Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wPN27alfDPO3wCffcvZYPGr9P98.roa
File: wPN27alfDPO3wCffcvZYPGr9P98.roa (raw, json)
Hash identifier: qlCAXTHvj3KvmoZcz/nR2cCYYnQbc8U/HUoZxdsPjYo=
Subject key identifier: C0:F3:76:ED:A9:5F:0C:F3:B7:C0:27:DF:72:F6:58:3C:6A:FD:3F:DF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826BACD47C691B446BE11BE3F134C05
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wPN27alfDPO3wCffcvZYPGr9P98.roa
Signing time: Thu 02 Jan 2025 17:53:34 +0000
ROA not before: Thu 02 Jan 2025 17:53:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136744
IP address blocks: 84.32.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ba:cd:47:c6:91:b4:46:be:11:be:3f:13:4c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0f376eda95f0cf3b7c027df72f6583c6afd3fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:26:a7:a5:0d:99:a6:95:75:34:1a:04:9b:64:
36:96:f9:8a:9b:92:a2:95:8c:37:fc:69:54:5d:81:
89:a5:98:04:74:29:6b:71:cf:6e:80:c8:f5:d7:9b:
9f:b0:a5:a7:ca:05:ea:19:a4:78:d3:83:fc:26:78:
ab:b3:29:ab:74:45:69:1f:87:4d:f0:a9:e2:7c:85:
e9:eb:2c:9a:6a:2e:ff:18:71:2d:47:1b:a9:87:e2:
9a:b0:a4:4e:bd:7e:31:a5:22:7b:f6:8a:c6:e9:ce:
d6:c3:b9:b8:fd:1b:97:d5:b5:84:dc:74:04:ad:ff:
24:3f:fb:89:21:24:89:fc:f0:2d:b5:77:d1:6c:ad:
9d:c1:8b:ca:b8:66:78:69:c9:9e:2d:9e:76:d6:8e:
b4:cd:8d:a4:d0:d1:8f:c6:f4:d5:8b:11:0f:23:4e:
87:77:74:6c:ce:36:26:f3:7a:42:e4:55:cf:b4:4e:
b0:a3:a4:f9:f2:f7:e4:44:17:ea:0f:9e:72:17:5b:
3e:f4:75:d3:f0:03:8f:04:df:a3:ff:37:cb:82:51:
f6:5f:83:16:e4:d7:fa:b7:b7:b5:02:7b:ee:5e:2e:
9c:0f:cb:09:bd:14:57:c9:60:18:5b:d5:0d:72:ca:
c7:66:78:c1:45:64:cc:cc:11:3e:1a:a6:2a:c5:6f:
c6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F3:76:ED:A9:5F:0C:F3:B7:C0:27:DF:72:F6:58:3C:6A:FD:3F:DF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wPN27alfDPO3wCffcvZYPGr9P98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.66.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b4:9e:4c:22:3b:af:92:c4:d5:7d:06:e2:29:31:2e:e2:32:
d9:bb:7e:50:6b:24:ec:43:66:c8:37:12:13:88:b0:bb:8e:4c:
29:2a:7a:19:5d:6b:5b:c7:64:61:63:18:d8:07:fa:44:88:2b:
cb:81:f5:17:43:a8:c4:73:89:30:6a:14:56:1c:6c:f5:bf:22:
b4:a3:c0:d7:71:ff:e4:f8:a4:5a:47:40:75:58:e4:c4:d1:06:
8a:e7:f2:9a:97:0b:c6:0c:60:2b:0e:2a:75:c9:ce:89:56:e7:
9a:03:02:92:3d:b0:2c:f1:07:22:a7:6e:64:c6:17:77:5d:f4:
31:98:77:57:f9:62:4e:d6:3c:77:5e:11:ee:9e:ad:19:ea:0c:
41:5f:7e:c2:84:b4:24:01:67:7d:cd:b5:5d:98:9a:9d:57:58:
91:32:b2:99:af:78:64:30:6b:cd:b9:d7:6d:82:84:45:a3:0d:
66:ec:db:ff:82:68:e2:5f:63:09:cc:fb:5d:c0:6e:f0:76:5e:
c2:73:54:77:3d:3f:3a:0e:c5:bc:43:18:be:4b:46:e6:19:db:
83:ad:04:12:3f:b9:b3:a7:bd:ad:61:ad:4a:be:a3:54:25:39:
eb:fa:a0:88:6d:f2:ea:8b:f5:d9:89:53:7d:8f:30:08:cd:d5:
d3:d4:4e:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJrrNR8aRtEa+Eb4/E0wFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYzNzZlZGE5NWYwY2YzYjdjMDI3ZGY3MmY2NTgzYzZhZmQzZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCanpQ2ZppV1NBoEm2Q2lvmKm5Ki
lYw3/GlUXYGJpZgEdClrcc9ugMj115ufsKWnygXqGaR404P8JnirsymrdEVpH4dN
8KnifIXp6yyaai7/GHEtRxuph+KasKROvX4xpSJ79orG6c7Ww7m4/RuX1bWE3HQE
rf8kP/uJISSJ/PAttXfRbK2dwYvKuGZ4acmeLZ521o60zY2k0NGPxvTVixEPI06H
d3RszjYm83pC5FXPtE6wo6T58vfkRBfqD55yF1s+9HXT8AOPBN+j/zfLglH2X4MW
5Nf6t7e1AnvuXi6cD8sJvRRXyWAYW9UNcsrHZnjBRWTMzBE+GqYqxW/GuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDzdu2pXwzzt8An33L2WDxq/T/fMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd1BOMjdhbGZEUE8zd0NmZmN2WllQR3I5UDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBCMA0G
CSqGSIb3DQEBCwUAA4IBAQBJtJ5MIjuvksTVfQbiKTEu4jLZu35QayTsQ2bINxIT
iLC7jkwpKnoZXWtbx2RhYxjYB/pEiCvLgfUXQ6jEc4kwahRWHGz1vyK0o8DXcf/k
+KRaR0B1WOTE0QaK5/KalwvGDGArDip1yc6JVueaAwKSPbAs8Qcip25kxhd3XfQx
mHdX+WJO1jx3XhHunq0Z6gxBX37ChLQkAWd9zbVdmJqdV1iRMrKZr3hkMGvNuddt
goRFow1m7Nv/gmjiX2MJzPtdwG7wdl7Cc1R3PT86DsW8Qxi+S0bmGduDrQQSP7mz
p72tYa1KvqNUJTnr+qCIbfLqi/XZiVN9jzAIzdXT1E4P
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:48:56 2025 by rpki-client