Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FmPZDXsvxNY_9EH7XNQDQCruVPI.roa
File: FmPZDXsvxNY_9EH7XNQDQCruVPI.roa (raw, json)
Hash identifier: QaH+RzJVhvdBIFoYgVDjbF9l/TsJvwpC275pQg4eXiw=
Subject key identifier: 16:63:D9:0D:7B:2F:C4:D6:3F:F4:41:FB:5C:D4:03:40:2A:EE:54:F2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9CCA25A4C434A86EC94C3CF00F53FFFC
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FmPZDXsvxNY_9EH7XNQDQCruVPI.roa
Signing time: Tue 21 May 2024 20:14:04 +0000
ROA not before: Tue 21 May 2024 20:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:ca:25:a4:c4:34:a8:6e:c9:4c:3c:f0:0f:53:ff:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 20:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1663d90d7b2fc4d63ff441fb5cd403402aee54f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:c5:2e:c7:a6:a7:24:6e:6e:1c:ea:29:5c:
a8:fb:ca:62:e5:d4:68:cd:af:7d:1a:71:6e:3e:5d:
a7:0a:e3:0a:b7:04:7c:f3:f3:91:06:c1:ef:8b:8b:
d1:26:25:21:b3:6f:e7:91:c4:5f:da:2c:7f:a2:2e:
e5:9f:9b:5e:5c:76:ee:a6:a0:a4:e1:67:fa:25:91:
76:7a:59:0c:96:b0:e8:56:88:7e:aa:7c:9d:fb:bb:
55:13:c9:bf:b2:71:55:81:9f:f9:de:a4:c2:45:d4:
03:a0:8d:73:b0:09:62:6d:30:78:70:27:a3:78:f8:
81:d5:ca:1d:cf:c7:86:51:d0:1f:3d:0a:22:f4:b5:
92:cf:92:1c:7b:3c:ef:de:b8:b6:f6:91:c4:e9:e8:
72:8f:79:11:2a:a0:ad:5d:ac:2a:ff:17:e6:9b:c3:
9f:a7:b0:ad:c5:df:63:53:40:2b:4b:ed:62:bc:7f:
20:e7:ba:01:2a:ea:82:e1:33:de:cd:16:36:a1:86:
09:28:33:eb:b5:0b:78:e4:1b:5e:01:7b:09:22:74:
ad:58:8a:0a:e9:96:da:28:f2:a7:59:69:79:71:06:
27:bc:49:20:59:01:02:31:06:d5:fd:dd:f5:3d:3f:
25:ae:0f:2d:54:65:a0:64:95:ba:13:f2:09:14:63:
57:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:63:D9:0D:7B:2F:C4:D6:3F:F4:41:FB:5C:D4:03:40:2A:EE:54:F2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/FmPZDXsvxNY_9EH7XNQDQCruVPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:f2:bc:05:b0:07:0c:92:d7:0f:70:37:96:12:c6:48:f1:f1:
9b:93:6e:91:41:f9:61:57:15:40:c9:8e:df:16:9d:fe:5e:2f:
4e:7a:c6:c4:f6:22:ee:ba:0d:94:cd:8a:8a:4b:f4:88:0f:d7:
9e:51:58:4d:32:86:15:e7:9e:91:b9:14:95:e0:28:36:10:81:
e9:a2:0f:76:ae:9a:b4:00:66:bf:e1:81:77:a3:41:19:9d:9d:
88:8d:94:8d:31:a4:a9:fa:0a:30:64:d9:d3:d0:84:63:3b:10:
d1:79:4d:3b:fa:a0:f4:38:cc:5b:0e:13:a6:1b:97:63:84:45:
ed:55:c6:dc:38:27:40:bb:48:79:76:3b:48:b4:1c:d6:93:e5:
2e:8b:0c:76:84:48:72:4c:6d:25:fa:31:23:35:01:dc:6a:82:
27:6d:01:98:89:33:82:c3:c4:13:45:b8:14:b3:5c:12:99:7f:
cb:a9:dd:a4:7e:5b:0a:fa:a8:68:10:b7:5a:b4:63:ae:ba:76:
da:b8:6c:4c:a5:cf:8a:ee:5a:58:c3:dc:2d:ed:5b:bc:d8:84:
c0:00:6c:35:4e:29:3e:21:cb:cb:28:b5:d6:dd:75:53:7a:07:
af:cb:19:55:9e:1a:9f:74:c4:09:fe:36:72:47:81:91:bc:68:
f7:7d:b5:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+cyiWkxDSobslMPPAPU//8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMjAxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjYzZDkwZDdiMmZjNGQ2M2ZmNDQxZmI1Y2Q0MDM0MDJhZWU1NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJDFLsempyRubhzqKVyo+8pi5dRo
za99GnFuPl2nCuMKtwR88/ORBsHvi4vRJiUhs2/nkcRf2ix/oi7ln5teXHbupqCk
4Wf6JZF2elkMlrDoVoh+qnyd+7tVE8m/snFVgZ/53qTCRdQDoI1zsAlibTB4cCej
ePiB1codz8eGUdAfPQoi9LWSz5Icezzv3ri29pHE6ehyj3kRKqCtXawq/xfmm8Of
p7Ctxd9jU0ArS+1ivH8g57oBKuqC4TPezRY2oYYJKDPrtQt45BteAXsJInStWIoK
6ZbaKPKnWWl5cQYnvEkgWQECMQbV/d31PT8lrg8tVGWgZJW6E/IJFGNX7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBZj2Q17L8TWP/RB+1zUA0Aq7lTyMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvRm1QWkRYc3Z4TllfOUVIN1hOUURRQ3J1VlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvyvAWwBwyS1w9wN5YS
xkjx8ZuTbpFB+WFXFUDJjt8Wnf5eL056xsT2Iu66DZTNiopL9IgP155RWE0yhhXn
npG5FJXgKDYQgemiD3aumrQAZr/hgXejQRmdnYiNlI0xpKn6CjBk2dPQhGM7ENF5
TTv6oPQ4zFsOE6Ybl2OERe1Vxtw4J0C7SHl2O0i0HNaT5S6LDHaESHJMbSX6MSM1
AdxqgidtAZiJM4LDxBNFuBSzXBKZf8up3aR+Wwr6qGgQt1q0Y666dtq4bEylz4ru
WljD3C3tW7zYhMAAbDVOKT4hy8sotdbddVN6B6/LGVWeGp90xAn+NnJHgZG8aPd9
tY0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org