Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twaSQ3Hl8ukQFWk9ALZQAZ_4q8w.roa
File: twaSQ3Hl8ukQFWk9ALZQAZ_4q8w.roa (raw, json)
Hash identifier: J56o9wkzoJ5oYqitFnJrfWrtM7iA8pEDOKC/Nq1JEBU=
Subject key identifier: B7:06:92:43:71:E5:F2:E9:10:15:69:3D:00:B6:50:01:9F:F8:AB:CC
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F735D002F60596AB9A7847E322F33D7CC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twaSQ3Hl8ukQFWk9ALZQAZ_4q8w.roa
Signing time: Mon 13 May 2024 19:10:25 +0000
ROA not before: Mon 13 May 2024 19:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:73:5d:00:2f:60:59:6a:b9:a7:84:7e:32:2f:33:d7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 13 19:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b706924371e5f2e91015693d00b650019ff8abcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:04:c6:1c:52:ed:8d:93:94:ea:5d:9f:ed:28:
40:aa:cf:d0:4c:77:80:3c:cf:6d:3e:cf:be:d3:de:
f1:dc:81:1d:dd:73:d2:0c:53:d5:51:86:da:e4:f6:
09:a7:44:90:18:ec:58:4b:eb:19:5e:3d:19:a3:2a:
16:b0:fc:20:3f:4a:69:7c:57:10:99:37:39:4e:f5:
a0:05:83:86:80:f7:06:a5:ec:23:43:07:a7:a2:ec:
39:e1:c5:82:ad:93:02:eb:2c:2a:3b:ac:87:15:4c:
22:fc:60:2f:f4:fc:fe:7c:5d:f7:ca:c8:58:e9:1d:
58:f9:b7:be:f6:97:f0:57:d1:20:8e:8a:55:ed:b7:
d4:54:4b:e3:f1:14:27:ff:6f:34:03:93:c0:b7:83:
14:62:2a:42:93:56:81:c6:23:72:da:98:85:ce:41:
10:ce:25:93:7b:18:03:9c:93:12:94:b5:35:bf:c3:
e4:f8:d5:03:12:53:85:95:88:ff:3a:e0:57:93:48:
d5:da:a7:33:df:95:73:3d:e5:e8:d7:ef:34:0b:1b:
e2:40:26:70:17:4e:c1:4c:d5:21:e5:26:bf:71:0c:
15:fd:b9:7b:2b:c2:ab:fe:bf:02:f6:c9:10:53:9b:
d6:a9:ac:10:eb:b8:3a:f1:5b:88:ed:6d:ff:2f:e7:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:92:43:71:E5:F2:E9:10:15:69:3D:00:B6:50:01:9F:F8:AB:CC
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twaSQ3Hl8ukQFWk9ALZQAZ_4q8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:2c:55:05:7b:09:74:f9:87:e3:fa:d2:35:d5:39:79:18:c5:
51:70:cc:7e:7d:f8:36:68:0a:a6:28:b7:4d:d1:03:73:b4:d3:
13:31:bb:37:7a:be:94:50:d9:3e:7b:e1:82:27:67:0f:39:6f:
76:47:5e:06:a4:15:09:ee:16:24:98:88:c6:84:b3:ca:61:1b:
b0:c4:9b:0a:1b:82:b5:0f:35:c9:b6:8f:5d:95:8f:a9:1b:17:
42:c2:d0:1f:44:16:45:3e:c1:37:4b:7c:da:ea:60:43:3f:c7:
5f:fe:c0:eb:63:a1:ca:55:af:a5:b4:3f:2a:3e:ad:7f:ee:27:
34:1c:89:21:46:e2:b9:d1:d7:03:fc:a6:b5:8f:ed:03:a2:14:
f1:25:b0:4e:91:28:2d:2d:87:e8:6e:e0:20:fe:eb:e0:32:07:
70:25:96:62:f9:95:8e:5a:d2:fd:2e:fc:18:d1:7e:11:06:46:
3e:39:e1:55:ca:96:2c:bd:94:0d:fb:91:87:f9:15:b4:6e:37:
c2:6d:72:d0:55:c0:ec:29:a4:63:dd:25:ab:7e:83:cc:4e:5a:
09:55:14:62:ba:79:54:41:a9:f1:be:1f:f5:83:db:98:cf:0a:
85:c4:10:86:39:55:b2:91:5d:aa:11:72:6e:d8:2c:de:ce:9c:
a4:74:03:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9zXQAvYFlquaeEfjIvM9fMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEzMTkxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA2OTI0MzcxZTVmMmU5MTAxNTY5M2QwMGI2NTAwMTlmZjhhYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuATGHFLtjZOU6l2f7ShAqs/QTHeA
PM9tPs++097x3IEd3XPSDFPVUYba5PYJp0SQGOxYS+sZXj0ZoyoWsPwgP0ppfFcQ
mTc5TvWgBYOGgPcGpewjQwenouw54cWCrZMC6ywqO6yHFUwi/GAv9Pz+fF33yshY
6R1Y+be+9pfwV9EgjopV7bfUVEvj8RQn/280A5PAt4MUYipCk1aBxiNy2piFzkEQ
ziWTexgDnJMSlLU1v8Pk+NUDElOFlYj/OuBXk0jV2qcz35VzPeXo1+80CxviQCZw
F07BTNUh5Sa/cQwV/bl7K8Kr/r8C9skQU5vWqawQ67g68VuI7W3/L+eTEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcGkkNx5fLpEBVpPQC2UAGf+KvMMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdHdhU1EzSGw4dWtRRldrOUFMWlFBWl80cTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAEsVQV7CXT5h+P60jXV
OXkYxVFwzH59+DZoCqYot03RA3O00xMxuzd6vpRQ2T574YInZw85b3ZHXgakFQnu
FiSYiMaEs8phG7DEmwobgrUPNcm2j12Vj6kbF0LC0B9EFkU+wTdLfNrqYEM/x1/+
wOtjocpVr6W0Pyo+rX/uJzQciSFG4rnR1wP8prWP7QOiFPElsE6RKC0th+hu4CD+
6+AyB3AllmL5lY5a0v0u/BjRfhEGRj454VXKliy9lA37kYf5FbRuN8JtctBVwOwp
pGPdJat+g8xOWglVFGK6eVRBqfG+H/WD25jPCoXEEIY5VbKRXaoRcm7YLN7OnKR0
A68=
-----END CERTIFICATE-----
Generated at Sat May 3 06:06:47 2025 by rpki-client