Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/98dBYJyOgLHohDpm0W5HKbze4RQ.roa
File: 98dBYJyOgLHohDpm0W5HKbze4RQ.roa (raw, json)
Hash identifier: HC8WWz5uleShouSdkDbbTy/3ePM5q6fx47I6MomtIiQ=
Subject key identifier: F7:C7:41:60:9C:8E:80:B1:E8:84:3A:66:D1:6E:47:29:BC:DE:E1:14
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194D1E3FB40BD4F7F85F1623AECB605AFEE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/98dBYJyOgLHohDpm0W5HKbze4RQ.roa
Signing time: Tue 04 Feb 2025 16:56:06 +0000
ROA not before: Tue 04 Feb 2025 16:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:e3:fb:40:bd:4f:7f:85:f1:62:3a:ec:b6:05:af:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 4 16:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7c741609c8e80b1e8843a66d16e4729bcdee114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cc:60:b2:73:35:3f:b2:18:a5:be:36:5b:41:
94:d8:cd:3c:bf:92:f9:07:c5:e4:58:f8:36:03:b9:
3c:29:b0:4b:65:2c:9d:98:a3:c8:ab:1c:44:6f:64:
1d:ac:c4:04:a5:90:e6:77:e7:11:b8:7c:8c:98:07:
f7:68:6c:ec:a1:9b:0f:0f:9c:8c:ba:0b:03:39:a4:
81:1d:67:e4:99:d2:ca:e0:b5:4c:fb:4e:31:42:d9:
49:0f:b2:f2:48:c9:92:86:17:1b:f1:6f:bc:32:0b:
9f:fc:6f:7b:70:82:8e:16:ac:9b:e9:ab:4d:bf:18:
6a:36:18:9d:4d:06:53:87:df:6e:6d:04:c2:29:98:
27:55:34:60:9e:e9:08:06:1e:f3:73:1e:7e:bb:67:
0f:0c:81:9c:64:9e:67:c0:0e:5f:a4:7d:66:97:b2:
6e:cb:21:8c:9d:45:79:90:a4:16:ab:e3:68:12:5d:
96:bf:2a:cd:c8:cf:1f:c7:85:b6:36:98:a0:93:d1:
18:e1:01:31:a3:c1:59:77:02:f0:34:c2:e1:53:07:
97:d2:a0:a2:b6:73:95:4a:85:02:4c:98:39:82:a6:
95:2a:ea:20:3f:2e:ca:fe:18:72:e3:57:75:e8:b5:
8c:d1:a5:bc:50:be:11:7a:25:bf:5c:95:cc:02:a3:
46:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C7:41:60:9C:8E:80:B1:E8:84:3A:66:D1:6E:47:29:BC:DE:E1:14
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/98dBYJyOgLHohDpm0W5HKbze4RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.34.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
Signature Algorithm: sha256WithRSAEncryption
94:e8:a9:b7:54:39:7c:cb:80:ec:31:e7:65:3e:d7:ce:76:8d:
41:b1:a1:d0:2f:06:f1:3e:be:2c:84:09:aa:da:8b:66:89:e3:
cd:89:ff:56:97:66:c5:3e:8f:f9:f9:ce:25:89:3d:24:7e:82:
8d:de:3a:a9:d0:5b:ef:bc:54:14:70:65:b7:a0:04:39:7f:47:
fe:63:1d:57:b2:a9:76:85:ff:94:8b:c0:f5:ad:5a:a9:58:41:
27:ba:b1:9a:f6:80:1e:a8:a0:0b:ad:5f:22:bb:a6:48:94:ff:
47:76:f8:24:04:57:df:64:d5:ce:cf:cb:ff:cb:c1:c2:f2:bd:
ba:96:12:3e:67:9a:4b:bd:f0:47:3e:6d:e7:75:9d:98:b7:4d:
6e:78:7b:9a:2f:14:95:3e:f6:c4:be:65:8a:7b:83:96:1c:14:
17:ee:f2:f7:d9:dd:1f:d1:4b:a0:ea:98:b3:ec:09:bc:57:2b:
19:b4:33:35:d2:aa:cf:c9:7c:cc:e8:3c:31:82:bb:d6:f1:70:
2b:73:ac:7d:04:11:1e:a2:3a:bb:f7:e6:66:47:e7:83:7c:a9:
42:a8:8b:c0:57:5b:ee:40:b6:06:65:c7:d2:f9:e8:96:ec:69:
9f:20:03:de:53:26:88:e0:9d:23:48:0e:ef:bc:58:20:2a:79:
19:03:c8:a3
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZTR4/tAvU9/hfFiOuy2Ba/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjA0MTY1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M3NDE2MDljOGU4MGIxZTg4NDNhNjZkMTZlNDcyOWJjZGVlMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8xgsnM1P7IYpb42W0GU2M08v5L5
B8XkWPg2A7k8KbBLZSydmKPIqxxEb2QdrMQEpZDmd+cRuHyMmAf3aGzsoZsPD5yM
ugsDOaSBHWfkmdLK4LVM+04xQtlJD7LySMmShhcb8W+8Mguf/G97cIKOFqyb6atN
vxhqNhidTQZTh99ubQTCKZgnVTRgnukIBh7zcx5+u2cPDIGcZJ5nwA5fpH1ml7Ju
yyGMnUV5kKQWq+NoEl2WvyrNyM8fx4W2Npigk9EY4QExo8FZdwLwNMLhUweX0qCi
tnOVSoUCTJg5gqaVKuogPy7K/hhy41d16LWM0aW8UL4ReiW/XJXMAqNGbwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFPfHQWCcjoCx6IQ6ZtFuRym83uEUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOThkQllKeU9nTEhvaERwbTBXNUhLYnplNFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBABUIEADBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQD
BAFY2BYDBABY2CIDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYwDQYJKoZIhvcNAQEL
BQADggEBAJToqbdUOXzLgOwx52U+1852jUGxodAvBvE+viyECarai2aJ482J/1aX
ZsU+j/n5ziWJPSR+go3eOqnQW++8VBRwZbegBDl/R/5jHVeyqXaF/5SLwPWtWqlY
QSe6sZr2gB6ooAutXyK7pkiU/0d2+CQEV99k1c7Py//LwcLyvbqWEj5nmku98Ec+
bed1nZi3TW54e5ovFJU+9sS+ZYp7g5YcFBfu8vfZ3R/RS6DqmLPsCbxXKxm0MzXS
qs/JfMzoPDGCu9bxcCtzrH0EER6iOrv35mZH54N8qUKoi8BXW+5AtgZlx9L56Jbs
aZ8gA95TJojgnSNIDu+8WCAqeRkDyKM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:46:25 2025 by rpki-client