Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tpsqk-KOnBUnwQBToa5QMiUfJzw.roa
File: tpsqk-KOnBUnwQBToa5QMiUfJzw.roa (raw, json)
Hash identifier: mHHpqusqF77HeOb33Ltq8zRXVKVIBYPaqvQbU/XOK30=
Subject key identifier: B6:9B:2A:93:E2:8E:9C:15:27:C1:00:53:A1:AE:50:32:25:1F:27:3C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D909450A517D1F3388EDFCA93F5020881
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tpsqk-KOnBUnwQBToa5QMiUfJzw.roa
Signing time: Sat 10 Feb 2024 01:14:15 +0000
ROA not before: Sat 10 Feb 2024 01:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:90:94:50:a5:17:d1:f3:38:8e:df:ca:93:f5:02:08:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 01:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b69b2a93e28e9c1527c10053a1ae5032251f273c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8f:4f:65:70:39:88:5e:65:c0:ac:6f:41:2e:
b0:c1:16:7b:2c:a3:e1:5d:41:56:04:c8:19:0e:9f:
ea:11:ee:84:f2:99:d8:6d:e9:d7:ab:df:ff:7a:4d:
d3:f1:9a:89:6f:01:7b:14:06:12:e7:ed:f6:11:76:
84:f5:d8:f3:47:e0:e2:c4:a1:d5:f6:7b:50:09:d0:
09:be:3d:cb:19:35:36:76:13:2a:0c:12:cd:b9:a2:
4d:95:d7:75:dd:95:22:ab:82:31:45:e9:9c:4a:49:
05:2f:8b:ed:d4:de:87:71:3a:d5:31:05:dc:a8:ad:
28:12:fa:e2:02:7c:b3:52:ee:ac:40:71:93:3b:3b:
68:9e:19:d9:5d:aa:27:81:6d:12:b2:7c:cd:bc:a4:
fb:2e:e8:a9:04:0b:32:ff:1f:93:e9:54:7d:d1:fc:
d7:f7:0c:80:4f:3d:f2:6d:6b:71:e7:90:d4:0d:e5:
c9:19:8c:11:64:9b:11:c9:8d:07:61:5a:a4:8f:75:
77:a8:94:6f:c0:4e:25:f5:91:18:02:59:e6:ad:ab:
66:01:13:e7:da:f7:8f:17:cc:0e:3b:67:16:ab:71:
50:8e:f3:ca:9f:49:65:26:45:9e:79:03:55:a0:f9:
5a:4f:28:a7:a5:3c:bb:d5:b0:46:b5:f2:1c:76:c6:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9B:2A:93:E2:8E:9C:15:27:C1:00:53:A1:AE:50:32:25:1F:27:3C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tpsqk-KOnBUnwQBToa5QMiUfJzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:fa:55:52:a0:27:a8:23:b6:79:9b:54:72:22:de:a4:11:e6:
dc:2c:a1:cf:e4:ff:2d:67:1d:0a:65:3a:53:a3:a7:c0:59:47:
08:8e:84:d7:85:6a:26:a1:a1:16:1a:a9:ae:f9:78:7d:93:54:
ba:90:e2:f2:49:63:61:35:6c:84:f3:e7:ad:47:33:2e:41:75:
07:32:43:85:f6:d4:cf:fe:7d:ec:b7:99:45:24:fb:f0:e6:29:
8d:ce:0e:3b:37:fd:18:03:a1:66:fa:9f:d9:60:78:c6:41:8a:
51:58:bd:f1:c9:e1:e7:ed:f3:18:6c:d7:af:ea:f8:c1:e4:c1:
2e:a8:5f:60:5f:b0:5b:47:09:00:71:5f:2b:9e:c6:c4:c9:b5:
fa:a7:5e:98:48:b3:c2:90:61:d9:b9:51:05:7a:b4:9d:fa:e1:
0f:2b:85:23:e6:ab:3c:7d:76:24:bc:94:98:6c:2d:3f:fb:36:
5b:18:86:02:3b:68:52:e0:cf:f4:42:da:bb:dd:93:2a:7e:a3:
fb:a2:e6:3a:d6:ae:d0:f2:2b:76:b6:cd:82:ff:b4:9f:71:50:
af:17:98:c7:3f:e5:de:9a:88:46:8c:6b:ff:dc:92:d1:b6:c4:
3b:81:5d:66:f9:96:ef:88:5c:19:26:c6:49:41:b2:fd:31:01:
18:df:98:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2QlFClF9HzOI7fypP1AgiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMDExNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjliMmE5M2UyOGU5YzE1MjdjMTAwNTNhMWFlNTAzMjI1MWYyNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY9PZXA5iF5lwKxvQS6wwRZ7LKPh
XUFWBMgZDp/qEe6E8pnYbenXq9//ek3T8ZqJbwF7FAYS5+32EXaE9djzR+DixKHV
9ntQCdAJvj3LGTU2dhMqDBLNuaJNldd13ZUiq4IxRemcSkkFL4vt1N6HcTrVMQXc
qK0oEvriAnyzUu6sQHGTOztonhnZXaongW0SsnzNvKT7LuipBAsy/x+T6VR90fzX
9wyATz3ybWtx55DUDeXJGYwRZJsRyY0HYVqkj3V3qJRvwE4l9ZEYAlnmratmARPn
2vePF8wOO2cWq3FQjvPKn0llJkWeeQNVoPlaTyinpTy71bBGtfIcdsb++QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLabKpPijpwVJ8EAU6GuUDIlHyc8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdHBzcWstS09uQlVud1FCVG9hNVFNaVVmSnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJH6VVKgJ6gjtnmbVHIi
3qQR5twsoc/k/y1nHQplOlOjp8BZRwiOhNeFaiahoRYaqa75eH2TVLqQ4vJJY2E1
bITz561HMy5BdQcyQ4X21M/+fey3mUUk+/DmKY3ODjs3/RgDoWb6n9lgeMZBilFY
vfHJ4eft8xhs16/q+MHkwS6oX2BfsFtHCQBxXyuexsTJtfqnXphIs8KQYdm5UQV6
tJ364Q8rhSPmqzx9diS8lJhsLT/7NlsYhgI7aFLgz/RC2rvdkyp+o/ui5jrWrtDy
K3a2zYL/tJ9xUK8XmMc/5d6aiEaMa//cktG2xDuBXWb5lu+IXBkmxklBsv0xARjf
mDI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:30 2025 by rpki-client