNzU1OTgx
ODE4RUE2NzIxRUJFQzhCMDE3QjFBMTkzREVFMkM1OTgwMThDMzREMzIzNkUwREYz
MzI4OTBCMUYxQUI1NUU4RUIwNjg0N0FBRjQ3Q0Y5OEM2NzlEMzgwRTVBQzczQThG
MDdFMTQxNzJDNzgwRUJCNzlDOEQzOEE0QUQ3MDUxNzBFOEVCQTQxNzhBRTRCQjJE
RTc2QjM1MzdFMDQ0NERFQjY5NDg4RDQ4MkQ0REM0QjA0Q0Q2NzNFNDA5RDNENDlF
QzZBRTBFMEFCMDhCM0E2MUQxMEVGRDVGRTc1QTVGM0E0MjQ0Q0ZEQzYxRTI2MDI3
RTM0MjcxQjk0MUFEQUQxQzk3OTBGNEVGMjE2MUVCRTNGNTM3MjBGNzRERDUzRkY1
ODI2QzlGNEM1MzY1RTcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA9gBpgkd8uqJeHt714DpJxGiJSdn59Tg7T/H5LPn0PG7S3wNY6qRK
D4Yew3auOGpM4SO3COKLpvGR4lZNZjcgntXasRUXAw4QMllAtNW3DQxJfhIRmIQ4
rluKaUTieMLzQqJToQhPdVmBgY6mch6+yLAXsaGT3uLFmAGMNNMjbg3zMokLHxq1
Xo6waEeq9Hz5jGedOA5axzqPB+FBcseA67ecjTikrXBRcOjrpBeK5Lst52s1N+BE
TetpSI1ILU3EsEzWc+QJ09Sexq4OCrCLOmHRDv1f51pfOkJEz9xh4mAn40JxuUGt
rRyXkPTvIWHr4/U3IPdN1T/1gmyfTFNl5wIDAQABo4IB3TCCAdkwHQYDVR0OBBYE
FEGpc+845ZoVD9vDEXI6zC3fYGJHMB8GA1UdIwQYMBaAFNckwtkNW8yf2lR1XvyM
kDrLAdAuMA4GA1UdDwEB/wQEAwIHgDBnBgNVHR8EYDBeMFygWqBYhlZyc3luYzov
L3JzeW5jLnJwa2kubmxuZXRsYWJzLm5sL3JlcG8vY2EvMC9ENzI0QzJEOTBENUJD
QzlGREE1NDc1NUVGQzhDOTAzQUNCMDFEMDJFLmNybDBkBggrBgEFBQcBAQRYMFYw
VAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RF
RkFVTFQvMXlUQzJRMWJ6Sl9hVkhWZV9JeVFPc3NCMEM0LmNlcjB6BggrBgEFBQcB
CwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcnN5bmMucnBraS5ubG5ldGxhYnMu
bmwvcmVwby9jYS8wLzMyMzAzMDMxM2EzNzY2NjMzYTNhMmYzNDM3MmQzNDM3MjAz
ZDNlMjAzMTMxMzMzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABB/wAADANBgkqhkiG9w0BAQsFAAOC
AQEAW2hzSUJSGfq5BwfWxDmFoCcmkpHpR7ZHQSzP8rxT4posRALhi2mMVbK1nFnN
qDtJHwrtIpkn9ej8ZXDYDBzNN2USAUxy+wrDQ+Anrbqf8Rq+jz6/0FwvCkcv3mc8
3au+XMSdYNiNBY2Sbs68wDA/IQA0uEcIBC/F2p79HZ9Je7M6YUhI0BQrr+/oNAhe
6Z00wQdb25gq6WsFcbgOVLMP0DxLOeIUAwnGGtg3QBhpnrOYLGopBX/zX7r3mDC5
y+DzOjARUqoz+0xTjku/lFSnoMaToxP1CNzM4c4OvOQ6c9cp2xpCfX0d1LMserIu
2xkcNX9iWrC3QWlphOXHgxjzuA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:46:41 2025 by rpki-client