Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FNtpoWRUzElmzsfXcrgoKkEmytk.roa
File: FNtpoWRUzElmzsfXcrgoKkEmytk.roa (raw, json)
Hash identifier: YouSPipiC1qgUZ5lRPGwkMbbjimRBB7WEklMfT47gfc=
Subject key identifier: 14:DB:69:A1:64:54:CC:49:66:CE:C7:D7:72:B8:28:2A:41:26:CA:D9
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A71EA978F96C2CD9A887BBD36E5844167
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FNtpoWRUzElmzsfXcrgoKkEmytk.roa
Signing time: Thu 07 Sep 2023 23:11:54 +0000
ROA not before: Thu 07 Sep 2023 23:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:71:ea:97:8f:96:c2:cd:9a:88:7b:bd:36:e5:84:41:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 23:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14db69a16454cc4966cec7d772b8282a4126cad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b8:4b:61:ee:3e:ee:51:ad:b8:1b:f5:bf:e5:
c6:a8:1d:b8:01:ee:64:0b:f9:a4:46:ff:0e:aa:35:
7e:66:a5:75:65:96:ad:59:39:5b:76:a3:55:10:39:
1c:05:c1:ff:eb:aa:17:48:a8:bb:40:a0:ab:01:eb:
a7:ae:8b:ff:9b:81:ef:86:09:5d:0a:d4:7d:3c:55:
bd:4f:99:57:3a:18:46:93:69:70:d8:f3:23:89:72:
24:22:d8:d7:5e:79:d1:f6:6a:5f:2f:22:10:6c:c9:
5b:0b:88:6b:6b:d9:d0:6c:f0:39:f9:12:b5:42:a3:
23:39:b7:81:8f:4e:35:9f:71:f5:ce:cc:6c:7d:e1:
58:56:52:53:43:35:55:73:25:66:d8:bb:41:db:f3:
44:28:f7:66:ea:70:64:ed:6a:99:27:d4:cf:7e:c7:
a8:e3:fe:96:9b:1e:a5:f8:f7:42:b6:68:1e:d4:49:
d9:05:92:bb:10:f8:70:3a:08:e5:0a:75:4c:83:f3:
f7:be:0e:0a:43:4e:9c:ca:38:5e:cc:38:19:13:97:
99:29:6f:10:f7:3e:8b:20:18:70:2d:e7:d1:5f:c1:
ca:78:ed:b8:7a:f7:bd:44:04:c8:3c:ad:84:40:1f:
07:bc:85:dc:18:92:6f:9e:9f:ec:29:47:f7:b7:47:
4e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DB:69:A1:64:54:CC:49:66:CE:C7:D7:72:B8:28:2A:41:26:CA:D9
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FNtpoWRUzElmzsfXcrgoKkEmytk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:03:99:dd:09:bf:27:c1:2a:a8:80:a1:7e:9c:85:66:df:ac:
6a:ac:20:8b:e2:9c:ba:18:6c:c7:9d:e0:f6:23:09:5e:01:e7:
65:81:ab:f7:48:f3:69:cf:f5:0f:b2:27:b1:d4:79:18:90:df:
58:91:61:c4:ae:1f:ad:1f:3c:e4:a5:c1:27:0b:67:ee:f9:36:
42:d4:f2:44:53:23:af:ee:b7:cc:35:ed:ae:1d:7f:a5:1e:ea:
71:55:13:a0:3c:66:e4:37:1c:59:d1:f9:ac:36:a3:0a:e6:25:
0c:a7:0b:30:0c:84:54:8c:6d:c9:ba:85:19:c9:0b:c0:83:2b:
f6:1b:6d:18:61:6b:f7:eb:df:62:1b:56:e4:a7:5d:7a:af:07:
7e:39:3e:6e:96:8d:67:7f:ca:2d:c9:c8:41:bf:31:32:09:37:
25:cb:1b:13:f5:e8:91:b3:01:80:6a:79:1b:28:62:dd:92:85:
a5:65:98:b4:1d:e2:07:ce:23:0a:5e:c9:33:11:17:5b:0b:6f:
d1:6e:e7:a2:7b:09:67:01:54:0f:d2:de:72:bb:3d:5e:5d:6b:
ce:a9:d3:c7:05:a9:0c:96:f9:ea:4b:f7:b6:b9:24:0f:c3:06:
b0:2f:5a:c1:f9:da:ae:2d:3a:67:75:84:d0:d3:6f:39:5f:49:
8c:24:85:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpx6pePlsLNmoh7vTblhEFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MjMxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRiNjlhMTY0NTRjYzQ5NjZjZWM3ZDc3MmI4MjgyYTQxMjZjYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrhLYe4+7lGtuBv1v+XGqB24Ae5k
C/mkRv8OqjV+ZqV1ZZatWTlbdqNVEDkcBcH/66oXSKi7QKCrAeunrov/m4Hvhgld
CtR9PFW9T5lXOhhGk2lw2PMjiXIkItjXXnnR9mpfLyIQbMlbC4hra9nQbPA5+RK1
QqMjObeBj041n3H1zsxsfeFYVlJTQzVVcyVm2LtB2/NEKPdm6nBk7WqZJ9TPfseo
4/6Wmx6l+PdCtmge1EnZBZK7EPhwOgjlCnVMg/P3vg4KQ06cyjhezDgZE5eZKW8Q
9z6LIBhwLefRX8HKeO24eve9RATIPK2EQB8HvIXcGJJvnp/sKUf3t0dO/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBTbaaFkVMxJZs7H13K4KCpBJsrZMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRk50cG9XUlV6RWxtenNmWGNyZ29La0VteXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgDmd0JvyfBKqiAoX6c
hWbfrGqsIIvinLoYbMed4PYjCV4B52WBq/dI82nP9Q+yJ7HUeRiQ31iRYcSuH60f
POSlwScLZ+75NkLU8kRTI6/ut8w17a4df6Ue6nFVE6A8ZuQ3HFnR+aw2owrmJQyn
CzAMhFSMbcm6hRnJC8CDK/YbbRhha/fr32IbVuSnXXqvB345Pm6WjWd/yi3JyEG/
MTIJNyXLGxP16JGzAYBqeRsoYt2ShaVlmLQd4gfOIwpeyTMRF1sLb9Fu56J7CWcB
VA/S3nK7PV5da86p08cFqQyW+epL97a5JA/DBrAvWsH52q4tOmd1hNDTbzlfSYwk
hWk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:03 2025 by rpki-client