Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FVM1XWD6AaxJ-01tVWuKFDUtKY4.roa
File: FVM1XWD6AaxJ-01tVWuKFDUtKY4.roa (raw, json)
Hash identifier: GZ8FrmUb5eleshFz/3OZMah/x7NbzdMom0FGeBwKIz0=
Subject key identifier: 15:53:35:5D:60:FA:01:AC:49:FB:4D:6D:55:6B:8A:14:35:2D:29:8E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C25BD82383A90441335A62B4D59CEE909
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FVM1XWD6AaxJ-01tVWuKFDUtKY4.roa
Signing time: Fri 01 Dec 2023 14:17:05 +0000
ROA not before: Fri 01 Dec 2023 14:17:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:bd:82:38:3a:90:44:13:35:a6:2b:4d:59:ce:e9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 14:17:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1553355d60fa01ac49fb4d6d556b8a14352d298e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c1:aa:93:4c:06:9a:16:5d:1a:29:a9:05:0e:
b9:12:d2:5d:10:a8:df:16:94:63:a4:5d:78:fd:11:
82:84:87:04:7b:a4:c0:96:1d:99:16:f1:e0:fd:66:
9c:a3:9f:b4:31:76:fa:dc:76:9b:40:85:b7:16:08:
d9:e4:b4:ca:ba:ba:d0:3e:cd:9c:1a:e3:5f:5f:ff:
8b:e1:24:bc:bf:47:f4:e3:df:48:ea:ac:9c:2e:f1:
d4:c8:9f:cf:1e:2e:d0:f6:b7:53:08:8d:9c:fe:ee:
44:0d:73:30:96:63:d6:4c:54:3c:c4:ea:54:51:89:
fa:ed:8b:f4:0c:40:ae:23:7e:62:19:6f:97:07:c6:
6f:88:76:d7:70:a4:fd:86:e9:a9:6c:d9:5a:d8:73:
0c:cd:a3:b0:0b:a1:7e:89:1f:6c:d6:18:9c:f4:b2:
ff:ce:55:e5:ba:50:3a:30:be:13:0c:dd:b7:20:85:
fe:03:8a:66:66:8d:f3:0d:98:4f:55:5a:68:f9:9a:
5b:44:41:d7:64:95:4f:86:6a:98:5d:9c:74:7e:a0:
f9:53:aa:7b:2f:44:18:78:4d:d6:6f:f2:51:ca:28:
26:c3:ec:08:1e:f0:53:f0:4f:c6:c7:d7:ab:42:c2:
b3:38:ee:8e:a2:90:58:8d:d0:77:6e:aa:1d:30:7e:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:53:35:5D:60:FA:01:AC:49:FB:4D:6D:55:6B:8A:14:35:2D:29:8E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FVM1XWD6AaxJ-01tVWuKFDUtKY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:b0:c5:19:13:6e:6d:2f:5c:58:56:2c:9a:fa:4e:eb:f3:b7:
bd:4c:88:ae:d1:29:76:b0:04:f5:f6:b0:a8:12:db:7e:13:37:
c3:83:79:dc:72:94:65:a2:b6:44:91:38:17:52:3d:af:15:25:
c1:cc:ac:ef:a8:9a:20:e3:40:f1:ed:f0:cf:82:64:0d:16:73:
a2:5f:0c:0a:5e:a0:c0:1c:c5:d7:b8:f4:d9:49:b4:25:29:d9:
3f:a9:87:b4:86:7a:34:d2:e3:f3:57:78:ce:82:94:11:ae:1a:
ca:2f:fc:62:5b:70:52:3a:23:2f:cc:3a:1f:e7:01:ef:7a:3c:
39:16:e1:33:1f:ed:f7:92:d4:9c:94:d7:24:9d:70:ec:09:00:
97:ed:e4:25:6c:51:46:ea:4a:9c:cc:ed:3b:62:6a:6a:46:c6:
61:a7:7e:09:4a:32:0b:81:bd:a7:74:7c:c9:ea:a1:93:bb:fa:
22:51:54:5f:20:40:74:0d:80:db:d6:f7:5c:dc:ad:e6:81:12:
03:be:09:f6:51:c5:66:40:cf:38:40:10:89:8f:24:c7:ae:6e:
a6:39:a7:61:cf:34:73:2b:22:f1:d5:39:3a:d7:14:7c:3b:d4:
9c:a8:2f:a1:89:f2:00:75:84:89:05:48:64:80:67:36:9e:b9:
5d:b9:80:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwlvYI4OpBEEzWmK01ZzukJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMTQxNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTUzMzU1ZDYwZmEwMWFjNDlmYjRkNmQ1NTZiOGExNDM1MmQyOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Gqk0wGmhZdGimpBQ65EtJdEKjf
FpRjpF14/RGChIcEe6TAlh2ZFvHg/Waco5+0MXb63HabQIW3FgjZ5LTKurrQPs2c
GuNfX/+L4SS8v0f0499I6qycLvHUyJ/PHi7Q9rdTCI2c/u5EDXMwlmPWTFQ8xOpU
UYn67Yv0DECuI35iGW+XB8ZviHbXcKT9humpbNla2HMMzaOwC6F+iR9s1hic9LL/
zlXlulA6ML4TDN23IIX+A4pmZo3zDZhPVVpo+ZpbREHXZJVPhmqYXZx0fqD5U6p7
L0QYeE3Wb/JRyigmw+wIHvBT8E/Gx9erQsKzOO6OopBYjdB3bqodMH6KWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBVTNV1g+gGsSftNbVVrihQ1LSmOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRlZNMVhXRDZBYXhKLTAxdFZXdUtGRFV0S1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEOwxRkTbm0vXFhWLJr6
Tuvzt71MiK7RKXawBPX2sKgS234TN8ODedxylGWitkSROBdSPa8VJcHMrO+omiDj
QPHt8M+CZA0Wc6JfDApeoMAcxde49NlJtCUp2T+ph7SGejTS4/NXeM6ClBGuGsov
/GJbcFI6Iy/MOh/nAe96PDkW4TMf7feS1JyU1ySdcOwJAJft5CVsUUbqSpzM7Tti
ampGxmGnfglKMguBvad0fMnqoZO7+iJRVF8gQHQNgNvW91zcreaBEgO+CfZRxWZA
zzhAEImPJMeubqY5p2HPNHMrIvHVOTrXFHw71JyoL6GJ8gB1hIkFSGSAZzaeuV25
gEk=
-----END CERTIFICATE-----
Generated at Sat May 10 12:40:46 2025 by rpki-client