Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TCTCauGoNRv4O04kFAS1o9WSfHg.roa
File: TCTCauGoNRv4O04kFAS1o9WSfHg.roa (raw, json)
Hash identifier: hmu9/O3sNqKmr/LMBFwfVZO3CZgNSQAObyhvEpzwx8I=
Subject key identifier: 4C:24:C2:6A:E1:A8:35:1B:F8:3B:4E:24:14:04:B5:A3:D5:92:7C:78
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F992190703BAE379B6ADCFF6459B87096
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TCTCauGoNRv4O04kFAS1o9WSfHg.roa
Signing time: Tue 21 May 2024 03:11:04 +0000
ROA not before: Tue 21 May 2024 03:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:21:90:70:3b:ae:37:9b:6a:dc:ff:64:59:b8:70:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 03:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c24c26ae1a8351bf83b4e241404b5a3d5927c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0b:af:74:1d:5d:bd:45:75:9f:14:b6:9a:6d:
8c:28:38:83:66:d8:9b:cd:7d:88:b0:3a:4d:50:00:
9a:60:28:4f:bc:41:b8:8e:b8:40:b6:8d:a5:f0:6f:
ed:a4:55:5b:bd:4b:fc:3a:21:98:2e:22:ef:84:96:
f9:3e:9e:4c:53:9c:e9:81:ad:d4:38:35:75:b8:95:
9d:54:e0:25:db:d6:24:dd:1d:f7:7c:06:6f:66:b9:
18:aa:a2:5b:46:da:27:28:29:de:3c:76:f4:d1:af:
90:cb:86:1a:27:58:0c:09:f5:2e:a2:1b:53:09:54:
2f:dc:1f:22:46:40:50:38:51:cd:05:62:a1:88:75:
60:30:75:89:52:de:21:cc:b3:95:3e:f7:bf:c5:52:
7a:18:42:c2:da:89:19:1d:a4:43:4c:37:6c:4e:21:
d6:d1:e2:5c:f3:8a:31:fb:c1:4d:83:32:67:78:cb:
75:e7:c4:30:0b:ad:b1:a9:0e:17:6b:28:47:41:11:
79:8d:47:4f:73:cf:34:7b:83:65:5d:53:19:b9:ae:
b3:7b:7f:d9:00:23:12:ca:8b:17:24:58:2b:87:27:
17:49:fa:c3:f3:ed:d4:c7:54:e7:d2:5f:a7:5f:69:
70:87:69:91:9e:f2:c8:0e:85:e6:2d:bb:9c:41:dd:
d9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:24:C2:6A:E1:A8:35:1B:F8:3B:4E:24:14:04:B5:A3:D5:92:7C:78
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/TCTCauGoNRv4O04kFAS1o9WSfHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:b2:bf:af:16:ec:44:ab:5a:94:4d:2c:12:f4:db:a0:de:86:
b7:20:5e:79:e3:1f:50:e0:09:c0:d3:7d:35:37:01:09:f9:97:
59:2c:ae:96:b6:d7:d6:89:70:37:32:2a:e3:07:72:1e:ce:ab:
3d:c1:24:72:36:dd:eb:91:79:88:2e:5b:9b:c7:a2:4f:99:85:
ad:33:1f:b5:22:4f:72:49:ad:56:56:c6:aa:30:a3:44:3c:6b:
e9:35:be:94:ae:86:7a:13:87:9a:eb:c0:0c:2b:84:a9:0b:56:
b2:6a:ec:da:e9:1a:27:c2:f0:d4:df:ae:87:5d:3b:15:2a:11:
9c:d1:af:a3:f3:f9:26:b4:a3:48:21:a5:d0:22:a9:76:2e:7c:
d4:56:84:5b:d9:c7:98:d1:e2:1c:1e:96:58:7c:f7:f1:ba:40:
f5:a5:09:05:7a:2a:39:10:9e:36:47:df:65:b5:68:15:90:e9:
79:e0:7e:e9:32:2f:b0:e5:e7:ab:ba:65:fa:2a:23:88:65:16:
73:78:32:cf:e1:1c:24:26:5f:53:58:73:4c:dc:07:7e:7b:1b:
7b:03:4a:04:54:ae:84:0b:2f:c9:f4:05:e1:a3:1a:ff:fb:16:
a3:93:f8:e3:0a:29:b2:bd:a6:59:ae:af:03:98:b8:27:0e:dc:
86:73:92:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+ZIZBwO643m2rc/2RZuHCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMDMxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI0YzI2YWUxYTgzNTFiZjgzYjRlMjQxNDA0YjVhM2Q1OTI3Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AuvdB1dvUV1nxS2mm2MKDiDZtib
zX2IsDpNUACaYChPvEG4jrhAto2l8G/tpFVbvUv8OiGYLiLvhJb5Pp5MU5zpga3U
ODV1uJWdVOAl29Yk3R33fAZvZrkYqqJbRtonKCnePHb00a+Qy4YaJ1gMCfUuohtT
CVQv3B8iRkBQOFHNBWKhiHVgMHWJUt4hzLOVPve/xVJ6GELC2okZHaRDTDdsTiHW
0eJc84ox+8FNgzJneMt158QwC62xqQ4XayhHQRF5jUdPc880e4NlXVMZua6ze3/Z
ACMSyosXJFgrhycXSfrD8+3Ux1Tn0l+nX2lwh2mRnvLIDoXmLbucQd3ZkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwkwmrhqDUb+DtOJBQEtaPVknx4MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvVENUQ2F1R29OUnY0TzA0a0ZBUzFvOVdTZkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOyv68W7ESrWpRNLBL0
26DehrcgXnnjH1DgCcDTfTU3AQn5l1ksrpa219aJcDcyKuMHch7Oqz3BJHI23euR
eYguW5vHok+Zha0zH7UiT3JJrVZWxqowo0Q8a+k1vpSuhnoTh5rrwAwrhKkLVrJq
7NrpGifC8NTfroddOxUqEZzRr6Pz+Sa0o0ghpdAiqXYufNRWhFvZx5jR4hwellh8
9/G6QPWlCQV6KjkQnjZH32W1aBWQ6XngfukyL7Dl56u6ZfoqI4hlFnN4Ms/hHCQm
X1NYc0zcB357G3sDSgRUroQLL8n0BeGjGv/7FqOT+OMKKbK9plmurwOYuCcO3IZz
knQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:17 2025 by rpki-client