Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/FCpUh7uMn_jm2jqwI2G_dP05phQ.roa
File: FCpUh7uMn_jm2jqwI2G_dP05phQ.roa (raw, json)
Hash identifier: FZn5zdTsckuUQUO6IXLrYuHkdb4oQF7csC6+blEeSeA=
Subject key identifier: 14:2A:54:87:BB:8C:9F:F8:E6:DA:3A:B0:23:61:BF:74:FD:39:A6:14
Certificate issuer: /CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Certificate serial: 01942068188CAA4B8D626B0AC5D52070E0DD
Authority key identifier: 97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/FCpUh7uMn_jm2jqwI2G_dP05phQ.roa
Signing time: Wed 01 Jan 2025 05:48:00 +0000
ROA not before: Wed 01 Jan 2025 05:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213250
IP address blocks: 91.200.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:18:8c:aa:4b:8d:62:6b:0a:c5:d5:20:70:e0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Validity
Not Before: Jan 1 05:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=142a5487bb8c9ff8e6da3ab02361bf74fd39a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fb:f6:f1:71:a3:59:98:07:6e:7c:6a:c2:b2:
ac:3e:6a:02:ca:a5:52:b9:07:a8:b4:a9:e8:d2:87:
97:a2:81:16:3d:a8:7e:3b:70:46:be:f3:a5:f2:6f:
ec:0d:50:9e:c4:cb:ac:ba:c6:76:8d:ac:07:54:f5:
ae:1b:9f:bc:7a:f7:7d:65:c8:c0:96:c0:7d:d8:9d:
38:51:70:c9:9c:12:31:67:10:38:6f:f0:83:f9:45:
a1:4a:62:30:5e:77:bd:8b:c2:88:96:02:13:01:6b:
4e:87:a2:05:2e:0e:8c:c9:eb:3b:9d:e4:57:d8:e7:
b4:18:5a:cb:01:cd:fb:7f:41:e9:13:9f:5e:b3:fc:
19:7b:7d:c5:29:3b:fd:24:f2:df:90:45:27:1b:f7:
e9:9c:ce:00:2a:a5:89:a1:a6:2c:d4:fa:93:fc:ad:
06:28:06:c0:d8:aa:9a:27:17:c7:ac:b1:06:0b:27:
ef:a3:be:a6:03:74:b3:9c:37:fd:c8:02:29:75:c3:
da:f8:55:43:97:96:9d:6a:e8:67:d0:cd:68:dd:fc:
fa:76:ca:b7:d3:c9:36:82:00:15:eb:18:0c:b5:f2:
9f:94:8b:c6:82:f3:9c:4b:b9:09:3e:11:c4:fa:b0:
ff:53:be:1e:0c:2a:ce:21:c3:cc:e9:60:34:7f:a9:
2e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2A:54:87:BB:8C:9F:F8:E6:DA:3A:B0:23:61:BF:74:FD:39:A6:14
X509v3 Authority Key Identifier:
keyid:97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/FCpUh7uMn_jm2jqwI2G_dP05phQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:31:0e:0a:a6:d4:c2:02:6c:4f:dc:d4:3a:cf:96:be:3f:c9:
6f:92:f8:d2:22:f2:d1:50:74:f6:3c:bf:0e:7a:b3:d6:8c:ed:
31:c4:e3:1f:d0:26:3e:e5:67:ef:08:e9:7b:a8:9f:1c:eb:38:
c8:d8:5c:3c:70:01:57:a4:df:19:68:5d:ea:ad:c0:25:af:1f:
19:a7:3a:d7:bf:6a:5e:2b:76:71:68:28:b2:ee:ee:bb:68:2e:
f2:2f:7e:11:8e:05:d9:2e:47:47:ad:66:b8:6d:03:fc:66:f4:
bb:ec:d5:f9:f1:21:55:f0:55:20:fd:ea:2b:15:31:ff:99:2f:
71:0b:b3:06:ab:f6:a2:7c:41:5f:75:15:53:95:75:2c:ca:9c:
be:eb:05:58:6c:54:a8:94:e2:7e:5a:2c:52:21:da:a3:45:97:
d5:7c:66:70:10:14:91:fa:6b:ac:c7:30:5a:4c:42:ad:6f:b9:
2b:08:f1:7c:f2:df:91:12:52:04:5f:46:fb:83:db:99:71:bd:
31:85:e0:3a:73:1f:bb:0a:e2:a9:63:48:34:5f:f8:d9:74:9a:
c8:ea:e4:a0:6d:03:12:61:3a:ae:8d:c1:87:bc:b8:54:aa:d5:
7c:16:0a:b5:29:3b:d1:8b:9e:9f:7b:88:e5:f5:dc:a4:8e:94:
09:85:2e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBiMqkuNYmsKxdUgcODdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDY2MWNiMWMzOGU2M2JkNzhiZDZiMmIxZDY4Njg2YTU0
MTViZjUwHhcNMjUwMTAxMDU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJhNTQ4N2JiOGM5ZmY4ZTZkYTNhYjAyMzYxYmY3NGZkMzlhNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/v28XGjWZgHbnxqwrKsPmoCyqVS
uQeotKno0oeXooEWPah+O3BGvvOl8m/sDVCexMususZ2jawHVPWuG5+8evd9ZcjA
lsB92J04UXDJnBIxZxA4b/CD+UWhSmIwXne9i8KIlgITAWtOh6IFLg6Myes7neRX
2Oe0GFrLAc37f0HpE59es/wZe33FKTv9JPLfkEUnG/fpnM4AKqWJoaYs1PqT/K0G
KAbA2KqaJxfHrLEGCyfvo76mA3SznDf9yAIpdcPa+FVDl5adauhn0M1o3fz6dsq3
08k2ggAV6xgMtfKflIvGgvOcS7kJPhHE+rD/U74eDCrOIcPM6WA0f6kufwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQqVIe7jJ/45to6sCNhv3T9OaYUMB8GA1UdIwQY
MBaAFJdGYcscOOY714vWsrHWhoalQVv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTkt
OGFkYWMxN2U5MGFlLzEvRkNwVWg3dU1uX2ptMmpxd0kyR19kUDA1cGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTktOGFkYWMxN2U5MGFl
LzEvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8hkMA0G
CSqGSIb3DQEBCwUAA4IBAQA8MQ4KptTCAmxP3NQ6z5a+P8lvkvjSIvLRUHT2PL8O
erPWjO0xxOMf0CY+5WfvCOl7qJ8c6zjI2Fw8cAFXpN8ZaF3qrcAlrx8ZpzrXv2pe
K3ZxaCiy7u67aC7yL34RjgXZLkdHrWa4bQP8ZvS77NX58SFV8FUg/eorFTH/mS9x
C7MGq/aifEFfdRVTlXUsypy+6wVYbFSolOJ+WixSIdqjRZfVfGZwEBSR+musxzBa
TEKtb7krCPF88t+RElIEX0b7g9uZcb0xheA6cx+7CuKpY0g0X/jZdJrI6uSgbQMS
YTqujcGHvLhUqtV8Fgq1KTvRi56fe4jl9dykjpQJhS4Q
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:40:05 2025 by rpki-client