Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUsrL0m8tR7wSmB7-oG92pSn14c.roa
File: rUsrL0m8tR7wSmB7-oG92pSn14c.roa (raw, json)
Hash identifier: ntu5KM2Ecjn2EZEt5hr2Rvo/FAfsrQuIIoDWqipzeMA=
Subject key identifier: AD:4B:2B:2F:49:BC:B5:1E:F0:4A:60:7B:FA:81:BD:DA:94:A7:D7:87
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019449EAE82E0F4FAD6334BFBE565796A941
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUsrL0m8tR7wSmB7-oG92pSn14c.roa
Signing time: Thu 09 Jan 2025 07:15:18 +0000
ROA not before: Thu 09 Jan 2025 07:15:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33922
IP address blocks: 84.32.0.0/22 maxlen: 22
84.32.2.0/23 maxlen: 23
84.32.3.0/24 maxlen: 24
84.32.36.0/24 maxlen: 24
84.32.37.0/24 maxlen: 24
84.32.38.0/24 maxlen: 24
84.32.80.0/23 maxlen: 23
84.32.114.0/23 maxlen: 24
84.32.116.0/23 maxlen: 24
84.32.120.0/22 maxlen: 22
84.32.124.0/24 maxlen: 24
84.32.125.0/24 maxlen: 24
84.32.132.0/24 maxlen: 24
84.32.134.0/24 maxlen: 24
84.32.140.0/22 maxlen: 22
84.32.140.0/24 maxlen: 24
84.32.142.0/24 maxlen: 24
84.32.165.0/24 maxlen: 24
84.32.166.0/24 maxlen: 24
84.32.167.0/24 maxlen: 24
84.32.171.0/24 maxlen: 24
84.32.180.0/24 maxlen: 24
84.32.181.0/24 maxlen: 24
84.32.182.0/24 maxlen: 24
84.32.183.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
88.216.24.0/23 maxlen: 24
88.216.26.0/23 maxlen: 24
88.216.28.0/22 maxlen: 24
88.216.71.0/24 maxlen: 24
88.216.76.0/22 maxlen: 24
88.216.82.0/23 maxlen: 23
88.216.84.0/24 maxlen: 24
88.216.85.0/24 maxlen: 24
88.216.86.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.112.0/21 maxlen: 21
88.216.112.0/24 maxlen: 24
88.216.113.0/24 maxlen: 24
88.216.114.0/24 maxlen: 24
88.216.115.0/24 maxlen: 24
88.216.116.0/24 maxlen: 24
88.216.117.0/24 maxlen: 24
88.216.118.0/24 maxlen: 24
88.216.119.0/24 maxlen: 24
88.216.120.0/22 maxlen: 22
88.216.120.0/24 maxlen: 24
88.216.121.0/24 maxlen: 24
88.216.122.0/24 maxlen: 24
88.216.123.0/24 maxlen: 24
88.216.124.0/24 maxlen: 24
88.216.125.0/24 maxlen: 24
88.216.126.0/24 maxlen: 24
88.216.136.0/21 maxlen: 21
88.216.136.0/24 maxlen: 24
88.216.137.0/24 maxlen: 24
88.216.147.0/24 maxlen: 24
88.216.148.0/24 maxlen: 24
88.216.150.0/24 maxlen: 24
88.216.153.0/24 maxlen: 24
88.216.154.0/24 maxlen: 24
88.216.155.0/24 maxlen: 24
88.216.156.0/24 maxlen: 24
88.216.157.0/24 maxlen: 24
88.216.158.0/24 maxlen: 24
88.216.159.0/24 maxlen: 24
