Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HJcUuKXBq1aj_jCK40YgV_P1_k8.roa
File: HJcUuKXBq1aj_jCK40YgV_P1_k8.roa (raw, json)
Hash identifier: 6cpe74SD4XC5+MOE79xXmCLp+CFPvhDZQxQp9fEE/dI=
Subject key identifier: 1C:97:14:B8:A5:C1:AB:56:A3:FE:30:8A:E3:46:20:57:F3:F5:FE:4F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C3749D052DCFDAAE652AC4A97E4A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HJcUuKXBq1aj_jCK40YgV_P1_k8.roa
Signing time: Thu 02 Jan 2025 17:53:36 +0000
ROA not before: Thu 02 Jan 2025 17:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210542
IP address blocks: 84.32.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c3:74:9d:05:2d:cf:da:ae:65:2a:c4:a9:7e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c9714b8a5c1ab56a3fe308ae3462057f3f5fe4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:a6:b5:68:05:d1:6e:77:e6:35:da:e2:32:
f3:2a:2f:a3:66:93:ae:1f:ad:c1:72:d3:5d:85:e8:
2e:2a:31:32:27:15:43:5d:89:a0:49:4e:8c:b4:2e:
21:e8:ca:19:f9:89:85:e5:87:22:a5:1a:70:29:9e:
75:e7:01:fb:c2:b9:aa:ae:27:59:b0:76:7b:9a:21:
d0:ff:50:c0:b4:92:d8:8e:62:1b:df:cb:ca:fa:6a:
e9:1a:8e:93:1f:0f:ef:56:2f:bd:65:a7:a9:17:8e:
e7:ca:aa:c3:bd:1e:d2:64:e4:84:92:85:94:98:95:
37:25:8f:8a:b9:e4:d3:3f:5a:82:1e:cd:18:13:f5:
5d:5d:49:7d:bd:9b:9a:f5:15:e7:8e:76:01:d9:e8:
44:20:ab:c0:d8:ec:b5:ec:40:a9:26:69:d2:e3:72:
85:2b:60:2b:43:65:56:99:db:cd:c7:12:04:37:aa:
e2:70:1d:eb:9a:f8:ba:df:ec:59:3d:07:98:f0:44:
0b:70:8b:f8:30:9a:f7:a8:14:9e:d3:ab:f7:33:ea:
c4:88:ca:ce:78:09:31:fe:2b:5e:e3:b6:47:2a:45:
9e:33:be:e4:63:73:0f:4f:77:d8:d3:fc:d3:b5:4b:
c1:21:6a:95:e4:97:e2:5b:bb:9f:1b:39:29:c1:6b:
c0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:97:14:B8:A5:C1:AB:56:A3:FE:30:8A:E3:46:20:57:F3:F5:FE:4F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HJcUuKXBq1aj_jCK40YgV_P1_k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.21.0/24
Signature Algorithm: sha256WithRSAEncryption
58:3e:fc:eb:da:ec:c1:c0:dc:a5:ee:02:8c:4b:e8:24:4b:95:
5d:75:57:35:20:f8:46:79:94:53:4b:35:0a:2f:25:86:75:76:
ea:05:d6:00:2b:6c:12:9a:d1:45:e0:aa:e1:b8:46:9e:7f:8a:
17:e8:39:22:4f:0f:59:01:7c:39:a8:1e:9d:f9:4c:34:ed:14:
6b:c5:3c:fe:b9:78:c7:f4:d8:c2:1c:14:5b:3b:72:17:bb:9a:
30:7a:aa:44:db:56:93:0e:c4:0b:b5:07:06:e9:a5:b4:c7:e4:
3c:ee:1d:3d:50:55:f1:33:d3:c6:f2:25:32:5d:20:46:16:da:
ee:c7:cd:11:7a:7f:c6:47:d1:cc:08:fc:53:46:62:25:8d:63:
87:79:00:c0:fc:c9:86:bf:a4:f8:2d:39:9b:b9:33:9c:c8:91:
67:9a:bf:1b:83:d4:b7:52:45:c1:bc:c6:e9:97:45:fa:4c:75:
7b:06:08:58:25:30:af:38:53:ee:be:79:a3:a4:50:12:86:fd:
c6:79:f0:0a:7a:5f:7d:54:b1:07:3d:d0:e1:c7:35:e4:47:52:
bf:cf:dc:2b:36:85:e3:aa:a4:ce:3d:b3:e3:44:c4:c0:cd:8f:
66:a7:06:66:30:53:f3:47:df:c9:0d:d4:29:21:ba:f5:6a:d7:
bf:06:a4:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJsN0nQUtz9quZSrEqX5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk3MTRiOGE1YzFhYjU2YTNmZTMwOGFlMzQ2MjA1N2YzZjVmZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaymtWgF0W535jXa4jLzKi+jZpOu
H63BctNdheguKjEyJxVDXYmgSU6MtC4h6MoZ+YmF5YcipRpwKZ515wH7wrmqridZ
sHZ7miHQ/1DAtJLYjmIb38vK+mrpGo6THw/vVi+9ZaepF47nyqrDvR7SZOSEkoWU
mJU3JY+KueTTP1qCHs0YE/VdXUl9vZua9RXnjnYB2ehEIKvA2Oy17ECpJmnS43KF
K2ArQ2VWmdvNxxIEN6ricB3rmvi63+xZPQeY8EQLcIv4MJr3qBSe06v3M+rEiMrO
eAkx/ite47ZHKkWeM77kY3MPT3fY0/zTtUvBIWqV5JfiW7ufGzkpwWvA0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByXFLilwatWo/4wiuNGIFfz9f5PMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSEpjVXVLWEJxMWFqX2pDSzQwWWdWX1AxX2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAVMA0G
CSqGSIb3DQEBCwUAA4IBAQBYPvzr2uzBwNyl7gKMS+gkS5VddVc1IPhGeZRTSzUK
LyWGdXbqBdYAK2wSmtFF4KrhuEaef4oX6DkiTw9ZAXw5qB6d+Uw07RRrxTz+uXjH
9NjCHBRbO3IXu5oweqpE21aTDsQLtQcG6aW0x+Q87h09UFXxM9PG8iUyXSBGFtru
x80Ren/GR9HMCPxTRmIljWOHeQDA/MmGv6T4LTmbuTOcyJFnmr8bg9S3UkXBvMbp
l0X6THV7BghYJTCvOFPuvnmjpFAShv3GefAKel99VLEHPdDhxzXkR1K/z9wrNoXj
qqTOPbPjRMTAzY9mpwZmMFPzR9/JDdQpIbr1ate/BqQS
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:38 2025 by rpki-client