Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FO41UkCgAbaNEWyUML-WXQjPM8E.roa
File: FO41UkCgAbaNEWyUML-WXQjPM8E.roa (raw, json)
Hash identifier: mDRjZKltjY5XI9ESReFpBykQYhKqrA+1u0zilC3+N/8=
Subject key identifier: 14:EE:35:52:40:A0:01:B6:8D:11:6C:94:30:BF:96:5D:08:CF:33:C1
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A5BA219667BDC1E87C35CCDD2396ADD74
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FO41UkCgAbaNEWyUML-WXQjPM8E.roa
Signing time: Sun 03 Sep 2023 15:21:04 +0000
ROA not before: Sun 03 Sep 2023 15:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5b:a2:19:66:7b:dc:1e:87:c3:5c:cd:d2:39:6a:dd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 3 15:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14ee355240a001b68d116c9430bf965d08cf33c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:17:bc:5f:2b:65:dd:68:dd:24:15:d2:53:
d1:6e:c3:2f:76:29:7f:bb:c6:e6:a2:30:7f:6e:35:
1a:73:5b:94:1c:ea:68:b1:6a:1d:a7:8a:fb:bf:33:
87:cc:f6:10:20:19:74:50:8b:dc:90:ba:7f:db:94:
48:e2:50:6a:71:ec:e0:6f:22:2b:01:44:b0:c4:6d:
53:2a:18:61:98:3b:81:be:9d:8f:dc:3b:d3:98:38:
68:a6:6d:27:33:0c:dc:14:58:97:3f:36:21:a2:cc:
5f:76:dc:e8:1a:cb:4a:5f:21:35:37:29:00:f8:1f:
b4:c0:90:c7:7a:de:90:cb:19:4f:bc:14:50:71:92:
47:a6:d4:c3:ff:f4:84:56:4a:53:01:76:5b:90:0b:
95:e0:93:f4:88:a5:f1:85:a6:71:b6:8c:1b:bc:8d:
8a:1a:23:92:b5:cf:77:a6:b6:18:db:03:a9:be:90:
69:dd:fc:15:06:f2:1a:87:f0:8a:67:46:7d:31:78:
4e:34:62:2b:a1:09:9d:28:b1:76:4c:fd:32:7b:44:
28:06:20:04:9f:e2:9f:80:7c:ba:78:66:55:76:26:
e7:41:5c:63:4a:41:18:0a:ef:18:af:97:68:52:79:
76:4d:38:44:b5:8c:68:8b:ee:a0:38:3c:16:06:4e:
34:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EE:35:52:40:A0:01:B6:8D:11:6C:94:30:BF:96:5D:08:CF:33:C1
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FO41UkCgAbaNEWyUML-WXQjPM8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:13:90:cf:52:81:3f:68:34:33:cb:0b:30:a4:15:a1:62:d1:
75:a9:55:94:1b:26:fb:9e:4e:e2:82:91:be:76:85:fd:20:c4:
85:84:0d:a5:1a:05:5f:14:94:97:00:3c:d5:88:3e:d9:33:d7:
69:7f:c9:13:2a:36:9b:ca:b5:af:a8:90:66:a2:af:d8:b1:b6:
b3:8d:22:b3:3e:05:e3:75:3a:c5:91:03:63:9f:fe:97:5c:62:
ab:ac:4a:14:59:3d:80:98:72:a9:ca:8d:29:cb:85:45:0f:c9:
be:a6:0e:d8:fe:91:89:a7:21:2c:1d:42:b1:eb:c0:e2:a8:59:
b8:a2:d4:44:d7:8f:8d:c2:d1:dc:f4:ab:54:02:77:ff:8e:41:
2a:4e:df:0c:db:db:75:de:19:f4:d9:14:b7:eb:0d:c1:25:a1:
41:81:45:21:71:42:2b:81:97:d8:1b:1a:72:3b:d6:e9:f2:9e:
6c:48:4f:3c:cb:24:fe:72:31:7c:8e:be:9f:c0:a5:00:5f:c7:
13:f9:05:58:14:8e:a3:23:86:58:e2:6b:ed:ff:04:e5:a0:6f:
0a:8e:b4:0e:2d:c6:e6:a3:f3:94:29:67:b4:a2:c5:a3:c2:98:
83:d6:35:17:44:dc:76:dc:43:39:84:c7:31:81:a6:17:84:b6:
e3:37:36:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpbohlme9weh8NczdI5at10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAzMTUyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGVlMzU1MjQwYTAwMWI2OGQxMTZjOTQzMGJmOTY1ZDA4Y2YzM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3MXvF8rZd1o3SQV0lPRbsMvdil/
u8bmojB/bjUac1uUHOposWodp4r7vzOHzPYQIBl0UIvckLp/25RI4lBqcezgbyIr
AUSwxG1TKhhhmDuBvp2P3DvTmDhopm0nMwzcFFiXPzYhosxfdtzoGstKXyE1NykA
+B+0wJDHet6QyxlPvBRQcZJHptTD//SEVkpTAXZbkAuV4JP0iKXxhaZxtowbvI2K
GiOStc93prYY2wOpvpBp3fwVBvIah/CKZ0Z9MXhONGIroQmdKLF2TP0ye0QoBiAE
n+KfgHy6eGZVdibnQVxjSkEYCu8Yr5doUnl2TThEtYxoi+6gODwWBk406wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBTuNVJAoAG2jRFslDC/ll0IzzPBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRk80MVVrQ2dBYmFORVd5VU1MLVdYUWpQTThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJkTkM9SgT9oNDPLCzCk
FaFi0XWpVZQbJvueTuKCkb52hf0gxIWEDaUaBV8UlJcAPNWIPtkz12l/yRMqNpvK
ta+okGair9ixtrONIrM+BeN1OsWRA2Of/pdcYqusShRZPYCYcqnKjSnLhUUPyb6m
Dtj+kYmnISwdQrHrwOKoWbii1ETXj43C0dz0q1QCd/+OQSpO3wzb23XeGfTZFLfr
DcEloUGBRSFxQiuBl9gbGnI71unynmxITzzLJP5yMXyOvp/ApQBfxxP5BVgUjqMj
hljia+3/BOWgbwqOtA4txuaj85QpZ7SixaPCmIPWNRdE3HbcQzmExzGBpheEtuM3
NuE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:30 2025 by rpki-client