Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FwyLccHtvSA4cd4BBYRPrrTuxRQ.roa
File: FwyLccHtvSA4cd4BBYRPrrTuxRQ.roa (raw, json)
Hash identifier: OmRNmwd9DAklsNVzqgyZRcruAOxqBtJUx4Y1JHhCo/k=
Subject key identifier: 17:0C:8B:71:C1:ED:BD:20:38:71:DE:01:05:84:4F:AE:B4:EE:C5:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018675D3C1C5E519CEC8A60FAA1845DB0F7E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FwyLccHtvSA4cd4BBYRPrrTuxRQ.roa
Signing time: Tue 21 Feb 2023 21:14:17 +0000
ROA not before: Tue 21 Feb 2023 21:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:d3:c1:c5:e5:19:ce:c8:a6:0f:aa:18:45:db:0f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 21:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=170c8b71c1edbd203871de0105844faeb4eec514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0b:b2:c3:e3:26:36:ef:bb:3c:e9:d4:75:b7:
de:2b:9d:96:cb:12:e8:55:8e:81:96:d2:61:7a:a0:
a7:df:14:9e:aa:a7:45:f2:f7:bf:34:b9:1f:12:24:
57:d6:8f:c9:9c:fe:0e:9b:0d:4c:e8:72:de:a8:37:
bf:8d:a4:46:7f:b8:9d:03:93:7c:ee:69:a7:be:7e:
62:22:04:77:e3:27:05:e4:b7:25:4b:66:0d:f4:1f:
ef:a0:f4:9d:7e:a6:54:5e:cf:5f:60:4d:02:84:dc:
d2:06:8f:9c:eb:3a:da:4c:7f:74:b4:d1:46:6c:26:
87:74:ba:7b:6b:28:c4:eb:3a:d4:7b:d7:d7:00:1f:
f2:f2:fd:ee:c3:83:d8:2f:7b:68:ee:2b:f4:3d:51:
c3:04:ca:5a:e7:b9:00:9a:a4:ec:4d:c3:fe:82:a3:
7f:14:1d:fe:f8:20:dc:c3:4f:15:96:d5:da:78:d0:
26:8e:8f:6e:e4:e5:12:6f:db:31:99:82:f2:79:8a:
64:8d:c7:de:80:5f:82:85:29:b1:27:d1:30:13:2e:
91:e5:36:1b:92:15:9c:22:5f:b2:72:33:ba:63:e6:
9f:52:59:61:81:a0:c8:4f:c9:ef:13:7d:1e:26:d9:
02:ec:ba:bb:63:ec:36:24:35:52:9f:b9:ba:b9:d3:
46:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0C:8B:71:C1:ED:BD:20:38:71:DE:01:05:84:4F:AE:B4:EE:C5:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FwyLccHtvSA4cd4BBYRPrrTuxRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:1c:03:71:ae:44:44:96:d6:87:98:bc:f9:f0:18:e2:18:42:
40:7e:90:77:9d:8f:b5:a9:74:71:41:32:53:20:0b:e0:08:4b:
71:e9:9f:d9:4b:64:ea:64:75:e2:a8:eb:65:c1:4d:73:3c:e9:
ee:08:b3:50:25:c5:4b:a6:dc:24:a2:6a:ab:22:54:f8:db:2f:
85:fc:26:2e:21:51:08:a7:63:b9:46:44:07:9c:10:4e:73:14:
d4:5b:b2:91:d4:fe:9a:94:c0:05:34:b1:9f:58:d1:99:3a:d5:
d5:c0:3b:92:9d:b1:d4:64:27:83:2d:c9:2b:a7:7c:87:c3:60:
24:49:48:5b:56:71:12:f4:19:cb:54:5c:fa:1c:e9:51:52:4a:
3e:1f:1e:8b:69:7d:5f:67:e5:19:ac:a1:7a:61:95:fc:e0:bb:
2b:72:a2:c1:d4:70:38:cc:7a:b9:6a:e6:b9:c4:10:13:1d:17:
b1:8a:f6:14:28:30:9c:e4:4c:03:69:b3:5a:36:35:c7:6c:df:
9d:3b:2e:e0:16:a2:90:60:41:1d:9a:8c:55:c6:57:f0:b3:dc:
ac:4e:78:98:25:bd:de:80:9c:57:dc:10:e6:a0:d6:bc:63:96:
b4:e5:1e:23:68:54:a5:fb:95:ed:c0:2f:a4:1d:4c:dc:0a:53:
92:65:a9:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ108HF5RnOyKYPqhhF2w9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMjExNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBjOGI3MWMxZWRiZDIwMzg3MWRlMDEwNTg0NGZhZWI0ZWVjNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhguyw+MmNu+7POnUdbfeK52WyxLo
VY6BltJheqCn3xSeqqdF8ve/NLkfEiRX1o/JnP4Omw1M6HLeqDe/jaRGf7idA5N8
7mmnvn5iIgR34ycF5LclS2YN9B/voPSdfqZUXs9fYE0ChNzSBo+c6zraTH90tNFG
bCaHdLp7ayjE6zrUe9fXAB/y8v3uw4PYL3to7iv0PVHDBMpa57kAmqTsTcP+gqN/
FB3++CDcw08VltXaeNAmjo9u5OUSb9sxmYLyeYpkjcfegF+ChSmxJ9EwEy6R5TYb
khWcIl+ycjO6Y+afUllhgaDIT8nvE30eJtkC7Lq7Y+w2JDVSn7m6udNGLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBcMi3HB7b0gOHHeAQWET6607sUUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRnd5TGNjSHR2U0E0Y2Q0QkJZUlByclR1eFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQcA3GuRESW1oeYvPnw
GOIYQkB+kHedj7WpdHFBMlMgC+AIS3Hpn9lLZOpkdeKo62XBTXM86e4Is1AlxUum
3CSiaqsiVPjbL4X8Ji4hUQinY7lGRAecEE5zFNRbspHU/pqUwAU0sZ9Y0Zk61dXA
O5KdsdRkJ4MtySunfIfDYCRJSFtWcRL0GctUXPoc6VFSSj4fHotpfV9n5RmsoXph
lfzguytyosHUcDjMerlq5rnEEBMdF7GK9hQoMJzkTANps1o2Ncds3507LuAWopBg
QR2ajFXGV/Cz3KxOeJglvd6AnFfcEOag1rxjlrTlHiNoVKX7le3AL6QdTNwKU5Jl
qSE=
-----END CERTIFICATE-----
Generated at Fri May 2 21:14:53 2025 by rpki-client