88.216.160.0/23 maxlen: 23
88.216.162.0/24 maxlen: 24
88.216.164.0/22 maxlen: 22
88.216.164.0/24 maxlen: 24
88.216.165.0/24 maxlen: 24
88.216.166.0/24 maxlen: 24
88.216.167.0/24 maxlen: 24
88.216.168.0/23 maxlen: 23
88.216.170.0/23 maxlen: 23
88.216.170.0/24 maxlen: 24
88.216.171.0/24 maxlen: 24
88.216.173.0/24 maxlen: 24
88.216.174.0/24 maxlen: 24
88.216.175.0/24 maxlen: 24
88.216.176.0/24 maxlen: 24
88.216.177.0/24 maxlen: 24
88.216.178.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:49:ea:e8:2e:0f:4f:ad:63:34:bf:be:56:57:96:a9:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 9 07:15:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad4b2b2f49bcb51ef04a607bfa81bdda94a7d787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d7:e3:cf:22:b7:ef:63:22:4f:1e:a0:45:b3:
70:5e:5a:9a:d8:80:84:97:f0:75:d9:d3:7d:33:ed:
02:c7:d2:3d:f2:e8:c3:df:15:08:3a:1d:d9:1f:af:
6f:c3:12:db:a8:5e:9f:7f:b3:0d:0c:25:a9:26:76:
86:17:3d:86:86:52:30:bd:ac:26:54:80:a5:e0:e5:
62:7d:ae:d2:c9:33:c7:8c:07:92:7c:7c:d9:7e:54:
3c:61:03:a4:f4:fe:f6:17:05:26:a7:c2:61:01:7b:
89:4f:5f:2a:b0:9f:7d:c8:cd:95:23:0d:8f:d4:95:
7b:6e:99:82:aa:81:04:e3:9f:24:00:82:9e:ac:e7:
ed:8e:7f:a3:52:39:8a:03:ea:ef:78:2b:ed:80:4c:
71:35:f9:a5:90:f6:69:af:02:59:13:70:4e:14:07:
0e:6e:88:47:b1:6b:67:31:de:32:02:ca:96:da:8a:
17:5f:6e:4c:06:57:cb:f2:96:6c:bc:4c:6c:64:2a:
91:ff:4e:d3:61:fb:29:36:33:23:fd:6a:98:e1:ff:
4e:6a:bd:99:0d:eb:b7:d1:0d:72:03:94:72:5d:49:
99:5a:9e:dc:f7:06:b0:2e:3e:14:5d:35:e0:d1:4d:
af:23:c7:58:67:63:74:6c:1b:36:f5:f2:6e:5b:23:
88:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4B:2B:2F:49:BC:B5:1E:F0:4A:60:7B:FA:81:BD:DA:94:A7:D7:87
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUsrL0m8tR7wSmB7-oG92pSn14c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.0.0/22
84.32.36.0-84.32.38.255
84.32.80.0/23
84.32.114.0-84.32.117.255
84.32.120.0-84.32.125.255
84.32.132.0/24
84.32.134.0/24
84.32.140.0/22
84.32.165.0-84.32.167.255
84.32.171.0/24
84.32.180.0/22
84.32.250.0/23
88.216.24.0/21
88.216.71.0/24
88.216.76.0/22
88.216.82.0-88.216.86.255
88.216.104.0/24
88.216.106.0/23
88.216.112.0-88.216.126.255
88.216.136.0/21
88.216.147.0-88.216.148.255
88.216.150.0/24
88.216.153.0-88.216.162.255
88.216.164.0-88.216.171.255
88.216.173.0-88.216.179.255
Signature Algorithm: sha256WithRSAEncryption
7b:ba:65:9c:f8:15:0c:40:2a:da:a5:de:a3:44:ff:fe:0a:10:
