Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5scUmnDYm60Z-NgDiAg9FdgLSKc.roa
File: 5scUmnDYm60Z-NgDiAg9FdgLSKc.roa (raw, json)
Hash identifier: fh1e8Lx2TSi9ddAhrUHJBU0syqwZNYEs5/0LgxbDjtQ=
Subject key identifier: E6:C7:14:9A:70:D8:9B:AD:19:F8:D8:03:88:08:3D:15:D8:0B:48:A7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019445AC2D463EE983C49154818C0A515A6B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5scUmnDYm60Z-NgDiAg9FdgLSKc.roa
Signing time: Wed 08 Jan 2025 11:28:19 +0000
ROA not before: Wed 08 Jan 2025 11:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:ac:2d:46:3e:e9:83:c4:91:54:81:8c:0a:51:5a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 8 11:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6c7149a70d89bad19f8d80388083d15d80b48a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:05:18:6b:37:4d:00:42:2d:e3:5a:87:e7:68:
83:fa:f8:51:70:96:52:00:03:51:e3:5e:7f:64:a4:
69:ed:e0:24:fa:b4:78:1e:fe:4b:70:48:3c:a5:e4:
9d:76:20:48:49:52:8f:3c:5a:6d:cb:f8:8d:d9:c5:
57:bf:e5:42:ca:21:d1:44:a9:cd:dc:14:14:9e:1d:
97:7f:56:b2:78:d5:ba:71:93:f4:7d:0e:41:10:f8:
d9:31:25:13:dc:b0:f5:a6:51:ab:50:d0:1d:ba:6e:
30:d8:c2:c2:86:d8:e2:b1:76:f7:de:9f:1f:45:e3:
0e:77:4b:7b:d3:8c:44:72:e6:cf:0f:ed:d9:a8:b3:
b4:82:be:65:0c:30:92:6b:bc:43:cc:77:c9:8f:77:
e0:85:20:96:d0:93:83:50:21:55:6d:5f:a5:bb:2f:
0a:0a:f0:f1:e8:87:fb:74:5e:52:ea:af:23:fe:17:
54:be:10:dd:1f:63:21:3a:db:b0:15:80:a5:cf:45:
c3:58:ac:b1:ea:6b:42:aa:6d:ea:48:4e:67:06:18:
83:0c:80:10:e7:8e:9a:9f:71:55:9c:8a:fc:08:28:
e9:3d:62:94:f4:45:21:e9:76:af:26:c5:cb:33:31:
5d:5c:bc:66:ef:dc:84:be:87:57:15:4a:db:1e:d0:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C7:14:9A:70:D8:9B:AD:19:F8:D8:03:88:08:3D:15:D8:0B:48:A7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5scUmnDYm60Z-NgDiAg9FdgLSKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.25.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:42:53:90:7a:28:e5:0d:b7:62:d6:3b:22:24:82:43:8a:a4:
8e:50:c8:58:49:f4:2c:c0:c6:95:73:68:b0:39:b8:c7:19:61:
f1:ff:99:50:75:7b:1b:1b:2c:9a:4e:53:39:c8:45:2a:3c:fe:
7d:d2:17:3b:12:9b:40:c8:0d:66:c4:b4:0d:bd:47:fc:01:12:
c7:48:32:2a:59:f7:df:b7:68:08:e2:84:58:30:13:42:59:f2:
ad:eb:1c:fd:05:18:49:cd:64:a7:68:98:0c:b7:4e:3e:f8:3d:
6d:2d:91:d2:84:4f:ab:e7:eb:6e:ab:4b:eb:b2:dc:a7:fb:93:
36:d6:93:60:8b:70:c4:ba:61:dc:48:ce:40:e6:67:dd:9d:62:
c8:c9:f0:cf:eb:cd:d3:58:3f:6b:39:76:6d:86:91:77:c2:86:
78:d2:14:2b:5e:9d:19:a7:51:7d:ab:23:bd:55:65:fb:14:28:
f6:88:af:57:9e:17:e1:b2:66:ed:29:5e:a4:7b:de:f4:fd:aa:
e9:2b:0e:4d:5e:25:ae:49:68:e6:58:dc:c0:f7:aa:8b:09:0f:
c7:04:fd:3f:6c:b1:7a:24:b1:88:f2:0e:19:1c:c6:1c:52:df:
d2:fb:90:42:6f:06:91:b0:11:cf:15:ef:c3:0f:dd:66:9d:84:
0e:10:53:02
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZRFrC1GPumDxJFUgYwKUVprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTA4MTEyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM3MTQ5YTcwZDg5YmFkMTlmOGQ4MDM4ODA4M2QxNWQ4MGI0OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgUYazdNAEIt41qH52iD+vhRcJZS
AANR415/ZKRp7eAk+rR4Hv5LcEg8peSddiBISVKPPFpty/iN2cVXv+VCyiHRRKnN
3BQUnh2Xf1ayeNW6cZP0fQ5BEPjZMSUT3LD1plGrUNAdum4w2MLChtjisXb33p8f
ReMOd0t704xEcubPD+3ZqLO0gr5lDDCSa7xDzHfJj3fghSCW0JODUCFVbV+luy8K
CvDx6If7dF5S6q8j/hdUvhDdH2MhOtuwFYClz0XDWKyx6mtCqm3qSE5nBhiDDIAQ
546an3FVnIr8CCjpPWKU9EUh6XavJsXLMzFdXLxm79yEvodXFUrbHtBiDQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFObHFJpw2JutGfjYA4gIPRXYC0inMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXNjVW1uRFltNjBaLU5nRGlBZzlGZGdMU0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBABUIAcD
BABUIAgDBAJUIBQDBABUIBkDBAFUIC4DBABUIF8DBAJUIJQDBAFUIK4DBAFUINYD
BAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYwDQYJKoZIhvcNAQEL
BQADggEBAExCU5B6KOUNt2LWOyIkgkOKpI5QyFhJ9CzAxpVzaLA5uMcZYfH/mVB1
exsbLJpOUznIRSo8/n3SFzsSm0DIDWbEtA29R/wBEsdIMipZ99+3aAjihFgwE0JZ
8q3rHP0FGEnNZKdomAy3Tj74PW0tkdKET6vn626rS+uy3Kf7kzbWk2CLcMS6YdxI
zkDmZ92dYsjJ8M/rzdNYP2s5dm2GkXfChnjSFCtenRmnUX2rI71VZfsUKPaIr1ee
F+GyZu0pXqR73vT9qukrDk1eJa5JaOZY3MD3qosJD8cE/T9ssXoksYjyDhkcxhxS
39L7kEJvBpGwEc8V78MP3WadhA4QUwI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:40:45 2025 by rpki-client