Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TPQYRraUS2YBS15ZvRjtzLvidhU.roa
File: TPQYRraUS2YBS15ZvRjtzLvidhU.roa (raw, json)
Hash identifier: 4Vk+mh33xmJ21+azNahSwGCv3nr61YUNpBz6yooFGUw=
Subject key identifier: 4C:F4:18:46:B6:94:4B:66:01:4B:5E:59:BD:18:ED:CC:BB:E2:76:15
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F7E8746E7AE60BEFABFE1EF98A760FE0B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TPQYRraUS2YBS15ZvRjtzLvidhU.roa
Signing time: Wed 15 May 2024 23:12:25 +0000
ROA not before: Wed 15 May 2024 23:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7e:87:46:e7:ae:60:be:fa:bf:e1:ef:98:a7:60:fe:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 23:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cf41846b6944b66014b5e59bd18edccbbe27615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f0:91:34:b5:4e:86:d4:99:22:d7:5a:94:31:
8b:e8:53:18:5b:51:f5:85:52:21:cf:25:74:9b:67:
b7:4d:54:cd:51:53:a9:dc:14:07:5b:b8:8b:3a:9b:
1e:12:0f:c1:87:84:8f:14:e8:e3:ee:54:6e:a2:e7:
b8:48:a0:0b:54:18:c6:e6:ae:6a:d1:e7:d2:86:1c:
ab:92:4a:4d:96:71:a4:29:63:89:46:87:ec:eb:5b:
23:53:1a:62:34:33:ea:ad:d1:4c:d2:a4:0f:ec:57:
c4:6e:f0:eb:59:79:5e:7c:3f:8b:0a:65:e7:d7:d7:
15:bd:af:36:cd:ef:1f:0b:1b:0f:b6:70:ab:69:1d:
3b:f6:a2:23:42:f7:b3:3e:d2:8b:db:f5:cd:64:40:
73:aa:54:0c:64:4a:9d:91:66:04:39:6b:4a:ea:3e:
4a:14:9e:14:db:b9:44:e4:58:d1:85:7c:2c:13:66:
42:39:f0:52:06:9b:8c:65:67:47:dd:32:28:62:2f:
fc:f6:2a:f8:d3:51:3f:1c:2e:68:35:f6:6e:8c:69:
1d:2c:32:2c:95:c4:4a:7a:63:0a:94:c5:af:85:d9:
66:cb:bd:f3:13:68:c9:f4:06:36:ad:53:1e:0a:fa:
a0:e9:67:c2:e5:2d:ed:73:40:1b:17:29:6e:60:7e:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F4:18:46:B6:94:4B:66:01:4B:5E:59:BD:18:ED:CC:BB:E2:76:15
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TPQYRraUS2YBS15ZvRjtzLvidhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ed:55:e2:ec:24:7e:01:7e:80:c9:ee:2f:90:60:55:80:ea:
1b:bf:81:6e:3c:83:61:eb:7d:74:44:54:71:41:e4:22:44:53:
40:21:aa:74:43:bf:67:7f:06:ff:22:b0:a9:ae:c4:86:83:9a:
cc:97:a6:dc:57:10:7d:55:7f:3e:56:91:39:40:e9:52:63:82:
ca:fd:2e:e5:f6:77:29:e1:b0:ce:56:8c:82:86:91:14:06:b9:
e9:5b:d0:9a:c7:98:d7:d7:46:ac:ce:56:9e:a3:ab:de:c5:8a:
f2:fa:bc:4a:55:11:11:9b:b4:20:e0:58:e1:0d:15:6f:18:cc:
08:db:93:14:1c:c6:4c:d3:9b:46:a9:65:f7:cd:c0:e1:30:fa:
8e:85:3a:6d:a0:f7:55:2b:23:18:b8:1c:a7:50:f6:87:ae:d4:
48:73:bd:17:68:29:e8:31:d9:ad:82:2f:63:15:30:f6:5f:39:
b6:44:f4:8f:63:ee:01:1e:29:be:1b:79:b2:90:8e:56:e3:de:
ff:d8:ff:3f:46:85:cc:85:1f:2d:c8:b4:75:fd:c4:a3:0c:af:
96:a2:42:02:97:2e:f6:a8:fb:c2:a7:79:13:b4:ce:c1:bb:19:
1e:29:60:20:90:c0:fa:d1:d1:46:03:9a:6b:b6:f5:c6:d4:aa:
06:19:0e:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9+h0bnrmC++r/h75inYP4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MjMxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y0MTg0NmI2OTQ0YjY2MDE0YjVlNTliZDE4ZWRjY2JiZTI3NjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/CRNLVOhtSZItdalDGL6FMYW1H1
hVIhzyV0m2e3TVTNUVOp3BQHW7iLOpseEg/Bh4SPFOjj7lRuoue4SKALVBjG5q5q
0efShhyrkkpNlnGkKWOJRofs61sjUxpiNDPqrdFM0qQP7FfEbvDrWXlefD+LCmXn
19cVva82ze8fCxsPtnCraR079qIjQvezPtKL2/XNZEBzqlQMZEqdkWYEOWtK6j5K
FJ4U27lE5FjRhXwsE2ZCOfBSBpuMZWdH3TIoYi/89ir401E/HC5oNfZujGkdLDIs
lcRKemMKlMWvhdlmy73zE2jJ9AY2rVMeCvqg6WfC5S3tc0AbFyluYH5MQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEz0GEa2lEtmAUteWb0Y7cy74nYVMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVFBRWVJyYVVTMllCUzE1WnZSanR6THZpZGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD/tVeLsJH4BfoDJ7i+Q
YFWA6hu/gW48g2HrfXREVHFB5CJEU0AhqnRDv2d/Bv8isKmuxIaDmsyXptxXEH1V
fz5WkTlA6VJjgsr9LuX2dynhsM5WjIKGkRQGuelb0JrHmNfXRqzOVp6jq97FivL6
vEpVERGbtCDgWOENFW8YzAjbkxQcxkzTm0apZffNwOEw+o6FOm2g91UrIxi4HKdQ
9oeu1EhzvRdoKegx2a2CL2MVMPZfObZE9I9j7gEeKb4bebKQjlbj3v/Y/z9GhcyF
Hy3ItHX9xKMMr5aiQgKXLvao+8KneRO0zsG7GR4pYCCQwPrR0UYDmmu29cbUqgYZ
Dt8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org