8e:2f:97:5d:ae:45:df:5e:ea:b8:2c:6c:66:dd:2b:09:cb:a5:
d0:53:e1:be:fd:28:38:02:a7:68:05:59:8e:aa:71:40:fe:16:
0d:27:db:e8:fc:0c:d8:03:85:09:1e:4b:11:6c:07:6b:9c:77:
f2:1d:b3:43:16:70:b6:fa:8d:64:d1:b4:c6:db:c5:c4:9d:df:
95:28:34:d5:33:d7:91:92:0e:e7:1d:51:93:e7:cb:06:7b:6b:
b5:80:57:37:df:46:05:ba:8b:be:23:c3:df:a8:73:fd:37:3f:
59:0d:cd:8d:86:e2:25:dc:6a:e1:a1:1f:ad:b7:21:a2:67:f3:
af:70:7c:45:f8:c2:08:bf:dc:59:b4:af:52:de:b0:0e:d5:c0:
04:86:ae:fe:b6:f5:c1:47:64:21:14:cd:3c:14:4c:52:c8:df:
21:7e:9b:d3:c7:1d:e0:4b:25:56:08:64:99:42:f3:4d:74:5d:
a9:3d:cf:c2:8a:09:5b:12:74:89:e2:cb:ba:74:08:d1:84:a4:
3e:05:33:53:32:44:fd:30:7b:72:b2:d6:52:b7:93:23:13:db:
06:ea:10:ab:be:40:aa:38:86:a0:d2:da:72:5a:da:58:ac:ee:
c9:a9:8e:85
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZRJ6uguD0+tYzS/vlZXlqlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTA5MDcxNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRiMmIyZjQ5YmNiNTFlZjA0YTYwN2JmYTgxYmRkYTk0YTdkNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39fjzyK372MiTx6gRbNwXlqa2ICE
l/B12dN9M+0Cx9I98ujD3xUIOh3ZH69vwxLbqF6ff7MNDCWpJnaGFz2GhlIwvawm
VICl4OVifa7SyTPHjAeSfHzZflQ8YQOk9P72FwUmp8JhAXuJT18qsJ99yM2VIw2P
1JV7bpmCqoEE458kAIKerOftjn+jUjmKA+rveCvtgExxNfmlkPZprwJZE3BOFAcO
bohHsWtnMd4yAsqW2ooXX25MBlfL8pZsvExsZCqR/07TYfspNjMj/WqY4f9Oar2Z
Deu30Q1yA5RyXUmZWp7c9wawLj4UXTXg0U2vI8dYZ2N0bBs29fJuWyOIOQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFK1LKy9JvLUe8Epge/qBvdqUp9eHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvclVzckwwbTh0Ujd3U21CNy1vRzkycFNuMTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQC
VCAAMAwDBAJUICQDBABUICYDBAFUIFAwDAMEAVQgcgMEAVQgdDAMAwQDVCB4AwQB
VCB8AwQAVCCEAwQAVCCGAwQCVCCMMAwDBABUIKUDBANUIKADBABUIKsDBAJUILQD
BAFUIPoDBANY2BgDBABY2EcDBAJY2EwwDAMEAVjYUgMEAFjYVgMEAFjYaAMEAVjY
ajAMAwQEWNhwAwQAWNh+AwQDWNiIMAwDBABY2JMDBABY2JQDBABY2JYwDAMEAFjY
mQMEAFjYojAMAwQCWNikAwQCWNioMAwDBABY2K0DBAJY2LAwDQYJKoZIhvcNAQEL
BQADggEBAHu6ZZz4FQxAKtql3qNE//4KEI4vl12uRd9e6rgsbGbdKwnLpdBT4b79
KDgCp2gFWY6qcUD+Fg0n2+j8DNgDhQkeSxFsB2ucd/Ids0MWcLb6jWTRtMbbxcSd
35UoNNUz15GSDucdUZPnywZ7a7WAVzffRgW6i74jw9+oc/03P1kNzY2G4iXcauGh
H623IaJn869wfEX4wgi/3Fm0r1LesA7VwASGrv629cFHZCEUzTwUTFLI3yF+m9PH
HeBLJVYIZJlC8010Xak9z8KKCVsSdIniy7p0CNGEpD4FM1MyRP0we3Ky1lK3kyMT
2wbqEKu+QKo4hqDS2nJa2lis7smpjoU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:14:22 2025 by rpki-client