Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wVMQw0To5NG_txWZa3KffOTM2OY.roa
File: wVMQw0To5NG_txWZa3KffOTM2OY.roa (raw, json)
Hash identifier: VzEzqePwfLYugCgAmITcbdebRG0kkJlhO7EdgLZevzs=
Subject key identifier: C1:53:10:C3:44:E8:E4:D1:BF:B7:15:99:6B:72:9F:7C:E4:CC:D8:E6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019562D76E1C342619953E23C59455034461
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wVMQw0To5NG_txWZa3KffOTM2OY.roa
Signing time: Tue 04 Mar 2025 20:27:20 +0000
ROA not before: Tue 04 Mar 2025 20:27:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.32.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.128.0/22 maxlen: 32
84.32.220.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.68.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:d7:6e:1c:34:26:19:95:3e:23:c5:94:55:03:44:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 20:27:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c15310c344e8e4d1bfb715996b729f7ce4ccd8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b0:07:9b:22:e6:fe:7d:3f:5a:72:ec:a4:d6:
5a:d7:00:8b:f9:f0:e4:ee:79:05:5e:6c:f8:92:2f:
5c:fa:e6:04:f5:96:46:fa:cf:15:0f:a1:6a:a7:0f:
63:19:ce:46:58:e6:21:9d:da:82:a0:ed:91:f2:11:
ce:82:e5:6f:61:da:e9:0b:1d:fa:f9:5e:e1:b6:50:
b3:c0:f6:10:a2:9c:b2:31:3b:95:f3:6f:47:8f:03:
a1:f9:eb:9b:28:db:5b:22:8e:ae:f1:8d:61:02:0c:
6b:d0:cc:d1:45:c9:87:df:e9:12:d9:69:e3:87:31:
bb:60:13:b9:cf:41:c5:6b:71:f7:79:12:fa:46:4d:
4a:ca:80:a7:af:41:de:be:bd:b4:7d:1e:7b:8f:4d:
4b:93:8c:16:14:ef:fb:5a:7f:47:40:5d:d6:d9:f4:
45:a2:6a:25:b5:9f:80:4c:0b:2c:46:08:72:28:8b:
bd:1b:86:72:09:60:78:95:3a:d2:46:8e:1d:f5:59:
ca:65:45:8b:57:2e:07:68:d3:40:0c:f8:6a:db:e2:
96:0f:44:58:81:c1:14:de:17:c8:d6:07:5e:dc:03:
36:98:7d:53:ae:60:20:40:2e:dc:6d:d4:53:4d:db:
3e:b6:86:ba:62:19:b9:6c:e0:9d:d4:14:8a:0b:ff:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:53:10:C3:44:E8:E4:D1:BF:B7:15:99:6B:72:9F:7C:E4:CC:D8:E6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wVMQw0To5NG_txWZa3KffOTM2OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.34.0/24
84.32.70.0/23
84.32.128.0/22
84.32.220.0/24
88.216.39.0/24
88.216.68.0/24
88.216.198.0/24
88.216.210.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:38:aa:90:3b:13:12:38:0f:d1:c5:05:5a:d0:e2:ec:91:26:
c7:e1:97:e7:f4:20:e3:1e:ac:23:9f:21:7f:b5:df:64:f7:4d:
ca:df:24:99:6f:85:d4:42:f6:4e:87:d7:6c:2c:18:e7:f2:89:
28:5b:8b:9e:0b:6d:5b:71:99:73:91:94:67:72:6a:df:18:13:
40:6c:66:1e:8d:90:7e:28:33:e1:42:1c:c1:38:02:3b:b4:54:
3f:a7:16:c2:9f:8a:65:62:82:ea:80:20:44:e4:f3:1f:d2:4b:
df:3b:2c:c1:6b:65:81:af:6c:a9:ec:7a:42:c5:1b:e1:8e:48:
a8:a7:5e:2b:37:92:9c:5e:3c:dc:fa:2c:4e:8a:89:57:6f:ba:
4e:a9:5f:66:96:7f:2d:91:5d:66:9a:a3:99:ca:6c:44:03:84:
3f:4e:0c:00:46:73:d0:14:ea:31:e6:af:7f:31:bb:43:f3:2c:
70:b8:aa:9c:d3:9e:31:c4:ad:ef:9d:9d:18:bf:04:bb:6d:1a:
29:7e:3a:9e:fd:3e:ac:ff:c3:98:69:e8:2b:8d:47:87:b1:0a:
a5:e6:c5:2b:f9:a0:d8:c8:d2:e7:a9:52:45:77:f2:6a:e5:33:
75:63:33:b4:a2:16:aa:f9:01:9c:01:e9:4f:06:31:2c:31:d2:
00:5c:80:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZVi124cNCYZlT4jxZRVA0RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzA0MjAyNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTUzMTBjMzQ0ZThlNGQxYmZiNzE1OTk2YjcyOWY3Y2U0Y2NkOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLAHmyLm/n0/WnLspNZa1wCL+fDk
7nkFXmz4ki9c+uYE9ZZG+s8VD6Fqpw9jGc5GWOYhndqCoO2R8hHOguVvYdrpCx36
+V7htlCzwPYQopyyMTuV829HjwOh+eubKNtbIo6u8Y1hAgxr0MzRRcmH3+kS2Wnj
hzG7YBO5z0HFa3H3eRL6Rk1KyoCnr0Hevr20fR57j01Lk4wWFO/7Wn9HQF3W2fRF
omoltZ+ATAssRghyKIu9G4ZyCWB4lTrSRo4d9VnKZUWLVy4HaNNADPhq2+KWD0RY
gcEU3hfI1gde3AM2mH1TrmAgQC7cbdRTTds+toa6Yhm5bOCd1BSKC/9LJQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMFTEMNE6OTRv7cVmWtyn3zkzNjmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd1ZNUXcwVG81TkdfdHhXWmEzS2ZmT1RNMk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVCAgAwQA
VCAiAwQBVCBGAwQCVCCAAwQAVCDcAwQAWNgnAwQAWNhEAwQAWNjGAwQAWNjSAwQA
WNjeMA0GCSqGSIb3DQEBCwUAA4IBAQB/OKqQOxMSOA/RxQVa0OLskSbH4Zfn9CDj
HqwjnyF/td9k903K3ySZb4XUQvZOh9dsLBjn8okoW4ueC21bcZlzkZRncmrfGBNA
bGYejZB+KDPhQhzBOAI7tFQ/pxbCn4plYoLqgCBE5PMf0kvfOyzBa2WBr2yp7HpC
xRvhjkiop14rN5KcXjzc+ixOiolXb7pOqV9mln8tkV1mmqOZymxEA4Q/TgwARnPQ
FOox5q9/MbtD8yxwuKqc054xxK3vnZ0YvwS7bRopfjqe/T6s/8OYaegrjUeHsQql
5sUr+aDYyNLnqVJFd/Jq5TN1YzO0ohaq+QGcAelPBjEsMdIAXICr
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:22 2025 by rpki-client