Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FN8hD2-E6uqVopJKegLvb5_BERE.roa
File: FN8hD2-E6uqVopJKegLvb5_BERE.roa (raw, json)
Hash identifier: f6H01WNtw6i82fQOp6CHpnRAxJO2WWkSAqaMneW2JMM=
Subject key identifier: 14:DF:21:0F:6F:84:EA:EA:95:A2:92:4A:7A:02:EF:6F:9F:C1:11:11
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852FA95B9B56C67DAFB6C9D13212805914
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FN8hD2-E6uqVopJKegLvb5_BERE.roa
Signing time: Tue 20 Dec 2022 13:11:46 +0000
ROA not before: Tue 20 Dec 2022 13:11:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:a9:5b:9b:56:c6:7d:af:b6:c9:d1:32:12:80:59:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 20 13:11:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14df210f6f84eaea95a2924a7a02ef6f9fc11111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:3a:a5:0b:cd:5c:62:ba:93:b2:1c:11:ef:
79:d5:36:3e:6e:82:6b:f6:4f:c7:a5:b0:5a:da:d2:
92:0c:cf:d0:eb:81:c9:f6:2c:bb:9f:90:fe:ce:82:
4d:84:16:d2:e1:38:1a:4f:33:aa:dd:f9:05:2a:c0:
d9:b5:ce:5d:56:4b:83:d4:00:0d:47:5f:00:41:5a:
ee:7f:90:ac:69:2a:ec:c5:e0:ca:66:e4:a9:86:27:
01:aa:c1:7f:93:57:61:ca:c6:b2:ed:b6:8f:04:3f:
de:f0:c2:18:95:b0:f8:fa:5c:b0:7b:ee:e7:af:e8:
78:b7:40:02:a0:77:73:18:60:c2:6e:f3:1c:fc:06:
01:e3:7c:30:fa:45:55:7c:8b:92:fb:a9:bc:f5:17:
04:ec:01:71:1a:ef:19:25:15:03:c8:37:a1:28:27:
8e:c4:51:2c:70:dd:96:d6:ac:74:4d:7c:60:f4:59:
3f:c9:e8:9c:fe:63:74:c7:b4:6a:c2:3f:bb:07:79:
2b:d9:ee:a6:b2:03:a3:04:03:5d:f2:79:ab:b2:17:
e7:30:e0:28:d1:3e:6b:f3:53:19:c4:0a:c2:6e:86:
6e:89:ba:29:3c:ee:15:14:30:92:d7:5f:e9:b7:53:
b6:c3:83:c9:da:4f:d8:10:de:88:9b:1e:c8:c9:42:
e4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DF:21:0F:6F:84:EA:EA:95:A2:92:4A:7A:02:EF:6F:9F:C1:11:11
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FN8hD2-E6uqVopJKegLvb5_BERE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:33:85:3b:bd:8d:bc:b5:0e:30:84:11:54:9c:01:a2:1b:47:
8f:a9:df:b5:2c:4e:6d:8f:3f:dc:be:89:93:dd:f2:ae:2b:e8:
f9:8e:09:e2:0f:02:ec:ee:fa:e0:65:ae:91:a2:68:19:96:0a:
41:b7:7d:a1:4a:24:b8:d7:b4:6e:6a:1f:50:0d:8c:8a:f3:76:
e5:8e:b3:6c:7c:5f:db:aa:49:48:d7:04:d0:49:7b:97:99:e7:
c1:de:89:fa:68:7b:95:9d:25:a5:a3:9c:dc:ed:dd:32:ee:fe:
c3:9b:c0:0b:83:12:d5:3c:18:36:4a:c8:e8:df:40:9e:26:0b:
90:77:7d:0c:07:bf:39:1d:d8:0c:2b:08:3f:f6:bb:86:8e:40:
ec:b8:4f:1a:d1:f5:59:c6:1f:a4:82:81:41:49:eb:5a:55:78:
ca:b5:e3:b6:0d:e7:13:0c:a3:97:3a:71:89:e6:b1:2b:97:5d:
31:b8:18:a6:4e:0c:59:0b:9b:86:6a:e4:f5:46:4b:b7:70:77:
65:fc:91:9e:79:e6:41:ad:ad:a1:e9:99:13:91:b1:6a:24:3f:
fc:e1:40:25:c3:3b:d6:57:47:b5:c5:b9:87:ff:82:95:0f:30:
0b:5e:1e:a5:15:51:ce:a9:bd:f4:41:33:42:f3:be:2d:6d:f9:
5f:c0:00:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUvqVubVsZ9r7bJ0TISgFkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIwMTMxMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRmMjEwZjZmODRlYWVhOTVhMjkyNGE3YTAyZWY2ZjlmYzExMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+g6pQvNXGK6k7IcEe951TY+boJr
9k/HpbBa2tKSDM/Q64HJ9iy7n5D+zoJNhBbS4TgaTzOq3fkFKsDZtc5dVkuD1AAN
R18AQVruf5CsaSrsxeDKZuSphicBqsF/k1dhysay7baPBD/e8MIYlbD4+lywe+7n
r+h4t0ACoHdzGGDCbvMc/AYB43ww+kVVfIuS+6m89RcE7AFxGu8ZJRUDyDehKCeO
xFEscN2W1qx0TXxg9Fk/yeic/mN0x7Rqwj+7B3kr2e6msgOjBANd8nmrshfnMOAo
0T5r81MZxArCboZuibopPO4VFDCS11/pt1O2w4PJ2k/YEN6Imx7IyULkYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBTfIQ9vhOrqlaKSSnoC72+fwRERMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRk44aEQyLUU2dXFWb3BKS2VnTHZiNV9CRVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIMzhTu9jby1DjCEEVSc
AaIbR4+p37UsTm2PP9y+iZPd8q4r6PmOCeIPAuzu+uBlrpGiaBmWCkG3faFKJLjX
tG5qH1ANjIrzduWOs2x8X9uqSUjXBNBJe5eZ58Heifpoe5WdJaWjnNzt3TLu/sOb
wAuDEtU8GDZKyOjfQJ4mC5B3fQwHvzkd2AwrCD/2u4aOQOy4TxrR9VnGH6SCgUFJ
61pVeMq147YN5xMMo5c6cYnmsSuXXTG4GKZODFkLm4Zq5PVGS7dwd2X8kZ555kGt
raHpmRORsWokP/zhQCXDO9ZXR7XFuYf/gpUPMAteHqUVUc6pvfRBM0Lzvi1t+V/A
AA0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:37:17 2025 by rpki-client