Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TlwVzkiK6kvnD4I1CTRkuCm74W0.roa
File: TlwVzkiK6kvnD4I1CTRkuCm74W0.roa (raw, json)
Hash identifier: em/J5Cbtb2s2SOBKlmdepSE1MfsKmyBtiwiB+FQmA20=
Subject key identifier: 4E:5C:15:CE:48:8A:EA:4B:E7:0F:82:35:09:34:64:B8:29:BB:E1:6D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F317FC629ED6F867CF3BA85A0630F0446
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TlwVzkiK6kvnD4I1CTRkuCm74W0.roa
Signing time: Wed 01 May 2024 00:13:28 +0000
ROA not before: Wed 01 May 2024 00:13:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:7f:c6:29:ed:6f:86:7c:f3:ba:85:a0:63:0f:04:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 1 00:13:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e5c15ce488aea4be70f8235093464b829bbe16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a7:10:e9:e3:89:a4:d2:8a:6e:73:cb:62:5a:
8a:8c:bd:56:57:3d:bb:16:ce:2b:54:f5:55:3a:c5:
8b:d6:8b:8e:5a:67:f6:f0:88:0c:f1:54:a5:4e:c9:
e6:f8:ef:a2:bb:15:0c:52:d0:50:ab:3f:44:21:c6:
c9:76:1a:37:c1:f5:37:2d:4c:8b:85:11:26:8b:67:
b1:7a:b9:4e:2a:ec:32:22:e6:dc:54:4f:b4:23:e0:
50:a5:17:47:b3:d1:dd:d3:c7:2f:86:46:d4:29:36:
c6:e6:c4:f0:79:ac:35:fa:57:d9:9c:c3:da:30:99:
b7:55:ee:2b:f0:a5:d7:ed:a0:6d:d3:6f:85:22:81:
58:0f:0e:e4:4d:6b:63:87:22:f0:28:e0:5c:80:a5:
14:64:45:1f:d2:16:9e:74:da:93:5d:d5:09:2c:4e:
0a:83:5e:80:ca:1d:86:b0:75:2c:f6:91:98:68:2a:
4c:f0:6d:ea:4a:e9:cd:a5:d4:38:51:b1:95:36:b5:
77:3d:91:29:ba:87:17:1b:c5:52:03:32:31:86:bd:
34:a3:cf:6a:02:fb:10:45:6d:b8:a0:98:20:14:25:
54:92:7b:44:49:15:1b:5d:b5:2b:de:c1:e6:2c:e8:
3e:4e:f7:8f:67:39:e6:03:5b:93:7e:bd:3d:29:cb:
8e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5C:15:CE:48:8A:EA:4B:E7:0F:82:35:09:34:64:B8:29:BB:E1:6D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TlwVzkiK6kvnD4I1CTRkuCm74W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:73:27:4a:bc:91:c0:17:e9:a2:99:db:a3:51:dd:b0:4e:3e:
32:11:be:7f:48:db:8e:a6:07:7b:4a:23:87:2e:56:11:2d:5b:
fc:4a:6f:18:03:ee:b6:90:19:de:63:db:4d:c3:9b:c4:57:f5:
1a:65:e1:e0:ea:09:8d:42:a3:bd:61:b2:ca:37:f0:a9:f3:39:
c0:41:ad:04:25:70:a7:ea:b6:50:80:65:2a:2d:93:04:61:72:
5c:89:75:d1:0c:db:ab:51:1b:99:94:73:28:c7:dd:61:01:5a:
72:f2:43:99:84:a3:7f:01:f3:48:92:cc:da:0b:69:06:92:ec:
63:5d:e5:1e:05:d3:2b:e6:fd:bd:a1:4e:30:1e:fc:5d:4c:a3:
13:41:a9:51:1f:21:1d:80:d2:66:c6:16:8f:06:4d:73:91:50:
97:4f:03:9a:66:62:61:27:93:ef:71:50:16:1f:a2:88:19:a5:
13:bc:10:42:32:f3:5e:7d:5a:e0:71:8c:81:1b:f7:dd:9b:93:
f7:8b:90:df:43:fc:2c:1a:ca:b5:a7:87:0a:25:70:7b:c7:41:
16:4e:3a:90:21:ad:34:1c:9e:68:2c:07:a9:9c:69:ec:56:26:
b9:49:25:94:65:db:1e:77:5f:5c:f4:bf:42:d5:fd:8d:e5:49:
4e:fa:b2:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8xf8Yp7W+GfPO6haBjDwRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAxMDAxMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVjMTVjZTQ4OGFlYTRiZTcwZjgyMzUwOTM0NjRiODI5YmJlMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKcQ6eOJpNKKbnPLYlqKjL1WVz27
Fs4rVPVVOsWL1ouOWmf28IgM8VSlTsnm+O+iuxUMUtBQqz9EIcbJdho3wfU3LUyL
hREmi2exerlOKuwyIubcVE+0I+BQpRdHs9Hd08cvhkbUKTbG5sTweaw1+lfZnMPa
MJm3Ve4r8KXX7aBt02+FIoFYDw7kTWtjhyLwKOBcgKUUZEUf0haedNqTXdUJLE4K
g16Ayh2GsHUs9pGYaCpM8G3qSunNpdQ4UbGVNrV3PZEpuocXG8VSAzIxhr00o89q
AvsQRW24oJggFCVUkntESRUbXbUr3sHmLOg+TvePZznmA1uTfr09KcuOYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5cFc5IiupL5w+CNQk0ZLgpu+FtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVGx3VnpraUs2a3ZuRDRJMUNUUmt1Q203NFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNzJ0q8kcAX6aKZ26NR
3bBOPjIRvn9I246mB3tKI4cuVhEtW/xKbxgD7raQGd5j203Dm8RX9Rpl4eDqCY1C
o71hsso38KnzOcBBrQQlcKfqtlCAZSotkwRhclyJddEM26tRG5mUcyjH3WEBWnLy
Q5mEo38B80iSzNoLaQaS7GNd5R4F0yvm/b2hTjAe/F1MoxNBqVEfIR2A0mbGFo8G
TXORUJdPA5pmYmEnk+9xUBYfoogZpRO8EEIy8159WuBxjIEb992bk/eLkN9D/Cwa
yrWnhwolcHvHQRZOOpAhrTQcnmgsB6mcaexWJrlJJZRl2x53X1z0v0LV/Y3lSU76
soo=
-----END CERTIFICATE-----
Generated at Thu May 1 20:23:11 2025 by rpki-client