Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8UYQChS47853szssrUTVt-8AWaQ.roa
File: 8UYQChS47853szssrUTVt-8AWaQ.roa (raw, json)
Hash identifier: vHwS2WfQt9t3W1TEL6wGPiHV2MZki1EzkQSVyQZHQkk=
Subject key identifier: F1:46:10:0A:14:B8:EF:CE:77:B3:3B:2C:AD:44:D5:B7:EF:00:59:A4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194452C0145AB18C8B8D44D939AE8742F43
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8UYQChS47853szssrUTVt-8AWaQ.roa
Signing time: Wed 08 Jan 2025 09:08:19 +0000
ROA not before: Wed 08 Jan 2025 09:08:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214304
IP address blocks: 84.32.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:2c:01:45:ab:18:c8:b8:d4:4d:93:9a:e8:74:2f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 8 09:08:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f146100a14b8efce77b33b2cad44d5b7ef0059a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0c:e7:44:a3:44:57:b1:a7:6e:a3:d7:53:9c:
de:55:2c:01:4a:7e:90:1c:5a:69:f2:ba:6f:e3:9e:
5a:a7:cd:0f:93:80:e7:53:f4:db:b9:57:4c:f7:60:
52:9c:b4:1e:64:8b:45:12:80:a5:6c:cf:cd:4d:cd:
6f:f4:5e:c7:59:52:df:23:18:ed:00:03:d1:d5:3d:
4c:f3:6c:4a:d3:c5:9c:30:e8:b9:0a:a2:15:b0:0c:
3c:20:4b:54:2c:d0:bb:69:1b:08:66:1d:24:67:74:
11:f9:1c:d2:17:5d:0d:29:e9:09:ce:3d:cc:af:c7:
fc:ca:af:cf:03:b5:da:74:6c:df:36:63:e2:62:33:
55:a3:fe:19:6f:eb:f3:23:f3:bf:28:f2:b7:f4:cb:
fc:0d:d3:87:b1:c6:44:2d:63:fd:56:07:31:e8:ef:
ce:ae:a7:10:19:70:0d:a9:c9:c8:cd:70:70:2f:2d:
c7:41:5d:71:48:4b:15:d2:e2:e2:0b:e5:47:5c:ef:
6e:b9:1d:b0:a1:a6:29:00:17:3b:3d:f4:a5:95:6c:
af:a2:b2:cb:bb:3e:9b:d2:83:7e:8b:8e:ae:20:75:
10:7c:ca:d5:83:fa:87:c4:f2:c3:e2:bb:17:b4:1c:
47:85:19:74:fa:aa:0d:32:a3:e0:c6:58:97:de:28:
19:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:46:10:0A:14:B8:EF:CE:77:B3:3B:2C:AD:44:D5:B7:EF:00:59:A4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8UYQChS47853szssrUTVt-8AWaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:3b:b9:6b:e7:9a:36:29:18:b7:47:37:1d:b0:9c:e6:cd:d7:
07:f1:1c:a7:58:4b:93:38:12:bc:3f:e5:77:5b:97:c7:a9:94:
5b:b5:6a:95:2d:6b:7a:90:e6:d8:3e:7f:5b:f0:fe:d8:22:65:
52:b9:62:15:5c:87:d7:4b:0a:8f:61:e4:e3:fa:95:80:6a:26:
6c:1b:84:94:8d:89:74:d6:c5:4f:eb:98:e9:3a:b2:b2:79:f9:
be:69:d0:61:ae:8b:3b:77:3b:24:ee:81:37:74:f9:53:44:28:
c3:c8:2d:ab:f8:fa:56:62:e2:d5:24:36:ff:2c:6a:b2:08:2c:
35:b1:e9:19:35:bd:55:38:e4:8f:b9:6d:0d:e2:88:3a:04:12:
7b:6c:4b:5a:28:ad:6d:ef:4e:cc:58:cd:bd:a4:44:84:92:97:
a7:04:b3:1c:da:9a:9e:0d:ef:07:7c:f1:63:b4:57:4f:ce:5b:
1a:51:e6:ff:41:76:8b:62:43:b2:bb:6f:16:54:00:93:ae:43:
51:0d:1c:59:f4:f6:b3:87:04:40:65:97:6f:b1:09:63:fd:6a:
29:b1:68:86:5f:f2:77:c6:03:f1:97:a4:31:bc:69:7a:3a:cd:
1a:84:30:c9:82:d3:a1:52:b0:10:02:36:a1:9c:2f:68:80:b1:
12:e1:58:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRFLAFFqxjIuNRNk5rodC9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTA4MDkwODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQ2MTAwYTE0YjhlZmNlNzdiMzNiMmNhZDQ0ZDViN2VmMDA1OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QznRKNEV7GnbqPXU5zeVSwBSn6Q
HFpp8rpv455ap80Pk4DnU/TbuVdM92BSnLQeZItFEoClbM/NTc1v9F7HWVLfIxjt
AAPR1T1M82xK08WcMOi5CqIVsAw8IEtULNC7aRsIZh0kZ3QR+RzSF10NKekJzj3M
r8f8yq/PA7XadGzfNmPiYjNVo/4Zb+vzI/O/KPK39Mv8DdOHscZELWP9Vgcx6O/O
rqcQGXANqcnIzXBwLy3HQV1xSEsV0uLiC+VHXO9uuR2woaYpABc7PfSllWyvorLL
uz6b0oN+i46uIHUQfMrVg/qHxPLD4rsXtBxHhRl0+qoNMqPgxliX3igZbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFGEAoUuO/Od7M7LK1E1bfvAFmkMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOFVZUUNoUzQ3ODUzc3pzc3JVVFZ0LThBV2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVCAYMA0G
CSqGSIb3DQEBCwUAA4IBAQBbO7lr55o2KRi3RzcdsJzmzdcH8RynWEuTOBK8P+V3
W5fHqZRbtWqVLWt6kObYPn9b8P7YImVSuWIVXIfXSwqPYeTj+pWAaiZsG4SUjYl0
1sVP65jpOrKyefm+adBhros7dzsk7oE3dPlTRCjDyC2r+PpWYuLVJDb/LGqyCCw1
sekZNb1VOOSPuW0N4og6BBJ7bEtaKK1t707MWM29pESEkpenBLMc2pqeDe8HfPFj
tFdPzlsaUeb/QXaLYkOyu28WVACTrkNRDRxZ9PazhwRAZZdvsQlj/WopsWiGX/J3
xgPxl6QxvGl6Os0ahDDJgtOhUrAQAjahnC9ogLES4Vii
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:17 2025 by rpki-client