Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IGBnOHpIXMCHZ2fMgXBjNVhX5k.roa
File: _IGBnOHpIXMCHZ2fMgXBjNVhX5k.roa (raw, json)
Hash identifier: YY3taye4RtuZYeo0Zal9x67hhrBTzx5b+QalA3tpZcA=
Subject key identifier: FC:81:81:9C:E1:E9:21:73:02:1D:9D:9F:32:05:C1:8C:D5:61:5F:99
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826B500F12A5E1DD24049E32A289DD3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IGBnOHpIXMCHZ2fMgXBjNVhX5k.roa
Signing time: Thu 02 Jan 2025 17:53:32 +0000
ROA not before: Thu 02 Jan 2025 17:53:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54252
IP address blocks: 84.32.20.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.61.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.92.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:b5:00:f1:2a:5e:1d:d2:40:49:e3:2a:28:9d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc81819ce1e92173021d9d9f3205c18cd5615f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:d9:b5:b4:d4:4b:4f:97:4d:a2:e6:ac:96:
17:09:01:d6:d4:6e:49:b5:f4:c8:1b:8c:de:e4:00:
d9:ea:ff:ba:98:72:1a:4d:21:c2:0e:7e:96:00:e3:
db:fa:35:e3:0b:92:0d:bb:43:f6:76:e2:7e:f5:7c:
9c:c9:3a:b7:dc:cd:33:cc:19:a5:14:22:ae:d5:c2:
e9:0b:3a:88:3a:9f:e1:97:71:bd:03:ef:35:06:69:
f7:6e:6e:48:76:29:87:cf:33:14:49:23:7c:a7:8e:
ce:7a:07:36:ba:14:1e:35:ff:83:04:14:90:eb:d8:
93:33:7a:9d:87:64:cb:1b:e7:1e:2f:a6:7d:5b:1d:
d4:42:23:9a:b7:ad:48:09:f8:72:72:2d:65:43:5d:
2d:84:07:a5:2c:44:61:74:66:b1:8a:22:23:5f:60:
55:84:6e:70:7c:9a:1a:56:47:dc:72:39:8f:d1:d4:
6d:a2:bd:bd:c5:b2:cb:5d:20:4a:da:b0:b3:33:bc:
78:20:68:af:b2:bb:ae:70:ad:4f:1c:ec:5f:2a:c2:
58:ce:af:6f:e3:a7:3d:e8:8a:ad:df:df:51:d4:ca:
58:4d:9f:0e:97:b3:79:88:c1:b5:cf:2f:8b:cf:3a:
4a:ae:16:60:f5:27:78:6d:3b:0b:e4:f4:f6:b1:de:
4a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:81:81:9C:E1:E9:21:73:02:1D:9D:9F:32:05:C1:8C:D5:61:5F:99
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IGBnOHpIXMCHZ2fMgXBjNVhX5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/24
84.32.58.0/24
84.32.60.0/23
88.216.36.0/24
88.216.92.0/23
Signature Algorithm: sha256WithRSAEncryption
17:a2:2a:11:07:23:65:f2:08:09:f4:64:4f:c6:fe:2f:6d:03:
be:d9:b1:d9:c2:4b:2e:e1:f0:1c:3d:12:e4:22:ce:1f:6d:c7:
f3:4a:d3:0d:20:34:60:4d:62:74:40:06:35:ee:36:e7:2e:00:
95:91:cd:4f:60:83:49:12:f8:d8:9d:bf:2f:7b:98:8e:66:c6:
a6:c3:0a:30:32:b4:18:e8:13:48:45:2f:ae:60:a7:1b:d1:e3:
07:60:fc:ae:8f:15:b8:48:36:17:7a:96:56:b8:84:60:d0:9b:
ed:97:8d:1e:7a:73:9c:a0:76:83:cc:2e:f5:79:84:2c:95:d3:
af:72:8b:7f:ad:d2:f6:49:76:c8:86:d5:c4:f1:70:98:f8:86:
9d:aa:01:ba:b4:31:2a:c0:d0:82:dd:50:72:39:60:b6:5c:af:
2a:68:88:57:94:87:09:aa:bc:8a:fd:b0:46:9e:30:51:8d:4e:
da:01:74:72:08:40:a4:fa:e9:f2:2b:25:08:06:55:45:ac:13:
5b:8d:5f:69:14:8a:78:1b:a1:fb:ae:06:bd:2c:19:10:0c:8f:
c3:1d:f5:e4:f9:2e:c4:a9:49:04:aa:a1:65:df:a8:f5:7f:59:
1b:ff:a4:30:ab:9b:d3:5e:c1:3d:a6:c3:fa:f9:43:68:f7:37:
ed:88:3b:ba
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJrUA8SpeHdJASeMqKJ3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzgxODE5Y2UxZTkyMTczMDIxZDlkOWYzMjA1YzE4Y2Q1NjE1Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM/ZtbTUS0+XTaLmrJYXCQHW1G5J
tfTIG4ze5ADZ6v+6mHIaTSHCDn6WAOPb+jXjC5INu0P2duJ+9XycyTq33M0zzBml
FCKu1cLpCzqIOp/hl3G9A+81Bmn3bm5IdimHzzMUSSN8p47Oegc2uhQeNf+DBBSQ
69iTM3qdh2TLG+ceL6Z9Wx3UQiOat61ICfhyci1lQ10thAelLERhdGaxiiIjX2BV
hG5wfJoaVkfccjmP0dRtor29xbLLXSBK2rCzM7x4IGivsruucK1PHOxfKsJYzq9v
46c96Iqt399R1MpYTZ8Ol7N5iMG1zy+LzzpKrhZg9Sd4bTsL5PT2sd5KQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPyBgZzh6SFzAh2dnzIFwYzVYV+ZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX0lHQm5PSHBJWE1DSFoyZk1nWEJqTlZoWDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAUAwQA
VCA6AwQBVCA8AwQAWNgkAwQBWNhcMA0GCSqGSIb3DQEBCwUAA4IBAQAXoioRByNl
8ggJ9GRPxv4vbQO+2bHZwksu4fAcPRLkIs4fbcfzStMNIDRgTWJ0QAY17jbnLgCV
kc1PYINJEvjYnb8ve5iOZsamwwowMrQY6BNIRS+uYKcb0eMHYPyujxW4SDYXepZW
uIRg0Jvtl40eenOcoHaDzC71eYQsldOvcot/rdL2SXbIhtXE8XCY+IadqgG6tDEq
wNCC3VByOWC2XK8qaIhXlIcJqryK/bBGnjBRjU7aAXRyCECk+unyKyUIBlVFrBNb
jV9pFIp4G6H7rga9LBkQDI/DHfXk+S7EqUkEqqFl36j1f1kb/6Qwq5vTXsE9psP6
+UNo9zftiDu6
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:59:38 2025 by rpki-client