Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rJ2M9wTpJVuRuBwkKTU-yxxFIvc.roa
File: rJ2M9wTpJVuRuBwkKTU-yxxFIvc.roa (raw, json)
Hash identifier: l8Ra9+PlTPBPe7PaLiu4TR4J+aNbzJXYXf8WZLJMcio=
Subject key identifier: AC:9D:8C:F7:04:E9:25:5B:91:B8:1C:24:29:35:3E:CB:1C:45:22:F7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826A84D136010FFA690E46A3BBFA1F1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rJ2M9wTpJVuRuBwkKTU-yxxFIvc.roa
Signing time: Thu 02 Jan 2025 17:53:29 +0000
ROA not before: Thu 02 Jan 2025 17:53:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 84.32.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:a8:4d:13:60:10:ff:a6:90:e4:6a:3b:bf:a1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac9d8cf704e9255b91b81c2429353ecb1c4522f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:59:92:76:11:79:33:8b:41:de:ec:46:6a:c7:
7c:8f:9b:db:60:c7:49:d8:1b:ce:64:00:f1:d4:57:
cf:1e:df:cd:16:ed:c0:1d:14:9d:3d:63:c9:3b:cf:
63:e0:6f:b4:7d:0c:56:ab:3a:ac:66:5d:48:68:2f:
79:d5:eb:d4:83:f3:4b:c5:34:67:eb:0e:b9:c9:c6:
e7:31:39:9d:be:bc:b7:e5:35:69:a4:e5:36:19:92:
31:a6:7a:40:17:8a:a7:64:6c:1f:9e:fd:14:90:64:
90:8f:0f:62:9e:d8:96:6a:d5:fb:c4:fe:ed:e8:6c:
ed:ac:61:37:e8:fa:57:a6:35:8a:46:ca:87:1b:7f:
03:93:3c:26:b4:73:ea:43:52:b5:48:18:6e:70:b6:
a9:1c:dd:d5:f1:ef:1b:cc:84:9e:13:1a:6c:2b:2e:
b2:49:ec:f3:5e:0e:9d:07:9e:c5:24:40:7c:73:ce:
80:a3:bf:ab:15:5d:8d:e2:7f:e7:46:89:a2:6c:90:
8e:7e:e7:0e:a4:a2:61:2d:7f:6a:7e:c5:c9:f0:90:
fe:d6:9b:49:68:b6:eb:e7:f7:ff:65:3d:1f:9b:d4:
d1:40:3d:57:92:42:d8:79:5c:ae:fc:ce:c2:c8:1a:
33:9d:b6:71:a7:40:55:ac:21:4f:a6:af:50:44:b4:
85:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9D:8C:F7:04:E9:25:5B:91:B8:1C:24:29:35:3E:CB:1C:45:22:F7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rJ2M9wTpJVuRuBwkKTU-yxxFIvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.216.0/24
Signature Algorithm: sha256WithRSAEncryption
81:03:b2:e9:80:21:77:7c:8c:6f:ba:0d:c0:c1:c7:c0:97:3f:
b2:52:91:b5:23:8d:c5:4a:46:0a:d6:ed:5e:7d:50:ea:64:07:
f8:49:41:1c:ac:f2:79:d2:02:ad:5b:bc:86:1e:82:a9:ff:16:
ff:37:62:7e:ad:a4:18:55:22:87:30:08:64:8f:ee:69:a5:fe:
9c:46:38:a1:70:f6:f2:74:b6:db:20:63:80:f1:27:ce:33:4a:
42:49:fb:66:2b:c0:94:90:ad:c3:86:3b:00:c9:81:55:4c:42:
69:d8:94:c6:df:2c:4a:e2:3e:85:e8:60:cb:75:15:02:b1:b1:
90:ae:ca:8b:c2:fa:da:2f:af:b2:29:e9:aa:14:7a:49:b7:56:
9c:2a:df:e1:4d:e3:a4:50:e3:4b:b3:80:3b:12:cd:fc:72:20:
3d:9e:38:a7:63:dd:80:c4:ef:77:7c:fb:77:0f:41:fb:69:f4:
60:bf:99:ca:93:c8:df:62:a4:e8:0c:dd:1d:66:7c:e3:d3:b5:
e0:b7:f3:ca:da:bf:eb:1b:c4:12:e8:47:14:f2:22:93:7b:27:
57:78:8e:4b:13:40:3a:e4:f6:91:b8:b5:6d:0d:7b:0b:d1:c4:
b9:07:1b:9c:77:f8:89:4c:18:a7:8c:ad:8a:71:f3:b1:e9:3f:
a0:09:19:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJqhNE2AQ/6aQ5Go7v6HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlkOGNmNzA0ZTkyNTViOTFiODFjMjQyOTM1M2VjYjFjNDUyMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlmSdhF5M4tB3uxGasd8j5vbYMdJ
2BvOZADx1FfPHt/NFu3AHRSdPWPJO89j4G+0fQxWqzqsZl1IaC951evUg/NLxTRn
6w65ycbnMTmdvry35TVppOU2GZIxpnpAF4qnZGwfnv0UkGSQjw9intiWatX7xP7t
6GztrGE36PpXpjWKRsqHG38DkzwmtHPqQ1K1SBhucLapHN3V8e8bzISeExpsKy6y
SezzXg6dB57FJEB8c86Ao7+rFV2N4n/nRomibJCOfucOpKJhLX9qfsXJ8JD+1ptJ
aLbr5/f/ZT0fm9TRQD1XkkLYeVyu/M7CyBoznbZxp0BVrCFPpq9QRLSFawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKydjPcE6SVbkbgcJCk1PsscRSL3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvckoyTTl3VHBKVnVSdUJ3a0tUVS15eHhGSXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCDYMA0G
CSqGSIb3DQEBCwUAA4IBAQCBA7LpgCF3fIxvug3AwcfAlz+yUpG1I43FSkYK1u1e
fVDqZAf4SUEcrPJ50gKtW7yGHoKp/xb/N2J+raQYVSKHMAhkj+5ppf6cRjihcPby
dLbbIGOA8SfOM0pCSftmK8CUkK3DhjsAyYFVTEJp2JTG3yxK4j6F6GDLdRUCsbGQ
rsqLwvraL6+yKemqFHpJt1acKt/hTeOkUONLs4A7Es38ciA9njinY92AxO93fPt3
D0H7afRgv5nKk8jfYqToDN0dZnzj07Xgt/PK2r/rG8QS6EcU8iKTeydXeI5LE0A6
5PaRuLVtDXsL0cS5Bxucd/iJTBinjK2KcfOx6T+gCRkk
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:36:16 2025 by rpki-client