Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TTTbxJD2c9UYurhEvmYOuZSPIiY.roa
File: TTTbxJD2c9UYurhEvmYOuZSPIiY.roa (raw, json)
Hash identifier: RyCW92YBgwgZ/2zvhBCkYGlYqUFahkJqwWFyLzFKZN4=
Subject key identifier: 4D:34:DB:C4:90:F6:73:D5:18:BA:B8:44:BE:66:0E:B9:94:8F:22:26
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEA0A9640BFC46A376DBB70674F839014
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TTTbxJD2c9UYurhEvmYOuZSPIiY.roa
Signing time: Wed 17 Apr 2024 03:12:26 +0000
ROA not before: Wed 17 Apr 2024 03:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:0a:96:40:bf:c4:6a:37:6d:bb:70:67:4f:83:90:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 03:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d34dbc490f673d518bab844be660eb9948f2226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:ff:e7:e9:53:b9:86:c0:2c:f4:a8:ef:a4:
f3:f8:88:f8:01:1f:fd:39:91:06:c9:8f:c6:84:1b:
5e:95:0f:d6:0f:55:57:01:c7:24:44:9b:dd:4a:4a:
85:76:cc:9f:40:4e:98:a7:98:5c:a5:5c:c4:27:88:
72:bb:a3:c1:c6:24:29:f6:43:d4:12:c2:be:8a:2b:
eb:a4:5b:26:29:e7:a3:da:0d:e8:ae:8c:c2:6e:c0:
12:56:8d:4a:3b:8f:20:20:19:56:07:17:60:b0:fb:
cd:2d:1b:2e:d2:57:e4:5b:02:83:c0:12:ec:b9:f1:
2c:9b:b3:69:d5:f5:20:bd:f9:a3:23:24:fd:82:b9:
b8:49:52:f7:df:80:50:21:bc:36:3d:94:79:15:a0:
e0:7d:ea:29:48:fd:12:92:7b:26:03:fb:01:01:f7:
56:fc:13:1b:f0:3e:9a:26:2c:8b:0c:ca:a4:59:78:
08:12:33:37:7d:c3:5f:ba:af:82:0c:13:f2:5b:c7:
22:de:ca:85:89:74:df:45:a6:9e:bf:40:45:76:8b:
a7:a8:e5:16:2b:7f:f8:54:30:ff:ad:71:3c:a5:5a:
ea:9d:30:0d:16:20:ca:35:85:5e:87:32:b3:55:76:
db:97:80:0e:ff:dd:66:22:90:d3:f6:c8:c6:26:4c:
21:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:34:DB:C4:90:F6:73:D5:18:BA:B8:44:BE:66:0E:B9:94:8F:22:26
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/TTTbxJD2c9UYurhEvmYOuZSPIiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:4f:58:ea:5b:a3:d8:96:0f:02:87:71:39:36:74:f4:c4:77:
46:45:31:46:a0:e6:05:a8:32:90:76:88:ba:5d:64:e0:b8:61:
6d:5a:dd:93:68:79:fa:6d:44:04:53:0e:e9:3e:e9:45:02:10:
ff:a1:1d:b0:90:c1:08:54:10:0c:8e:58:e0:c1:c0:e1:1b:03:
70:ec:73:f1:50:95:10:a5:6e:ac:46:01:86:c3:82:bc:f8:02:
16:d0:17:be:2e:5d:3e:63:29:18:46:01:3b:bf:3f:31:be:a0:
e7:e7:c1:d6:0e:7a:53:a2:4e:d6:a8:6d:a8:ca:7a:f5:b5:f0:
55:a7:22:2a:3f:0d:e6:79:0b:35:65:a5:4b:34:3d:dc:51:cc:
fc:f4:0b:90:9d:ba:ee:45:8e:32:1f:fe:95:8a:31:14:ef:1e:
b6:32:94:9f:24:a7:40:6f:9f:f4:b4:fc:e5:72:ec:af:33:f7:
cb:d7:8e:9d:00:f2:0e:87:dc:ea:f8:9b:0f:ce:f3:9e:9d:13:
81:28:dc:27:83:70:92:0f:e1:5c:f6:17:4d:54:81:85:57:a0:
b1:b3:4f:2e:6b:4a:5c:de:d3:22:2b:2d:1a:a9:dc:43:cb:22:
4a:4c:f0:0e:ee:60:de:ad:0b:f0:76:2b:e3:65:5f:1b:d7:5c:
2d:2b:f4:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7qCpZAv8RqN227cGdPg5AUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MDMxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM0ZGJjNDkwZjY3M2Q1MThiYWI4NDRiZTY2MGViOTk0OGYyMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy3/5+lTuYbALPSo76Tz+Ij4AR/9
OZEGyY/GhBtelQ/WD1VXAcckRJvdSkqFdsyfQE6Yp5hcpVzEJ4hyu6PBxiQp9kPU
EsK+iivrpFsmKeej2g3orozCbsASVo1KO48gIBlWBxdgsPvNLRsu0lfkWwKDwBLs
ufEsm7Np1fUgvfmjIyT9grm4SVL334BQIbw2PZR5FaDgfeopSP0SknsmA/sBAfdW
/BMb8D6aJiyLDMqkWXgIEjM3fcNfuq+CDBPyW8ci3sqFiXTfRaaev0BFdounqOUW
K3/4VDD/rXE8pVrqnTANFiDKNYVehzKzVXbbl4AO/91mIpDT9sjGJkwhgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE0028SQ9nPVGLq4RL5mDrmUjyImMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvVFRUYnhKRDJjOVVZdXJoRXZtWU91WlNQSWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNPWOpbo9iWDwKHcTk2
dPTEd0ZFMUag5gWoMpB2iLpdZOC4YW1a3ZNoefptRARTDuk+6UUCEP+hHbCQwQhU
EAyOWODBwOEbA3Dsc/FQlRClbqxGAYbDgrz4AhbQF74uXT5jKRhGATu/PzG+oOfn
wdYOelOiTtaobajKevW18FWnIio/DeZ5CzVlpUs0PdxRzPz0C5Cduu5FjjIf/pWK
MRTvHrYylJ8kp0Bvn/S0/OVy7K8z98vXjp0A8g6H3Or4mw/O856dE4Eo3CeDcJIP
4Vz2F01UgYVXoLGzTy5rSlze0yIrLRqp3EPLIkpM8A7uYN6tC/B2K+NlXxvXXC0r
9M0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org