Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twYSEluDdz8jFMVJiTkAyS5Rtnw.roa
File: twYSEluDdz8jFMVJiTkAyS5Rtnw.roa (raw, json)
Hash identifier: AihCZM/VwFT80AvLNIKVKqniN1ecSFj7f3yAfscz3UY=
Subject key identifier: B7:06:12:12:5B:83:77:3F:23:14:C5:49:89:39:00:C9:2E:51:B6:7C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F607C6703C4C0FA21C2DCBA1F1A05E57A
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twYSEluDdz8jFMVJiTkAyS5Rtnw.roa
Signing time: Fri 10 May 2024 03:11:56 +0000
ROA not before: Fri 10 May 2024 03:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:60:7c:67:03:c4:c0:fa:21:c2:dc:ba:1f:1a:05:e5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 10 03:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b70612125b83773f2314c549893900c92e51b67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4e:50:0d:9e:ac:72:f4:66:36:9a:65:30:d3:
54:59:75:a6:29:c4:88:25:e0:4f:4d:fe:37:2c:10:
7b:dc:a3:e0:a6:99:91:85:67:f1:fe:0b:ef:e7:bb:
a2:ff:21:99:1a:97:26:f9:c1:13:b3:75:dd:55:7f:
d6:64:d6:ce:9c:25:a5:3c:ec:e7:a1:ae:44:3a:8a:
e4:dc:fd:7b:7a:51:dc:40:e6:64:e6:2a:98:97:88:
ae:83:69:35:a6:70:17:93:e1:bb:36:95:40:fd:80:
20:7d:ef:fc:ee:17:0d:80:a3:d7:21:67:07:52:1b:
70:e1:e5:5a:5e:bf:b6:5f:f2:78:16:c6:e1:85:cb:
d5:88:57:80:e1:64:9c:25:0c:54:92:27:43:48:d8:
92:13:90:7e:6b:34:63:44:1e:03:04:49:b8:94:d6:
5e:e7:e8:5b:06:0e:b4:3b:2b:51:48:69:2f:66:16:
8c:13:43:39:f6:9a:45:ea:e3:36:d5:73:5e:50:e6:
ce:c0:2a:f1:4d:9a:0b:7e:08:70:b5:84:1b:0d:d8:
ae:6e:6b:e8:63:93:f8:e9:57:d8:8b:06:38:63:7f:
72:46:9f:b4:a6:37:3b:c7:ff:34:0c:57:d1:5e:b8:
bb:54:f2:ee:19:66:c8:f5:c2:40:29:d2:24:28:77:
aa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:12:12:5B:83:77:3F:23:14:C5:49:89:39:00:C9:2E:51:B6:7C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/twYSEluDdz8jFMVJiTkAyS5Rtnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:37:45:03:7f:55:0d:c8:f1:01:8a:c8:cb:77:05:a0:3c:23:
67:c6:b8:fb:05:55:0b:be:63:39:43:ee:8b:47:f9:92:91:ab:
1e:a6:ef:dc:57:0a:c0:ee:e8:a4:88:33:7e:61:94:f8:38:46:
90:a1:4a:a4:97:26:4a:4d:40:93:ec:0a:00:b9:d2:3c:18:bc:
31:cf:d4:cd:45:99:9d:ff:71:3a:76:0a:ec:fe:55:46:3e:1f:
16:d8:7b:61:64:8d:c1:a3:83:e4:62:d4:90:b8:9c:9c:04:80:
2a:8d:ca:c7:5d:92:cf:7e:76:53:88:e9:d7:55:b0:14:6e:db:
f6:ec:c8:d8:9a:c3:05:06:4b:0a:c4:31:09:04:10:64:b9:aa:
11:c5:51:d2:64:89:3a:14:6a:f5:4c:f9:8e:2b:49:15:c6:ac:
07:ad:9e:c3:5d:74:e3:a0:b1:f3:ff:d2:6c:4f:da:02:c9:43:
50:a6:59:76:f9:b2:9d:d9:dc:e8:9f:3d:4e:81:8b:4d:6d:6c:
07:7f:dc:9d:33:3d:80:a0:3f:26:3c:34:31:37:1e:83:e0:cb:
55:ae:e3:95:a2:d1:bd:84:63:29:66:a9:71:39:d7:77:54:0e:
34:13:8e:7b:a4:59:7f:55:9b:ad:0a:e4:da:d6:51:0a:ab:1f:
07:57:bf:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9gfGcDxMD6IcLcuh8aBeV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEwMDMxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA2MTIxMjViODM3NzNmMjMxNGM1NDk4OTM5MDBjOTJlNTFiNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E5QDZ6scvRmNpplMNNUWXWmKcSI
JeBPTf43LBB73KPgppmRhWfx/gvv57ui/yGZGpcm+cETs3XdVX/WZNbOnCWlPOzn
oa5EOork3P17elHcQOZk5iqYl4iug2k1pnAXk+G7NpVA/YAgfe/87hcNgKPXIWcH
Uhtw4eVaXr+2X/J4FsbhhcvViFeA4WScJQxUkidDSNiSE5B+azRjRB4DBEm4lNZe
5+hbBg60OytRSGkvZhaME0M59ppF6uM21XNeUObOwCrxTZoLfghwtYQbDdiubmvo
Y5P46VfYiwY4Y39yRp+0pjc7x/80DFfRXri7VPLuGWbI9cJAKdIkKHeqeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcGEhJbg3c/IxTFSYk5AMkuUbZ8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvdHdZU0VsdURkejhqRk1WSmlUa0F5UzVSdG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGk3RQN/VQ3I8QGKyMt3
BaA8I2fGuPsFVQu+YzlD7otH+ZKRqx6m79xXCsDu6KSIM35hlPg4RpChSqSXJkpN
QJPsCgC50jwYvDHP1M1FmZ3/cTp2Cuz+VUY+HxbYe2FkjcGjg+Ri1JC4nJwEgCqN
ysddks9+dlOI6ddVsBRu2/bsyNiawwUGSwrEMQkEEGS5qhHFUdJkiToUavVM+Y4r
SRXGrAetnsNddOOgsfP/0mxP2gLJQ1CmWXb5sp3Z3OifPU6Bi01tbAd/3J0zPYCg
PyY8NDE3HoPgy1Wu45Wi0b2EYylmqXE513dUDjQTjnukWX9Vm60K5NrWUQqrHwdX
v2k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org