Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2CiZc6uZFPHY9i2U0IIEUxar9ew.roa
File: 2CiZc6uZFPHY9i2U0IIEUxar9ew.roa (raw, json)
Hash identifier: yQR+kYXHqnR95lILEg0ANdD8DuwO74Nw6etzLGsYl4M=
Subject key identifier: D8:28:99:73:AB:99:14:F1:D8:F6:2D:94:D0:82:04:53:16:AB:F5:EC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C89B7735970F70C8474BB3039034
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2CiZc6uZFPHY9i2U0IIEUxar9ew.roa
Signing time: Thu 02 Jan 2025 17:53:37 +0000
ROA not before: Thu 02 Jan 2025 17:53:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213941
IP address blocks: 84.32.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c8:9b:77:35:97:0f:70:c8:47:4b:b3:03:90:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8289973ab9914f1d8f62d94d082045316abf5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:a7:67:92:77:ce:83:96:30:df:76:ae:08:
2e:78:95:92:b3:cd:85:87:a3:96:b7:fc:33:25:8e:
bb:e7:c6:58:41:bb:59:d7:0b:3c:f0:9b:0b:fd:6c:
97:97:c5:dc:11:3d:fc:48:0b:ad:57:03:5c:00:cd:
b9:46:f3:5c:44:b6:9a:79:2b:de:2c:0e:70:82:07:
e8:29:b0:9a:c0:6a:06:94:f0:19:6d:c7:d6:0e:aa:
2e:62:f7:04:e0:fc:d7:87:e1:df:f4:3d:17:65:1e:
2e:86:55:2d:61:b0:3b:c4:45:2f:29:4b:d9:d9:7c:
76:3a:29:b0:31:5b:06:8c:71:cd:e5:34:3e:28:61:
3e:0a:9c:a7:de:e8:b1:29:9e:1d:e5:e7:78:ed:9a:
9a:78:c3:6b:c9:00:64:ec:d1:6a:64:44:3a:a5:78:
9b:d2:c4:06:04:d3:7d:be:87:51:2b:df:46:0b:00:
e3:67:ca:5c:bb:32:d1:d0:85:9c:cf:e3:fe:ce:90:
80:65:4d:5a:09:94:b7:dc:96:b6:61:f9:7d:b1:02:
3e:11:01:a5:44:0c:92:7f:41:f0:69:9a:98:7c:56:
ab:a5:87:6e:91:dd:f8:2f:74:ca:4d:90:f6:ec:45:
26:80:c9:84:1b:0f:ae:5c:2d:49:08:a3:8d:8e:2f:
25:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:28:99:73:AB:99:14:F1:D8:F6:2D:94:D0:82:04:53:16:AB:F5:EC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2CiZc6uZFPHY9i2U0IIEUxar9ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.26.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e7:ee:60:57:b7:78:af:70:77:59:9a:92:4d:77:d7:7f:03:
34:16:5a:bf:f7:ad:2d:f6:08:aa:06:d7:9c:16:4d:f9:39:6a:
64:33:1c:71:07:08:87:1e:04:b0:1c:1f:77:ae:fd:57:f3:cf:
d4:b5:01:4c:9d:32:0a:6a:c8:52:4f:43:d3:fe:16:0d:b8:14:
c5:51:b2:89:f8:f5:f7:5f:a6:4b:8e:53:c9:56:27:fa:bd:66:
67:42:b4:2d:05:4d:81:e8:c2:6e:3b:32:c4:c6:3f:ff:c3:ee:
b5:74:1c:ea:f8:ff:d3:aa:6e:e3:e6:d1:41:b8:ad:e0:8d:c7:
fc:e8:21:5b:0a:52:67:7f:54:0b:d3:d9:0e:60:64:d5:d9:16:
75:48:5a:0b:2a:19:2d:61:f9:22:d9:10:4d:82:e2:8e:c8:96:
83:53:f7:0f:be:11:e9:02:a5:2c:65:8d:f0:87:40:5a:af:58:
a7:75:7c:63:5f:cf:2a:08:93:5b:e0:a9:5e:9e:75:77:9b:6e:
57:f1:bf:c4:10:c6:a5:77:5a:94:51:95:9d:86:7e:85:b9:bd:
b5:61:46:51:d7:56:5d:19:92:a3:d9:c9:70:ae:b2:7d:a9:1b:
0c:4d:f9:26:bf:38:cb:a7:25:20:a9:f1:4a:d4:1f:7f:7c:6b:
f5:68:8d:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJsibdzWXD3DIR0uzA5A0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI4OTk3M2FiOTkxNGYxZDhmNjJkOTRkMDgyMDQ1MzE2YWJmNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx+nZ5J3zoOWMN92rggueJWSs82F
h6OWt/wzJY6758ZYQbtZ1ws88JsL/WyXl8XcET38SAutVwNcAM25RvNcRLaaeSve
LA5wggfoKbCawGoGlPAZbcfWDqouYvcE4PzXh+Hf9D0XZR4uhlUtYbA7xEUvKUvZ
2Xx2OimwMVsGjHHN5TQ+KGE+Cpyn3uixKZ4d5ed47ZqaeMNryQBk7NFqZEQ6pXib
0sQGBNN9vodRK99GCwDjZ8pcuzLR0IWcz+P+zpCAZU1aCZS33Ja2Yfl9sQI+EQGl
RAySf0HwaZqYfFarpYdukd34L3TKTZD27EUmgMmEGw+uXC1JCKONji8l8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgomXOrmRTx2PYtlNCCBFMWq/XsMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMkNpWmM2dVpGUEhZOWkyVTBJSUVVeGFyOWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAaMA0G
CSqGSIb3DQEBCwUAA4IBAQB65+5gV7d4r3B3WZqSTXfXfwM0Flq/960t9giqBtec
Fk35OWpkMxxxBwiHHgSwHB93rv1X88/UtQFMnTIKashST0PT/hYNuBTFUbKJ+PX3
X6ZLjlPJVif6vWZnQrQtBU2B6MJuOzLExj//w+61dBzq+P/Tqm7j5tFBuK3gjcf8
6CFbClJnf1QL09kOYGTV2RZ1SFoLKhktYfki2RBNguKOyJaDU/cPvhHpAqUsZY3w
h0Bar1indXxjX88qCJNb4KlennV3m25X8b/EEMald1qUUZWdhn6Fub21YUZR11Zd
GZKj2clwrrJ9qRsMTfkmvzjLpyUgqfFK1B9/fGv1aI3J
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:25:27 2025 by rpki-client