Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FMTVVQ39k3HFsSQvztX4MrKDcoM.roa
File: FMTVVQ39k3HFsSQvztX4MrKDcoM.roa (raw, json)
Hash identifier: +klFl4HUp6TdCPhrBQSXSP7USoiC0K+RQhKSCwvdXnA=
Subject key identifier: 14:C4:D5:55:0D:FD:93:71:C5:B1:24:2F:CE:D5:F8:32:B2:83:72:83
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A45B06C3ECC1A03E790FC8688C79F51BC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FMTVVQ39k3HFsSQvztX4MrKDcoM.roa
Signing time: Wed 30 Aug 2023 09:05:04 +0000
ROA not before: Wed 30 Aug 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:45af:c3dc/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:b0:6c:3e:cc:1a:03:e7:90:fc:86:88:c7:9f:51:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14c4d5550dfd9371c5b1242fced5f832b2837283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3c:67:82:78:a8:7f:a6:58:8b:eb:48:d4:18:
ff:35:4b:54:52:bf:10:0f:e7:68:5a:81:8c:16:7b:
7c:2d:29:2d:0f:91:c7:c9:b5:9e:31:b7:49:36:22:
89:d4:91:96:2b:2e:1a:be:00:4b:1d:a0:f2:86:cf:
94:3e:b3:d8:98:fe:95:30:8f:fa:ed:ed:14:f7:ec:
5a:60:54:0b:6a:3d:1a:ef:29:13:ac:fe:25:5b:58:
ca:10:8f:73:a8:a4:28:6e:b8:ab:35:4f:79:10:8d:
b5:ab:a1:ba:7c:8f:a4:77:6a:7c:cf:d1:4b:30:d3:
2d:c3:0d:c6:63:67:42:3f:c9:fa:0c:7f:ca:d5:f6:
03:6e:ba:58:45:e9:ee:b9:45:d3:8a:53:12:f0:8b:
51:e1:f9:b7:24:04:89:e5:6e:c4:2c:db:6c:e6:66:
53:ef:52:dd:7a:fb:fb:71:ba:75:9d:27:78:d1:40:
fe:5c:95:bd:16:88:86:34:af:c3:3b:93:cc:27:4c:
7a:eb:00:85:99:86:cc:c3:bb:3d:d1:f0:e6:d7:be:
8a:a9:05:b0:d3:93:b0:3d:c0:0c:95:11:33:a4:9a:
da:61:1f:4e:52:55:0d:a2:f4:f4:0c:dc:62:b1:1c:
a1:f0:67:05:12:9a:c3:a4:fa:d2:77:92:a6:60:85:
3c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C4:D5:55:0D:FD:93:71:C5:B1:24:2F:CE:D5:F8:32:B2:83:72:83
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/FMTVVQ39k3HFsSQvztX4MrKDcoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:ce:86:cc:ec:3e:bb:ee:4a:c0:23:fb:ea:19:80:7e:52:0b:
a2:d6:69:63:c8:d0:ad:81:bb:9b:19:e6:78:99:52:0c:85:a5:
79:0b:49:ea:b1:79:8f:33:a4:a8:18:d4:98:0d:21:60:03:2c:
b7:6c:69:1a:05:89:0f:70:f9:e4:c0:59:03:e7:e6:a0:b9:8d:
f0:e0:69:50:5b:91:8f:6f:55:85:ff:f5:9e:66:72:da:61:05:
50:e3:9d:20:20:a9:5a:2b:7a:55:55:99:5b:45:fd:ff:1f:68:
63:49:c1:93:f9:95:15:17:3e:a6:57:e6:60:2b:42:73:0e:7a:
7d:6e:70:4d:5a:04:80:4b:a0:3e:8c:ec:95:fa:eb:b6:0a:bb:
ac:62:69:f2:96:dc:a7:e1:f5:6a:e1:e3:5b:38:8e:0e:65:c4:
6a:3f:06:28:f2:e6:60:fa:30:17:5c:24:53:5c:a9:c0:55:5d:
ed:fd:d6:b0:76:83:05:a4:1c:a2:d0:f8:47:83:91:9c:fe:78:
58:5e:ee:8f:0c:25:bf:25:58:93:02:ee:73:84:1d:4e:f9:65:
e6:a0:bb:3a:97:fb:a0:2d:b0:3d:64:f7:d7:e8:bc:37:d9:3f:
20:f6:a3:27:61:6a:93:d5:72:3f:e6:4e:cd:d2:5e:a0:a0:bc:
9d:44:59:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpFsGw+zBoD55D8hojHn1G8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGM0ZDU1NTBkZmQ5MzcxYzViMTI0MmZjZWQ1ZjgzMmIyODM3MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTxngniof6ZYi+tI1Bj/NUtUUr8Q
D+doWoGMFnt8LSktD5HHybWeMbdJNiKJ1JGWKy4avgBLHaDyhs+UPrPYmP6VMI/6
7e0U9+xaYFQLaj0a7ykTrP4lW1jKEI9zqKQobrirNU95EI21q6G6fI+kd2p8z9FL
MNMtww3GY2dCP8n6DH/K1fYDbrpYRenuuUXTilMS8ItR4fm3JASJ5W7ELNts5mZT
71Ldevv7cbp1nSd40UD+XJW9FoiGNK/DO5PMJ0x66wCFmYbMw7s90fDm176KqQWw
05OwPcAMlREzpJraYR9OUlUNovT0DNxisRyh8GcFEprDpPrSd5KmYIU8+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBTE1VUN/ZNxxbEkL87V+DKyg3KDMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvRk1UVlZRMzlrM0hGc1NRdnp0WDRNcktEY29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACTOhszsPrvuSsAj++oZ
gH5SC6LWaWPI0K2Bu5sZ5niZUgyFpXkLSeqxeY8zpKgY1JgNIWADLLdsaRoFiQ9w
+eTAWQPn5qC5jfDgaVBbkY9vVYX/9Z5mctphBVDjnSAgqVorelVVmVtF/f8faGNJ
wZP5lRUXPqZX5mArQnMOen1ucE1aBIBLoD6M7JX667YKu6xiafKW3Kfh9Wrh41s4
jg5lxGo/Bijy5mD6MBdcJFNcqcBVXe391rB2gwWkHKLQ+EeDkZz+eFhe7o8MJb8l
WJMC7nOEHU75ZeaguzqX+6AtsD1k99fovDfZPyD2oydhapPVcj/mTs3SXqCgvJ1E
Wa0=
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:58:36 2025 by rpki-client