Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_d3X4Ep94bOOSSkOoKmTcOVIATA.roa
File: _d3X4Ep94bOOSSkOoKmTcOVIATA.roa (raw, json)
Hash identifier: H/xqsEWC2gERC9bgjv4l3dgCzTNs6Lv+Y3ParatSltM=
Subject key identifier: FD:DD:D7:E0:4A:7D:E1:B3:8E:49:29:0E:A0:A9:93:70:E5:48:01:30
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826B2A89CD12A6162F72955526BE5C2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_d3X4Ep94bOOSSkOoKmTcOVIATA.roa
Signing time: Thu 02 Jan 2025 17:53:32 +0000
ROA not before: Thu 02 Jan 2025 17:53:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 84.32.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:b2:a8:9c:d1:2a:61:62:f7:29:55:52:6b:e5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdddd7e04a7de1b38e49290ea0a99370e5480130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:af:5a:2a:cc:74:04:1c:d4:9a:26:11:ae:c0:
d0:a1:20:49:f0:35:23:3b:13:3a:f1:70:e3:b6:ef:
3b:46:57:fc:7e:ba:d3:05:ba:0e:96:1c:5e:be:fb:
ca:33:85:5b:70:1f:a7:cb:91:84:cb:31:a9:e0:c4:
5a:8b:07:f7:f7:2a:21:37:71:8f:f1:c5:24:c2:d5:
75:45:a4:3e:9b:3c:6f:9f:78:0a:4e:6e:df:50:45:
43:56:29:68:d2:a8:3d:b2:fc:90:a3:ae:16:94:43:
30:f5:2c:48:f1:b3:04:81:5c:bb:26:e2:bf:0b:96:
d0:24:89:d0:99:de:9b:e0:23:c0:79:86:0c:51:2d:
e2:92:7e:c8:39:1d:97:52:43:ef:70:d5:69:18:fd:
5f:03:30:2b:19:4f:c4:30:0b:95:2a:7e:a7:75:9d:
1d:db:0e:e0:da:39:b5:4d:fe:b0:b3:b6:5c:69:57:
b9:36:f5:c7:62:be:24:59:67:5b:68:4f:4a:90:47:
10:c5:38:4e:87:80:f3:ed:2f:20:d7:fa:6c:ff:ea:
27:2a:ca:8f:c2:b7:46:a1:45:98:aa:4a:22:e8:e2:
98:90:91:25:84:5e:c6:23:77:44:0c:07:95:26:cf:
04:d4:72:b5:f6:32:81:37:76:fd:5e:da:e0:5d:80:
f8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DD:D7:E0:4A:7D:E1:B3:8E:49:29:0E:A0:A9:93:70:E5:48:01:30
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_d3X4Ep94bOOSSkOoKmTcOVIATA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.84.0/24
Signature Algorithm: sha256WithRSAEncryption
44:7b:e0:1c:62:f7:07:84:6a:61:60:18:d3:b5:50:2a:e0:66:
a1:67:63:e1:90:ff:01:fe:d9:e5:cf:23:91:e0:26:2b:34:8f:
56:61:fa:53:50:98:ee:9e:96:3c:00:ed:d2:4f:29:63:78:82:
06:c7:13:0a:4d:39:95:3f:84:d6:fa:20:d6:30:a3:cd:a4:ec:
41:b7:68:a9:61:58:8b:1b:a8:a4:60:0e:2d:81:1f:e0:68:94:
44:9d:99:d0:12:20:8b:0c:7b:9a:0d:7c:e8:27:9d:d2:3d:2d:
75:ce:12:d8:b7:84:a9:d5:66:a0:3e:2e:37:53:a0:43:fe:1d:
8e:e6:63:12:6c:b2:3e:0f:7f:78:aa:39:1f:9d:74:f5:5a:a3:
f0:37:4c:61:a4:55:cc:89:77:04:ed:df:8f:54:cc:78:c7:f6:
27:46:ed:29:16:f0:5f:e9:57:21:8b:e8:51:2b:9a:39:d7:db:
9a:94:1e:26:91:87:a6:8f:c7:73:d2:29:80:c9:0e:24:15:5d:
39:50:09:ae:f1:46:93:e8:ab:35:a5:07:e5:10:1f:21:55:14:
d8:c9:39:e1:fe:b7:86:81:f0:b6:56:7a:d0:22:09:af:a2:1b:
b3:04:24:f5:c9:c5:50:1d:75:1b:d2:1a:5e:a7:43:40:7b:de:
59:cb:b5:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJrKonNEqYWL3KVVSa+XCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRkZDdlMDRhN2RlMWIzOGU0OTI5MGVhMGE5OTM3MGU1NDgwMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7q9aKsx0BBzUmiYRrsDQoSBJ8DUj
OxM68XDjtu87Rlf8frrTBboOlhxevvvKM4VbcB+ny5GEyzGp4MRaiwf39yohN3GP
8cUkwtV1RaQ+mzxvn3gKTm7fUEVDVilo0qg9svyQo64WlEMw9SxI8bMEgVy7JuK/
C5bQJInQmd6b4CPAeYYMUS3ikn7IOR2XUkPvcNVpGP1fAzArGU/EMAuVKn6ndZ0d
2w7g2jm1Tf6ws7ZcaVe5NvXHYr4kWWdbaE9KkEcQxThOh4Dz7S8g1/ps/+onKsqP
wrdGoUWYqkoi6OKYkJElhF7GI3dEDAeVJs8E1HK19jKBN3b9XtrgXYD4uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3d1+BKfeGzjkkpDqCpk3DlSAEwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX2QzWDRFcDk0Yk9PU1NrT29LbVRjT1ZJQVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBUMA0G
CSqGSIb3DQEBCwUAA4IBAQBEe+AcYvcHhGphYBjTtVAq4GahZ2PhkP8B/tnlzyOR
4CYrNI9WYfpTUJjunpY8AO3STyljeIIGxxMKTTmVP4TW+iDWMKPNpOxBt2ipYViL
G6ikYA4tgR/gaJREnZnQEiCLDHuaDXzoJ53SPS11zhLYt4Sp1WagPi43U6BD/h2O
5mMSbLI+D394qjkfnXT1WqPwN0xhpFXMiXcE7d+PVMx4x/YnRu0pFvBf6Vchi+hR
K5o519ualB4mkYemj8dz0imAyQ4kFV05UAmu8UaT6Ks1pQflEB8hVRTYyTnh/reG
gfC2VnrQIgmvohuzBCT1ycVQHXUb0hpep0NAe95Zy7Uv
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:15:17 2025 by rpki-client