Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SgOfKOTUg1-gytFFJ3ig7P-3xyU.roa
File: SgOfKOTUg1-gytFFJ3ig7P-3xyU.roa (raw, json)
Hash identifier: cMWqyqXC7m+p+kGXs9TzpCLqNK+OZHnMJAHKtCB51rc=
Subject key identifier: 4A:03:9F:28:E4:D4:83:5F:A0:CA:D1:45:27:78:A0:EC:FF:B7:C7:25
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0195CD215AB68D84B3134349EBEDC6B23792
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SgOfKOTUg1-gytFFJ3ig7P-3xyU.roa
Signing time: Tue 25 Mar 2025 11:47:50 +0000
ROA not before: Tue 25 Mar 2025 11:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.9.0/24 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.178.0/23 maxlen: 23
84.32.214.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:21:5a:b6:8d:84:b3:13:43:49:eb:ed:c6:b2:37:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 25 11:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a039f28e4d4835fa0cad1452778a0ecffb7c725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cc:55:89:78:95:42:82:50:c2:60:1c:53:69:
1f:5e:91:22:4e:dd:4a:e0:f7:14:62:f6:30:10:c3:
2c:e4:0f:fd:6b:37:06:ae:13:49:2e:4c:bf:4b:03:
4f:57:55:49:b5:6b:5c:00:da:8c:f4:bd:fe:9f:3d:
55:28:58:c0:80:00:bf:14:2d:06:60:34:ad:30:27:
5d:75:70:75:6e:54:12:38:09:11:2f:74:61:d5:fb:
a9:4b:2c:32:d6:a7:1d:9c:22:1f:8d:65:54:6f:58:
40:d4:e9:e0:75:65:92:c5:b1:ce:f1:ac:f8:87:4c:
56:6b:b2:d6:9e:8f:6b:ce:e8:33:4e:99:8f:12:80:
21:8a:ce:2f:a3:cb:97:e2:a0:19:34:01:b7:96:11:
0f:ef:3e:99:1f:5e:c4:79:52:ec:41:26:ef:7d:5b:
ff:dd:e1:88:a0:44:ce:42:1d:c5:00:27:11:ac:26:
29:8b:07:dc:39:d6:ae:8f:67:79:02:f0:e3:85:85:
5a:8b:59:f0:f5:4d:70:fb:d0:f2:d2:e8:bd:73:ba:
21:60:10:22:6b:99:28:73:f1:df:00:b5:8d:3e:bd:
d6:f1:94:10:6a:ba:bc:eb:45:0a:93:79:83:b5:37:
5f:05:22:68:6f:d4:29:af:9e:fe:36:0f:9e:cb:54:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:03:9F:28:E4:D4:83:5F:A0:CA:D1:45:27:78:A0:EC:FF:B7:C7:25
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SgOfKOTUg1-gytFFJ3ig7P-3xyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.25.0/24
84.32.178.0/23
84.32.214.0/23
84.32.248.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1e:de:07:2d:57:c3:0f:48:13:cf:33:4f:33:fa:1e:2e:c0:
1c:72:d2:83:ac:05:92:96:d6:c3:9e:b9:55:20:75:25:78:64:
5f:3c:5a:ff:f1:f8:2c:c6:8e:b6:14:fd:13:7e:46:3d:36:ef:
28:d9:2a:aa:b9:97:5a:3c:55:37:3e:c9:d5:b8:9c:57:73:5c:
14:a3:d1:87:2e:7f:03:17:8c:6a:ef:07:64:cf:82:16:ba:b4:
ba:b6:15:98:a5:b4:68:70:dc:8a:06:d4:9d:e1:56:ce:46:16:
68:1f:a6:1a:79:5f:32:48:dd:0f:41:9c:5e:95:a0:23:8b:3b:
eb:cf:4a:b0:d2:8f:1b:89:09:b1:2b:0d:65:b6:ae:61:e2:16:
f4:3c:7e:6e:d5:6a:ac:53:01:69:00:e9:fc:e7:a0:21:85:6f:
0f:62:94:20:6a:0d:70:d3:b9:9d:90:41:0f:6b:b9:88:a1:e1:
69:fe:f2:be:03:f6:11:d1:0f:5b:16:91:24:8a:72:93:0f:85:
79:b5:8d:43:b7:2a:5d:8b:94:ed:63:d8:97:ae:18:e7:db:8e:
cb:b6:bb:3f:9c:bf:a9:61:2f:3a:de:f1:2f:b4:6f:5e:81:55:
ac:96:00:45:58:18:57:e4:22:8e:2a:99:30:40:b9:29:f0:30:
d0:0c:59:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXNIVq2jYSzE0NJ6+3GsjeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzI1MTE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTAzOWYyOGU0ZDQ4MzVmYTBjYWQxNDUyNzc4YTBlY2ZmYjdjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8xViXiVQoJQwmAcU2kfXpEiTt1K
4PcUYvYwEMMs5A/9azcGrhNJLky/SwNPV1VJtWtcANqM9L3+nz1VKFjAgAC/FC0G
YDStMCdddXB1blQSOAkRL3Rh1fupSywy1qcdnCIfjWVUb1hA1OngdWWSxbHO8az4
h0xWa7LWno9rzugzTpmPEoAhis4vo8uX4qAZNAG3lhEP7z6ZH17EeVLsQSbvfVv/
3eGIoETOQh3FACcRrCYpiwfcOdauj2d5AvDjhYVai1nw9U1w+9Dy0ui9c7ohYBAi
a5koc/HfALWNPr3W8ZQQarq860UKk3mDtTdfBSJob9Qpr57+Ng+ey1S2VQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEoDnyjk1INfoMrRRSd4oOz/t8clMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU2dPZktPVFVnMS1neXRGRkozaWc3UC0zeHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAJAwQA
VCAZAwQBVCCyAwQBVCDWAwQAVCD4AwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
Ht4HLVfDD0gTzzNPM/oeLsAcctKDrAWSltbDnrlVIHUleGRfPFr/8fgsxo62FP0T
fkY9Nu8o2SqquZdaPFU3PsnVuJxXc1wUo9GHLn8DF4xq7wdkz4IWurS6thWYpbRo
cNyKBtSd4VbORhZoH6YaeV8ySN0PQZxelaAjizvrz0qw0o8biQmxKw1ltq5h4hb0
PH5u1WqsUwFpAOn856AhhW8PYpQgag1w07mdkEEPa7mIoeFp/vK+A/YR0Q9bFpEk
inKTD4V5tY1Dtypdi5TtY9iXrhjn247Ltrs/nL+pYS863vEvtG9egVWslgBFWBhX
5CKOKpkwQLkp8DDQDFmT
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:42 2025 by rpki-client