Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TZutnAwPrlv-Wrl-jSV9dVerL9o.roa
File: TZutnAwPrlv-Wrl-jSV9dVerL9o.roa (raw, json)
Hash identifier: UNO942zpIpM6hVKo6GlYycc2DXMHJxZttjwjwX0B7Vk=
Subject key identifier: 4D:9B:AD:9C:0C:0F:AE:5B:FE:5A:B9:7E:8D:25:7D:75:57:AB:2F:DA
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F92E97553EA49A55E558E712B6661EF20
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TZutnAwPrlv-Wrl-jSV9dVerL9o.roa
Signing time: Sun 19 May 2024 22:12:04 +0000
ROA not before: Sun 19 May 2024 22:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:92:e9:75:53:ea:49:a5:5e:55:8e:71:2b:66:61:ef:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 19 22:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d9bad9c0c0fae5bfe5ab97e8d257d7557ab2fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:48:33:c1:52:e9:ac:84:6f:19:87:8e:45:
00:de:88:82:d3:e8:de:10:31:f5:93:64:c0:9d:69:
1e:28:84:58:03:34:c9:85:7b:99:33:6b:3c:21:fa:
27:b5:2c:9e:16:57:cc:60:a2:01:7d:fc:9c:91:4e:
f2:2a:a4:a3:8c:1b:2b:cf:54:4c:1a:d6:bd:af:7d:
af:64:f2:03:d5:0c:a8:54:85:61:a4:c8:40:3f:7e:
d7:0d:aa:95:19:20:74:c6:7d:40:cd:55:51:de:1a:
52:d5:19:ae:24:09:ec:1e:5f:9d:9a:8e:90:c9:94:
9a:f3:7c:3c:86:36:68:ad:64:03:cb:14:0e:d7:b8:
bd:c7:cf:8a:1a:65:c0:8b:2f:97:1f:e0:0c:fe:cb:
24:6c:1f:62:53:9e:cc:d4:e5:1f:c7:86:16:d9:3b:
e6:27:17:9d:42:b4:b0:60:c3:27:34:d1:9c:f3:03:
6b:fd:14:8f:96:db:48:4d:1c:f7:fa:70:d9:db:e9:
bf:b8:dd:9a:a6:14:46:d0:72:63:f3:ba:dc:9d:e9:
60:57:05:a8:d7:54:7d:74:c6:22:1f:40:5e:74:d9:
ba:79:ff:02:7a:b1:4f:35:a0:b2:14:2d:ee:b8:b0:
87:34:25:fd:d2:43:77:c3:00:ea:0c:f6:07:56:d8:
08:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9B:AD:9C:0C:0F:AE:5B:FE:5A:B9:7E:8D:25:7D:75:57:AB:2F:DA
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TZutnAwPrlv-Wrl-jSV9dVerL9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cd:7e:21:cc:e7:a5:e9:e6:cf:c7:c8:8c:bf:02:bd:90:9f:da:
c2:e5:33:59:30:ba:1a:89:c8:91:63:10:97:3b:74:c3:dc:02:
7a:69:38:62:67:8c:98:d4:a3:d3:aa:f1:39:65:18:4a:7f:91:
c7:f2:6a:fe:52:04:34:f7:c6:7f:f3:b8:ae:31:fd:f6:de:1f:
e8:11:95:f2:67:c4:0c:b5:1e:b5:10:3b:a9:76:b5:b4:60:44:
a6:0d:e8:9e:3b:52:e0:c6:4a:8d:e0:3d:75:8a:c6:05:d0:b9:
cc:15:c6:89:3a:97:46:7e:c8:b5:2c:fd:32:c3:15:0c:a8:01:
81:31:39:69:25:4b:5a:3e:d9:c2:8e:97:9a:ce:4f:75:63:ab:
42:d4:d4:d0:e3:45:e8:4d:02:6d:63:85:e8:59:64:79:b2:da:
68:3f:26:06:8c:44:16:cc:02:9a:f7:67:ef:99:ed:22:5b:2c:
6b:42:c9:6e:ab:20:67:ac:17:88:39:97:5a:56:f0:48:00:0b:
4b:bf:b7:a1:f9:8a:ff:0f:d1:65:63:2a:4a:aa:d5:9e:8b:a3:
43:d9:f0:25:2b:21:93:66:13:8d:0c:fc:14:e8:c4:c0:e9:7c:
ca:c6:50:62:96:d5:63:fe:cf:4e:d3:e2:fc:b5:70:4f:86:e7:
e0:3f:c6:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+S6XVT6kmlXlWOcStmYe8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE5MjIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDliYWQ5YzBjMGZhZTViZmU1YWI5N2U4ZDI1N2Q3NTU3YWIyZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYhIM8FS6ayEbxmHjkUA3oiC0+je
EDH1k2TAnWkeKIRYAzTJhXuZM2s8IfontSyeFlfMYKIBffyckU7yKqSjjBsrz1RM
Gta9r32vZPID1QyoVIVhpMhAP37XDaqVGSB0xn1AzVVR3hpS1RmuJAnsHl+dmo6Q
yZSa83w8hjZorWQDyxQO17i9x8+KGmXAiy+XH+AM/sskbB9iU57M1OUfx4YW2Tvm
JxedQrSwYMMnNNGc8wNr/RSPlttITRz3+nDZ2+m/uN2aphRG0HJj87rcnelgVwWo
11R9dMYiH0BedNm6ef8CerFPNaCyFC3uuLCHNCX90kN3wwDqDPYHVtgIZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE2brZwMD65b/lq5fo0lfXVXqy/aMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVFp1dG5Bd1BybHYtV3JsLWpTVjlkVmVyTDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM1+Icznpenmz8fIjL8C
vZCf2sLlM1kwuhqJyJFjEJc7dMPcAnppOGJnjJjUo9Oq8TllGEp/kcfyav5SBDT3
xn/zuK4x/fbeH+gRlfJnxAy1HrUQO6l2tbRgRKYN6J47UuDGSo3gPXWKxgXQucwV
xok6l0Z+yLUs/TLDFQyoAYExOWklS1o+2cKOl5rOT3Vjq0LU1NDjRehNAm1jhehZ
ZHmy2mg/JgaMRBbMApr3Z++Z7SJbLGtCyW6rIGesF4g5l1pW8EgAC0u/t6H5iv8P
0WVjKkqq1Z6Lo0PZ8CUrIZNmE40M/BToxMDpfMrGUGKW1WP+z07T4vy1cE+G5+A/
xhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org