Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Nlb2C9iyf3tTnXhrzW8CZJVpXXY.roa
File: Nlb2C9iyf3tTnXhrzW8CZJVpXXY.roa (raw, json)
Hash identifier: UTJJ+jWnYhruj/X0mxCbv1ic/zsjI140AmAxmzOlLXc=
Subject key identifier: 36:56:F6:0B:D8:B2:7F:7B:53:9D:78:6B:CD:6F:02:64:95:69:5D:76
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5CDD0A5B139109659C8CABD187818281
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Nlb2C9iyf3tTnXhrzW8CZJVpXXY.roa
Signing time: Sun 03 Sep 2023 21:05:04 +0000
ROA not before: Sun 03 Sep 2023 21:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:5cdc:4e25/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:dd:0a:5b:13:91:09:65:9c:8c:ab:d1:87:81:82:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 21:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3656f60bd8b27f7b539d786bcd6f026495695d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:95:d2:e0:50:76:ae:ca:9c:88:6b:86:bb:9c:
05:57:83:b7:40:00:61:4c:32:5e:84:eb:06:0d:b6:
76:1a:2a:70:94:70:b0:7d:bd:fe:cc:e1:f2:68:03:
c0:ad:bf:2b:e9:d8:9b:bf:aa:0d:42:fe:7f:68:a7:
05:87:8d:93:2b:2e:c8:7e:b1:a8:e2:83:b7:de:45:
e9:2d:78:44:5e:e6:9e:69:5f:fd:93:09:05:95:28:
ad:39:6d:70:d3:66:93:65:bc:c5:51:fc:29:a1:cb:
a1:84:20:e3:7b:7d:b4:8c:0f:f6:77:04:57:47:53:
39:02:57:1f:dc:25:12:f4:a0:ab:be:e6:3a:12:12:
35:3b:7e:3c:97:76:05:6a:56:a8:19:4b:af:65:63:
78:3e:55:f6:f0:42:d4:ce:73:86:94:03:3c:4f:0e:
d9:61:c7:ee:86:35:1a:d8:af:b9:86:16:fd:86:60:
b0:bb:fc:16:2f:98:a4:9c:f2:e3:1f:78:5d:0e:5c:
9c:4a:b8:f4:e3:ba:9a:b8:39:53:ea:0b:2a:2c:64:
b1:3f:15:a9:d7:e9:3b:4a:af:51:f5:45:a6:91:8b:
1c:9d:3f:67:b4:03:47:c7:fd:9b:cc:d7:7d:63:00:
29:aa:a3:ba:b1:d8:0f:f6:dd:c8:49:ef:f8:d2:48:
1e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:56:F6:0B:D8:B2:7F:7B:53:9D:78:6B:CD:6F:02:64:95:69:5D:76
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Nlb2C9iyf3tTnXhrzW8CZJVpXXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:fc:08:f5:8c:4b:f9:d3:f2:3f:59:60:06:31:13:df:20:79:
d2:3b:c8:7d:0e:01:92:10:aa:14:59:bf:80:28:a5:78:ca:35:
d9:09:4b:52:70:65:36:8c:04:fd:38:2d:48:46:39:c1:06:8b:
b0:3d:78:e2:16:b8:d9:81:91:d6:c1:9a:c2:9c:b6:58:e0:6f:
c2:8d:0d:6b:6c:df:92:3c:59:a2:3b:e9:3a:4d:bb:3e:89:ba:
5b:2a:81:b7:77:af:ed:46:20:10:05:2a:8b:9c:c4:cc:44:5e:
e5:cf:7b:19:d1:16:77:bf:ea:8c:67:81:e1:63:ba:32:07:8b:
56:f4:bc:75:d1:b6:be:9b:cc:62:ac:a7:13:20:c6:f4:0a:bc:
3a:2c:73:58:58:07:41:d0:42:22:c0:f9:f8:62:f2:64:33:66:
77:d5:d9:ac:32:67:c1:85:1a:a7:47:64:be:0d:de:7d:8b:a0:
2b:06:54:c0:6b:df:18:ca:b1:fb:a3:2c:b8:26:22:d6:42:cb:
21:fb:4a:96:77:79:5c:85:2c:2d:32:09:39:9b:8e:7b:38:94:
0e:ec:f2:eb:fa:a5:08:91:ee:af:10:05:bf:98:7b:9e:e2:86:
3b:3c:29:1a:7b:d4:bf:d8:6e:8b:95:f4:8b:47:28:43:7c:8c:
88:c6:1c:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpc3QpbE5EJZZyMq9GHgYKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMjEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjU2ZjYwYmQ4YjI3ZjdiNTM5ZDc4NmJjZDZmMDI2NDk1Njk1ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJXS4FB2rsqciGuGu5wFV4O3QABh
TDJehOsGDbZ2GipwlHCwfb3+zOHyaAPArb8r6dibv6oNQv5/aKcFh42TKy7IfrGo
4oO33kXpLXhEXuaeaV/9kwkFlSitOW1w02aTZbzFUfwpocuhhCDje320jA/2dwRX
R1M5Alcf3CUS9KCrvuY6EhI1O348l3YFalaoGUuvZWN4PlX28ELUznOGlAM8Tw7Z
YcfuhjUa2K+5hhb9hmCwu/wWL5iknPLjH3hdDlycSrj047qauDlT6gsqLGSxPxWp
1+k7Sq9R9UWmkYscnT9ntANHx/2bzNd9YwApqqO6sdgP9t3ISe/40kgeVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDZW9gvYsn97U514a81vAmSVaV12MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvTmxiMkM5aXlmM3RUblhocnpXOENaSlZwWFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF38CPWMS/nT8j9ZYAYx
E98gedI7yH0OAZIQqhRZv4AopXjKNdkJS1JwZTaMBP04LUhGOcEGi7A9eOIWuNmB
kdbBmsKctljgb8KNDWts35I8WaI76TpNuz6Julsqgbd3r+1GIBAFKoucxMxEXuXP
exnRFne/6oxngeFjujIHi1b0vHXRtr6bzGKspxMgxvQKvDosc1hYB0HQQiLA+fhi
8mQzZnfV2awyZ8GFGqdHZL4N3n2LoCsGVMBr3xjKsfujLLgmItZCyyH7SpZ3eVyF
LC0yCTmbjns4lA7s8uv6pQiR7q8QBb+Ye57ihjs8KRp71L/YbouV9ItHKEN8jIjG
HBs=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:47 2023 by rpki-client on console.sobornost.net