Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fbCEnhYKTcRtL_aJkNEe3JDry-U.roa
File: fbCEnhYKTcRtL_aJkNEe3JDry-U.roa (raw, json)
Hash identifier: VRa2gEQt/axifNY4qA+RR61HN1q4jYvRTJCgSBfgTSc=
Subject key identifier: 7D:B0:84:9E:16:0A:4D:C4:6D:2F:F6:89:90:D1:1E:DC:90:EB:CB:E5
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6F0E4350D642ED24A521F3880FA1B1F9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fbCEnhYKTcRtL_aJkNEe3JDry-U.roa
Signing time: Sun 12 May 2024 23:05:56 +0000
ROA not before: Sun 12 May 2024 23:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:6f0d:7911/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6f:0e:43:50:d6:42:ed:24:a5:21:f3:88:0f:a1:b1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 23:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7db0849e160a4dc46d2ff68990d11edc90ebcbe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:af:c0:26:1f:4d:c7:8a:25:ff:88:fa:79:2c:
54:c7:91:83:24:af:09:29:78:52:be:12:ed:fe:63:
53:59:7e:d8:f8:16:93:ec:56:44:fd:8c:e0:ba:d2:
0f:a2:ba:a2:8e:3c:f0:be:6a:a9:40:38:e0:2e:11:
3c:78:28:24:95:85:37:12:9d:b4:f6:a2:98:59:3e:
3d:8a:df:02:2c:c0:ef:e8:54:93:ee:7a:b1:0f:7e:
ce:6f:05:f8:4c:95:9d:dc:35:f4:96:29:76:97:89:
63:9e:eb:bb:e9:5d:9a:06:af:20:26:a7:27:85:e7:
52:4b:5e:d7:16:32:46:1f:e8:e7:24:3e:82:8d:50:
57:5b:6f:33:18:22:cf:16:48:0b:c1:45:d0:51:cf:
1e:fd:d4:02:50:80:4c:41:53:b0:0f:96:cb:4f:dc:
9f:c5:d0:d8:06:81:f8:2b:7b:9c:ad:9d:f4:66:78:
94:40:8b:b0:5a:0f:18:d6:8b:88:86:7e:bb:4b:d4:
72:ec:86:84:07:a9:e2:15:da:b0:27:ce:ee:da:78:
15:d2:ca:da:bb:b7:d3:b0:2a:b5:09:1e:60:d2:50:
eb:0e:bd:ad:b5:85:b2:6a:f4:86:0f:ee:d8:b2:b4:
0d:7d:a1:e5:b8:70:9e:ad:7b:9d:05:72:11:37:dd:
e1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B0:84:9E:16:0A:4D:C4:6D:2F:F6:89:90:D1:1E:DC:90:EB:CB:E5
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/fbCEnhYKTcRtL_aJkNEe3JDry-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:4c:66:b1:60:ae:ba:c8:2f:4a:77:a5:07:19:36:6e:ca:b6:
2d:4a:49:3f:fa:59:6a:40:5e:c2:da:72:67:70:40:3a:ff:0b:
bb:73:1a:14:a1:ba:68:41:6a:cb:f2:e8:67:fd:61:72:c6:33:
65:dd:89:35:18:0f:77:b1:a8:ca:88:44:e8:56:0c:6f:27:b8:
1a:cd:57:62:f3:0c:fb:78:c4:75:bc:3b:35:42:a5:8d:d3:28:
eb:f0:f9:22:2c:2a:2a:f5:bf:06:9f:26:23:08:e8:9f:ef:ea:
10:51:aa:35:11:42:5a:59:42:ce:2f:ac:ee:5a:91:ae:35:b9:
4a:12:06:b9:8f:6b:c5:d4:e7:d0:c2:b6:1a:d3:3e:a6:db:2c:
e9:b4:b5:a0:dc:bd:fc:fe:ed:31:57:1c:f7:c4:ec:f8:c9:b0:
79:c1:c6:de:2f:c9:98:47:8f:05:38:fa:e2:48:b5:51:e3:ab:
ad:ba:94:66:e8:bb:c0:70:6a:2c:17:d5:72:17:1d:d0:5e:c3:
d8:6e:ec:8e:14:7a:70:d7:35:26:6d:5c:02:56:e6:02:71:34:
88:e7:17:72:dc:9a:26:2a:f9:09:79:42:04:f3:51:ac:2e:72:
6b:0c:11:14:0a:c1:16:6c:c6:68:9a:d3:cd:a3:d5:25:31:9b:
70:86:87:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9vDkNQ1kLtJKUh84gPobH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMjMwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGIwODQ5ZTE2MGE0ZGM0NmQyZmY2ODk5MGQxMWVkYzkwZWJjYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua/AJh9Nx4ol/4j6eSxUx5GDJK8J
KXhSvhLt/mNTWX7Y+BaT7FZE/YzgutIPorqijjzwvmqpQDjgLhE8eCgklYU3Ep20
9qKYWT49it8CLMDv6FST7nqxD37ObwX4TJWd3DX0lil2l4ljnuu76V2aBq8gJqcn
hedSS17XFjJGH+jnJD6CjVBXW28zGCLPFkgLwUXQUc8e/dQCUIBMQVOwD5bLT9yf
xdDYBoH4K3ucrZ30ZniUQIuwWg8Y1ouIhn67S9Ry7IaEB6niFdqwJ87u2ngV0sra
u7fTsCq1CR5g0lDrDr2ttYWyavSGD+7YsrQNfaHluHCerXudBXIRN93hqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2whJ4WCk3EbS/2iZDRHtyQ68vlMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvZmJDRW5oWUtUY1J0TF9hSmtORWUzSkRyeS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEtMZrFgrrrIL0p3pQcZ
Nm7Kti1KST/6WWpAXsLacmdwQDr/C7tzGhShumhBasvy6Gf9YXLGM2XdiTUYD3ex
qMqIROhWDG8nuBrNV2LzDPt4xHW8OzVCpY3TKOvw+SIsKir1vwafJiMI6J/v6hBR
qjURQlpZQs4vrO5aka41uUoSBrmPa8XU59DCthrTPqbbLOm0taDcvfz+7TFXHPfE
7PjJsHnBxt4vyZhHjwU4+uJItVHjq626lGbou8BwaiwX1XIXHdBew9hu7I4UenDX
NSZtXAJW5gJxNIjnF3LcmiYq+Ql5QgTzUawucmsMERQKwRZsxmia082j1SUxm3CG
hxA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org