Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VB5cdliH67xrBUWfTnftRjpVjdA.roa
File: VB5cdliH67xrBUWfTnftRjpVjdA.roa (raw, json)
Hash identifier: JNAgLEDjjNb7f3lS37WDHtEQGYPWoJl9oT6sSo1bCQo=
Subject key identifier: 54:1E:5C:76:58:87:EB:BC:6B:05:45:9F:4E:77:ED:46:3A:55:8D:D0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019552F3BCB74C249370552D6FA6B372BB5D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VB5cdliH67xrBUWfTnftRjpVjdA.roa
Signing time: Sat 01 Mar 2025 18:24:20 +0000
ROA not before: Sat 01 Mar 2025 18:24:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.68.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:52:f3:bc:b7:4c:24:93:70:55:2d:6f:a6:b3:72:bb:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 1 18:24:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=541e5c765887ebbc6b05459f4e77ed463a558dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:85:3f:41:38:a4:03:c4:19:20:8c:bd:af:
b4:2d:20:fe:17:4a:05:5d:95:35:82:a9:04:69:1b:
4a:9c:14:10:58:91:79:2c:d3:46:c8:44:3b:a4:67:
30:c5:60:08:fb:31:56:52:fa:6f:e8:bb:52:a6:e6:
55:d1:9a:6a:ba:37:33:76:7f:6f:06:80:d3:a5:9c:
5d:7b:ee:d4:d3:a3:51:dd:1d:b2:0e:ca:31:0f:b7:
20:4b:16:9b:57:52:3b:1c:fb:27:25:ba:61:7b:95:
1d:42:9d:b7:31:e1:ef:5f:0f:65:43:9f:d9:ac:2e:
ab:80:18:8d:ea:4a:b3:75:a9:79:2e:4d:b9:41:32:
85:e8:39:52:d2:24:d8:69:a8:9d:73:27:f5:34:bd:
0f:40:2e:7a:66:e1:4e:66:cd:28:b1:26:df:f5:09:
58:cd:4c:af:43:98:01:87:f9:86:6a:43:cd:d2:dd:
6f:70:6a:06:92:c9:a0:24:be:dd:62:5a:cf:08:d6:
38:92:3d:05:e3:2b:5b:4d:a6:b5:0c:66:e8:52:a9:
23:d9:1c:5c:29:76:70:d0:33:0d:19:47:31:0b:01:
0b:25:1f:40:d2:f6:e1:89:36:f3:0b:47:3e:38:d8:
96:80:38:67:bc:ab:86:dd:06:c0:e7:ff:ba:7b:69:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1E:5C:76:58:87:EB:BC:6B:05:45:9F:4E:77:ED:46:3A:55:8D:D0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VB5cdliH67xrBUWfTnftRjpVjdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0-88.216.68.255
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.187.0/24
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d2:0f:63:34:91:69:19:45:e2:97:8d:44:a7:94:a6:a8:ae:
dd:27:8c:ed:a3:b5:2b:1e:99:3d:a0:c8:68:ea:97:96:4c:c0:
0e:96:59:6f:43:08:1e:e1:d9:db:1a:3d:3d:ea:60:73:53:d9:
2d:5b:7a:61:da:12:2e:ad:bc:9d:17:1b:2c:e4:d1:67:a4:20:
8b:8a:75:cb:07:05:5e:2b:66:de:2d:67:2a:3d:05:50:5e:6b:
a1:b0:9d:53:89:3b:e5:55:20:6e:54:99:94:39:a6:0c:50:3e:
9a:18:da:ce:14:ff:6e:b2:a8:42:65:0b:3a:27:0e:f8:f2:c3:
17:0a:ff:a4:7f:a9:52:11:64:0b:78:a8:b2:d8:63:05:a1:4b:
45:05:ca:52:2e:f3:d6:1d:30:6a:e9:87:64:1b:f7:4a:4e:d4:
cd:b1:d3:f1:41:01:3e:d3:94:e6:04:04:63:68:2b:ea:41:db:
8c:3b:18:a5:46:9b:51:2b:c7:19:3d:b3:9d:54:9f:fd:e1:ad:
46:66:4b:a1:1d:9d:fc:a7:06:3b:35:10:1d:23:32:d7:e3:0a:
89:07:0a:28:40:02:a4:7c:ef:d8:ed:74:e0:34:15:ba:0c:8a:
ab:0d:b3:e8:1b:a7:4b:c3:83:c0:57:98:19:a6:8d:b8:78:5c:
86:7e:e1:80
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZVS87y3TCSTcFUtb6azcrtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzAxMTgyNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDFlNWM3NjU4ODdlYmJjNmIwNTQ1OWY0ZTc3ZWQ0NjNhNTU4ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl+FP0E4pAPEGSCMva+0LSD+F0oF
XZU1gqkEaRtKnBQQWJF5LNNGyEQ7pGcwxWAI+zFWUvpv6LtSpuZV0Zpqujczdn9v
BoDTpZxde+7U06NR3R2yDsoxD7cgSxabV1I7HPsnJbphe5UdQp23MeHvXw9lQ5/Z
rC6rgBiN6kqzdal5Lk25QTKF6DlS0iTYaaidcyf1NL0PQC56ZuFOZs0osSbf9QlY
zUyvQ5gBh/mGakPN0t1vcGoGksmgJL7dYlrPCNY4kj0F4ytbTaa1DGboUqkj2Rxc
KXZw0DMNGUcxCwELJR9A0vbhiTbzC0c+ONiWgDhnvKuG3QbA5/+6e2lWCQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFFQeXHZYh+u8awVFn0537UY6VY3QMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVkI1Y2RsaUg2N3hyQlVXZlRuZnRSanBWamRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcDAMAwQAVCAH
AwQAVCAIAwQCVCAUAwQBVCAuAwQCVCCUAwQBVCCuAwQBVCDWAwQCVCD0AwQBWNgW
AwQBWNgsMAwDBAFY2EIDBABY2EQDBABY2F0DBAFY2IIDBAFY2IYDBABY2LsDBABY
2NwDBABY2N8wDQYJKoZIhvcNAQELBQADggEBAFjSD2M0kWkZReKXjUSnlKaort0n
jO2jtSsemT2gyGjql5ZMwA6WWW9DCB7h2dsaPT3qYHNT2S1bemHaEi6tvJ0XGyzk
0WekIIuKdcsHBV4rZt4tZyo9BVBea6GwnVOJO+VVIG5UmZQ5pgxQPpoY2s4U/26y
qEJlCzonDvjywxcK/6R/qVIRZAt4qLLYYwWhS0UFylIu89YdMGrph2Qb90pO1M2x
0/FBAT7TlOYEBGNoK+pB24w7GKVGm1Erxxk9s51Un/3hrUZmS6EdnfynBjs1EB0j
MtfjCokHCihAAqR879jtdOA0FboMiqsNs+gbp0vDg8BXmBmmjbh4XIZ+4YA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:23 2025 by rpki-client