Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FLTH0-tfqXvRhV9NM95-asZXeXQ.roa
File: FLTH0-tfqXvRhV9NM95-asZXeXQ.roa (raw, json)
Hash identifier: xkga7KQc/D1YQDuNaHnU/rA0r7xdIU5RAveDjjhnRx0=
Subject key identifier: 14:B4:C7:D3:EB:5F:A9:7B:D1:85:5F:4D:33:DE:7E:6A:C6:57:79:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC1F734A3D19074FAFF8145BAD8285A7E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FLTH0-tfqXvRhV9NM95-asZXeXQ.roa
Signing time: Sat 23 Sep 2023 12:15:18 +0000
ROA not before: Sat 23 Sep 2023 12:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:f7:34:a3:d1:90:74:fa:ff:81:45:ba:d8:28:5a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 12:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14b4c7d3eb5fa97bd1855f4d33de7e6ac6577974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:74:68:4e:8b:d1:7d:8c:b3:ce:75:50:e2:
b5:9a:96:98:d9:e8:13:f4:6b:a0:f2:1e:cb:4a:24:
0a:99:fb:80:92:df:bd:e0:a1:14:75:07:ef:eb:77:
a3:c0:1b:68:81:8f:e4:7a:19:d7:4c:d4:b4:23:bc:
ef:0e:5b:2f:f1:81:41:39:87:8e:35:c6:f5:8f:b3:
72:ae:95:b1:1e:17:95:46:80:f2:3e:bd:5c:92:bc:
c2:d7:a0:8c:9b:c0:d9:75:62:ad:4a:75:35:e6:a7:
15:1b:b6:bf:a1:bc:d9:f3:1f:b5:06:15:78:23:04:
6e:2d:7b:44:36:5e:57:4c:ea:02:d0:15:ca:55:e3:
ee:52:e2:5d:d6:bf:c7:5d:db:df:9e:69:78:ec:17:
8a:76:67:20:19:2d:4c:0a:19:98:61:06:ba:8d:25:
2f:f3:26:a6:29:67:95:38:0d:4a:39:d1:09:64:f8:
3c:56:0c:d4:ee:e5:3f:da:bd:e7:47:91:d2:43:4f:
ea:8e:66:2d:e9:41:67:67:c2:a1:4b:86:33:2d:1d:
a1:01:70:80:9a:a3:db:76:7b:e9:b6:f5:5f:e0:e9:
fb:11:71:12:55:d0:3a:c0:f5:ca:2d:b1:bd:5a:0d:
f0:13:18:96:de:0c:ce:cd:d2:d3:6c:8e:26:e1:b3:
bf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B4:C7:D3:EB:5F:A9:7B:D1:85:5F:4D:33:DE:7E:6A:C6:57:79:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FLTH0-tfqXvRhV9NM95-asZXeXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:22:2c:30:23:40:66:31:b4:f2:47:0e:13:1d:90:80:df:c1:
f6:85:f9:ba:07:73:f2:4c:32:3f:ed:a0:86:13:bf:14:63:3e:
57:af:ab:16:0e:8c:06:28:5b:24:98:a8:c4:5f:cb:11:25:99:
32:84:38:64:59:95:02:46:96:17:90:3f:6a:16:42:6d:f3:8b:
59:25:64:b5:7d:9e:bc:28:d3:ba:1a:ee:78:57:09:92:85:01:
51:6f:fd:d8:6c:99:47:38:42:aa:3b:5e:b1:ac:aa:7d:1a:ce:
51:b1:0a:68:f6:65:bb:5c:2f:3d:42:fc:3c:99:31:d7:01:37:
21:ec:ca:a4:a3:1a:75:58:74:66:d5:05:4f:c4:70:6b:be:b3:
3a:63:4b:b9:8d:e5:b0:e6:36:eb:5e:ab:24:50:41:66:26:0a:
7e:f6:f8:0e:5f:81:ce:6d:cb:c0:18:18:95:cb:67:f6:c6:39:
0f:cf:9f:b1:d1:d4:5f:1a:74:b1:02:28:71:cb:76:88:7c:5c:
e9:94:9c:b6:4b:bd:a3:c7:5d:af:5c:db:80:b5:af:87:d9:95:
de:11:cd:28:8c:31:1c:11:a9:22:4d:32:ea:8d:98:b4:0b:d3:
51:da:d8:4a:f1:19:45:98:ab:3b:b3:8a:77:45:38:bd:ab:8a:
26:05:76:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrB9zSj0ZB0+v+BRbrYKFp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTIxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI0YzdkM2ViNWZhOTdiZDE4NTVmNGQzM2RlN2U2YWM2NTc3OTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojp0aE6L0X2Ms851UOK1mpaY2egT
9Gug8h7LSiQKmfuAkt+94KEUdQfv63ejwBtogY/kehnXTNS0I7zvDlsv8YFBOYeO
Ncb1j7NyrpWxHheVRoDyPr1ckrzC16CMm8DZdWKtSnU15qcVG7a/obzZ8x+1BhV4
IwRuLXtENl5XTOoC0BXKVePuUuJd1r/HXdvfnml47BeKdmcgGS1MChmYYQa6jSUv
8yamKWeVOA1KOdEJZPg8VgzU7uU/2r3nR5HSQ0/qjmYt6UFnZ8KhS4YzLR2hAXCA
mqPbdnvptvVf4On7EXESVdA6wPXKLbG9Wg3wExiW3gzOzdLTbI4m4bO/kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBS0x9PrX6l70YVfTTPefmrGV3l0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRkxUSDAtdGZxWHZSaFY5Tk05NS1hc1pYZVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUiLDAjQGYxtPJHDhMd
kIDfwfaF+boHc/JMMj/toIYTvxRjPlevqxYOjAYoWySYqMRfyxElmTKEOGRZlQJG
lheQP2oWQm3zi1klZLV9nrwo07oa7nhXCZKFAVFv/dhsmUc4Qqo7XrGsqn0azlGx
Cmj2ZbtcLz1C/DyZMdcBNyHsyqSjGnVYdGbVBU/EcGu+szpjS7mN5bDmNuteqyRQ
QWYmCn72+A5fgc5ty8AYGJXLZ/bGOQ/Pn7HR1F8adLECKHHLdoh8XOmUnLZLvaPH
Xa9c24C1r4fZld4RzSiMMRwRqSJNMuqNmLQL01Ha2ErxGUWYqzuzindFOL2riiYF
dro=
-----END CERTIFICATE-----
Generated at Sun May 11 19:20:14 2025 by rpki-client