Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_qDXg4tm5YRd5wSUAOGAA2YxoKs.roa
File: _qDXg4tm5YRd5wSUAOGAA2YxoKs.roa (raw, json)
Hash identifier: nwd9Q8v4dy8foNehrTZ+AXrlAgRBOmM95iOksEUn3i0=
Subject key identifier: FE:A0:D7:83:8B:66:E5:84:5D:E7:04:94:00:E1:80:03:66:31:A0:AB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194452C00B572FFE0933D0BAA182613ED17
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_qDXg4tm5YRd5wSUAOGAA2YxoKs.roa
Signing time: Wed 08 Jan 2025 09:08:19 +0000
ROA not before: Wed 08 Jan 2025 09:08:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:2c:00:b5:72:ff:e0:93:3d:0b:aa:18:26:13:ed:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 8 09:08:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fea0d7838b66e5845de7049400e180036631a0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:c5:63:3b:68:b9:95:77:0c:a0:e0:ee:7d:
31:3b:99:6e:af:41:71:87:04:ab:e1:2a:6f:13:16:
f0:1f:08:45:25:44:c2:76:f3:ea:8b:91:9b:ef:8f:
c4:56:9c:f4:4d:33:bc:4d:31:9b:3b:2c:37:c7:53:
21:d4:71:6a:21:31:e1:65:53:9f:9c:93:47:f2:86:
47:43:91:4c:e4:fb:6a:25:a5:86:89:32:93:d3:c1:
27:9c:c3:6a:a7:78:fc:f0:4a:23:dc:f3:31:42:53:
34:47:af:d2:08:b1:04:a7:72:9b:0e:12:94:2a:ad:
31:c4:d4:68:43:a1:4b:91:c4:78:d9:48:25:15:7a:
74:67:c4:13:f9:7e:ba:c5:bc:25:0b:44:2a:8e:f8:
f7:fa:bd:21:51:ce:a6:92:bf:6a:8a:43:70:55:34:
39:47:98:d9:61:4f:40:2a:e4:52:51:76:db:ca:c0:
f2:b0:00:1c:0e:7f:0c:6a:bd:04:4a:f6:18:f5:21:
f3:e5:06:b9:22:04:87:38:ec:99:d2:48:53:41:bb:
83:76:06:61:6d:21:d1:0c:c9:81:27:f3:c9:1c:b8:
12:bf:fa:87:98:07:64:d0:4e:f1:81:56:91:5d:2c:
51:ec:f4:e9:f5:0c:1d:8c:42:b3:67:22:5d:d6:ee:
be:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A0:D7:83:8B:66:E5:84:5D:E7:04:94:00:E1:80:03:66:31:A0:AB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_qDXg4tm5YRd5wSUAOGAA2YxoKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.25.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
94:34:75:80:b0:39:1d:2a:40:d8:50:e5:52:79:7d:4f:de:43:
79:23:89:06:81:85:cc:43:fc:cb:c3:37:b2:9a:c2:8a:56:7d:
83:09:70:01:15:62:db:1b:db:f3:bd:e1:2c:cd:7f:2f:30:6d:
f4:99:0a:9d:e8:ba:3c:15:f7:4e:38:95:78:c5:0a:92:f7:b7:
6d:3c:cd:67:6e:fd:17:be:1b:1c:a1:5e:6b:7c:ae:da:9e:56:
69:fd:f4:b6:36:0a:26:91:74:91:80:2d:c0:ab:ec:cc:f1:13:
cb:c4:35:ee:3a:42:c9:69:ff:7e:de:b0:2e:1a:0f:93:a3:96:
53:fc:00:b2:4a:c5:98:03:78:8c:4f:3b:6a:10:d5:c9:55:56:
78:59:e9:fe:20:a7:85:1d:31:8a:20:f4:8b:00:d7:99:5f:60:
14:4e:90:25:69:f8:c3:f5:c7:03:73:bf:e3:4b:96:b5:bc:3b:
53:95:45:5d:e5:8a:13:e5:82:37:13:0f:19:5f:fa:2c:cb:6c:
5a:b3:46:14:72:9e:a9:20:fa:d0:34:8d:15:e2:43:1b:70:b7:
87:5f:e3:58:ea:8e:0d:c9:f1:32:ec:c1:33:c7:2d:e4:06:ad:
f1:8c:a6:25:b9:b2:cf:4d:4d:02:96:95:76:d7:85:b1:5e:8e:
78:21:a1:ef
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZRFLAC1cv/gkz0LqhgmE+0XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTA4MDkwODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWEwZDc4MzhiNjZlNTg0NWRlNzA0OTQwMGUxODAwMzY2MzFhMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQLFYztouZV3DKDg7n0xO5lur0Fx
hwSr4SpvExbwHwhFJUTCdvPqi5Gb74/EVpz0TTO8TTGbOyw3x1Mh1HFqITHhZVOf
nJNH8oZHQ5FM5PtqJaWGiTKT08EnnMNqp3j88Eoj3PMxQlM0R6/SCLEEp3KbDhKU
Kq0xxNRoQ6FLkcR42UglFXp0Z8QT+X66xbwlC0Qqjvj3+r0hUc6mkr9qikNwVTQ5
R5jZYU9AKuRSUXbbysDysAAcDn8Mar0ESvYY9SHz5Qa5IgSHOOyZ0khTQbuDdgZh
bSHRDMmBJ/PJHLgSv/qHmAdk0E7xgVaRXSxR7PTp9QwdjEKzZyJd1u6+yQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFP6g14OLZuWEXecElADhgANmMaCrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX3FEWGc0dG01WVJkNXdTVUFPR0FBMll4b0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBABUIAcD
BABUIAgDBAJUIBQDBABUIBkDBAFUIC4DBABUIF8DBAJUIJQDBAFUIK4DBAFUINYD
BAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYDBABY2MUwDQYJKoZI
hvcNAQELBQADggEBAJQ0dYCwOR0qQNhQ5VJ5fU/eQ3kjiQaBhcxD/MvDN7KawopW
fYMJcAEVYtsb2/O94SzNfy8wbfSZCp3oujwV9044lXjFCpL3t208zWdu/Re+Gxyh
Xmt8rtqeVmn99LY2CiaRdJGALcCr7MzxE8vENe46Qslp/37esC4aD5OjllP8ALJK
xZgDeIxPO2oQ1clVVnhZ6f4gp4UdMYog9IsA15lfYBROkCVp+MP1xwNzv+NLlrW8
O1OVRV3lihPlgjcTDxlf+izLbFqzRhRynqkg+tA0jRXiQxtwt4df41jqjg3J8TLs
wTPHLeQGrfGMpiW5ss9NTQKWlXbXhbFejnghoe8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:49:05 2025 by rpki-client