Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pxlBT8moCeGflB9lTR0g1T2_15I.roa
File: pxlBT8moCeGflB9lTR0g1T2_15I.roa (raw, json)
Hash identifier: jMXszeDGEQ8xCejFFjVTopMHa61KJcox8ixj/7FCsYE=
Subject key identifier: A7:19:41:4F:C9:A8:09:E1:9F:94:1F:65:4D:1D:20:D5:3D:BF:D7:92
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019562D76C6188BB39461287BAB3C589BD22
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pxlBT8moCeGflB9lTR0g1T2_15I.roa
Signing time: Tue 04 Mar 2025 20:27:19 +0000
ROA not before: Tue 04 Mar 2025 20:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:d7:6c:61:88:bb:39:46:12:87:ba:b3:c5:89:bd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 20:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a719414fc9a809e19f941f654d1d20d53dbfd792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:04:3a:c5:c5:6e:45:c7:17:c6:3e:e6:f3:77:
93:91:30:b9:59:4b:1f:7a:51:bf:62:42:ec:47:4e:
bc:6f:60:47:ee:d8:9c:1e:66:50:8b:36:62:4b:9b:
ac:1e:40:dc:d8:a1:48:d5:6a:53:13:9c:1b:bc:09:
7c:f4:bc:26:ee:e5:7f:4e:76:cb:6a:35:37:9b:00:
6d:5e:ac:1b:7e:da:d7:86:7e:9d:6e:33:cc:69:cd:
5f:42:88:1a:f3:76:91:f3:be:d1:0a:37:17:00:e8:
77:9c:73:6c:f5:64:05:d0:9f:61:8a:87:22:87:29:
7e:34:8a:5f:d5:32:c2:47:a0:a9:2c:f3:02:d7:95:
38:ac:71:51:b3:4b:b6:1e:c6:9e:b0:18:70:57:58:
cf:42:cb:d1:d3:55:16:f4:08:75:ae:30:0f:3f:c2:
8b:e3:60:ac:35:fc:cf:b4:83:05:ca:53:37:a0:bd:
09:b7:2f:3e:4f:cf:84:b4:87:17:7e:f3:c0:19:04:
1f:8e:a7:2a:0a:bc:52:70:6a:17:a7:3d:ae:85:80:
07:05:0a:a5:93:7a:0a:96:f9:50:83:45:aa:6c:e4:
87:f2:d8:92:b2:99:e0:3b:4e:78:cf:e3:d9:ac:49:
fc:a9:89:ee:a4:cf:fc:fc:85:7f:c9:62:ec:78:03:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:19:41:4F:C9:A8:09:E1:9F:94:1F:65:4D:1D:20:D5:3D:BF:D7:92
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pxlBT8moCeGflB9lTR0g1T2_15I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:6e:85:a2:32:20:15:25:14:24:72:73:fe:c3:2a:52:c6:aa:
07:0a:91:d4:55:78:2e:c8:09:de:c5:d1:62:6f:40:bf:98:46:
18:07:09:a2:73:ed:c3:a3:41:ba:d3:24:18:36:83:13:25:46:
cc:1e:3f:2c:5d:ec:b8:0f:3a:22:46:3d:66:fd:38:d4:09:7c:
43:0d:a1:77:21:24:53:6f:5c:2f:53:f9:fe:cc:14:ee:83:77:
2a:a3:a7:55:e5:18:99:9d:ea:7f:a5:54:c2:e6:8e:1f:27:c0:
5c:2f:ad:2a:e4:23:3d:75:f1:7f:64:71:8c:e2:6f:16:14:0a:
52:82:52:86:bc:8b:87:79:f1:16:6c:d0:d4:cc:fc:9b:ba:89:
ec:43:08:d1:b3:60:78:35:64:0e:07:9d:38:7a:31:71:26:02:
38:0b:51:db:5b:74:67:37:05:83:ba:dd:3f:ab:be:85:1b:83:
a9:1e:b0:a6:1d:d3:72:98:83:6c:27:6a:35:fd:30:60:cf:8a:
df:74:3d:28:5e:54:26:9f:6f:0c:3a:0c:90:9f:11:5d:9b:35:
30:d0:fa:8d:37:e3:d8:2d:da:4a:fc:21:f5:95:fa:fb:56:df:
c8:bf:5e:8f:6e:5c:a2:f2:01:62:01:e9:79:5a:3a:26:a3:db:
38:5d:2f:c8
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZVi12xhiLs5RhKHurPFib0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzA0MjAyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE5NDE0ZmM5YTgwOWUxOWY5NDFmNjU0ZDFkMjBkNTNkYmZkNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugQ6xcVuRccXxj7m83eTkTC5WUsf
elG/YkLsR068b2BH7ticHmZQizZiS5usHkDc2KFI1WpTE5wbvAl89Lwm7uV/TnbL
ajU3mwBtXqwbftrXhn6dbjPMac1fQoga83aR877RCjcXAOh3nHNs9WQF0J9hioci
hyl+NIpf1TLCR6CpLPMC15U4rHFRs0u2HsaesBhwV1jPQsvR01UW9Ah1rjAPP8KL
42CsNfzPtIMFylM3oL0Jty8+T8+EtIcXfvPAGQQfjqcqCrxScGoXpz2uhYAHBQql
k3oKlvlQg0WqbOSH8tiSspngO054z+PZrEn8qYnupM/8/IV/yWLseANDKwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKcZQU/JqAnhn5QfZU0dINU9v9eSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcHhsQlQ4bW9DZUdmbEI5bFRSMGcxVDJfMTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQDBAFY2BYD
BAFY2CwDBAFY2EIDBABY2F0DBAFY2IIDBAFY2IYDBABY2NwDBABY2N8wDQYJKoZI
hvcNAQELBQADggEBACpuhaIyIBUlFCRyc/7DKlLGqgcKkdRVeC7ICd7F0WJvQL+Y
RhgHCaJz7cOjQbrTJBg2gxMlRswePyxd7LgPOiJGPWb9ONQJfEMNoXchJFNvXC9T
+f7MFO6Ddyqjp1XlGJmd6n+lVMLmjh8nwFwvrSrkIz118X9kcYzibxYUClKCUoa8
i4d58RZs0NTM/Ju6iexDCNGzYHg1ZA4HnTh6MXEmAjgLUdtbdGc3BYO63T+rvoUb
g6kesKYd03KYg2wnajX9MGDPit90PSheVCafbww6DJCfEV2bNTDQ+o0349gt2kr8
IfWV+vtW38i/Xo9uXKLyAWIB6XlaOiaj2zhdL8g=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:53:00 2025 by rpki-client