Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/4GiQsXjFSCHqA4X5TacLznN2LYU.roa
File: 4GiQsXjFSCHqA4X5TacLznN2LYU.roa (raw, json)
Hash identifier: YzSIypN4hsUiBwlIl/PpxQjahVjVZxtMtAuemoSJmDo=
Subject key identifier: E0:68:90:B1:78:C5:48:21:EA:03:85:F9:4D:A7:0B:CE:73:76:2D:85
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018600650F4DE36B912BD61FF895156C8AC0
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/4GiQsXjFSCHqA4X5TacLznN2LYU.roa
Signing time: Mon 30 Jan 2023 01:57:48 +0000
ROA not before: Mon 30 Jan 2023 01:57:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.247.4.0/22 maxlen: 24
84.247.40.0/22 maxlen: 24
86.104.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:00:65:0f:4d:e3:6b:91:2b:d6:1f:f8:95:15:6c:8a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 30 01:57:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e06890b178c54821ea0385f94da70bce73762d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:53:9d:80:91:34:3c:d0:01:3c:11:c7:a7:52:
e3:21:6e:3e:b3:5d:c7:88:97:1c:0b:4b:99:3a:96:
27:ed:ef:63:36:89:ac:2b:fd:93:30:72:8c:24:4d:
e9:8c:a8:29:d0:93:3c:86:db:4d:41:07:5f:d4:fd:
c3:4d:af:58:ad:ff:a1:c9:d6:f1:43:3a:ab:43:a9:
7f:11:22:80:01:62:b3:55:3f:4a:de:25:0a:5b:65:
2a:63:01:c0:fc:41:3b:7e:7e:e2:30:ef:ec:0f:e0:
88:a0:8a:fb:68:a7:9b:70:f2:b4:1e:a1:55:9b:36:
e9:ef:e7:0e:f2:17:6f:67:96:f0:7f:4a:30:d1:ff:
e0:68:24:35:e6:fc:1f:dc:0d:11:fb:99:ef:9b:17:
1a:06:d0:b1:a5:df:9d:75:3b:04:ce:93:d1:fd:6e:
7c:38:60:b1:fb:6e:82:7f:ac:a7:65:5d:96:2a:75:
33:e6:a4:d1:18:d7:bf:1f:a1:c1:e6:d2:8f:29:ab:
73:44:0a:14:4d:c6:13:eb:1d:18:9c:47:53:e6:02:
ae:bb:a9:cd:af:56:2e:f6:26:9d:67:b1:0f:e3:b6:
86:61:0b:d3:2b:5d:e8:63:81:c8:e5:0f:ab:4e:7e:
23:f2:35:b3:a5:3a:33:ec:d3:42:d4:ca:12:5a:57:
18:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:68:90:B1:78:C5:48:21:EA:03:85:F9:4D:A7:0B:CE:73:76:2D:85
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/4GiQsXjFSCHqA4X5TacLznN2LYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.4.0/22
84.247.40.0/22
86.104.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:c3:d2:f9:ef:8c:03:55:0b:1e:ec:a4:ed:17:ed:a5:1c:c7:
55:af:8e:5b:cc:e7:95:b9:b4:2b:93:a1:1b:31:5c:f4:92:93:
d7:2c:e8:ae:15:1e:7c:c5:e4:06:36:e9:0a:b5:8b:03:b8:a5:
5e:05:8a:88:fb:32:29:5b:f4:3e:87:c2:59:84:dc:57:77:fb:
5f:b8:aa:47:b0:81:35:da:86:2d:25:32:d4:f8:60:23:c8:54:
e6:96:b0:74:df:cb:20:e5:96:be:09:a9:b1:ce:1a:53:0a:d7:
e1:0b:e2:6e:b9:b6:5f:f8:79:29:85:49:8d:45:af:18:df:c5:
87:5b:7a:09:e7:56:db:9a:0a:45:e2:9e:40:16:97:15:f6:4e:
14:91:7c:d0:17:4a:84:a8:50:66:89:a4:94:6f:6e:51:e1:e9:
81:0a:a3:b2:56:2b:4e:de:d6:bb:54:5b:8b:4f:dd:65:bb:18:
aa:c5:c6:ce:9b:69:ed:0d:f2:4c:65:58:b9:48:6a:3c:69:bc:
5c:07:7c:dc:4e:9e:09:4f:c7:1d:cc:24:d5:34:9a:a6:8e:92:
19:1a:7d:ed:79:f2:9d:7b:41:45:3a:9c:4c:e1:ca:7c:0a:6d:
f7:de:72:61:7a:c4:65:a9:6a:0f:56:87:a2:84:9b:2c:1a:55:
3c:ee:1e:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYAZQ9N42uRK9Yf+JUVbIrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwMTMwMDE1NzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY4OTBiMTc4YzU0ODIxZWEwMzg1Zjk0ZGE3MGJjZTczNzYyZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1OdgJE0PNABPBHHp1LjIW4+s13H
iJccC0uZOpYn7e9jNomsK/2TMHKMJE3pjKgp0JM8httNQQdf1P3DTa9Yrf+hydbx
QzqrQ6l/ESKAAWKzVT9K3iUKW2UqYwHA/EE7fn7iMO/sD+CIoIr7aKebcPK0HqFV
mzbp7+cO8hdvZ5bwf0ow0f/gaCQ15vwf3A0R+5nvmxcaBtCxpd+ddTsEzpPR/W58
OGCx+26Cf6ynZV2WKnUz5qTRGNe/H6HB5tKPKatzRAoUTcYT6x0YnEdT5gKuu6nN
r1Yu9iadZ7EP47aGYQvTK13oY4HI5Q+rTn4j8jWzpToz7NNC1MoSWlcYSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOBokLF4xUgh6gOF+U2nC85zdi2FMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvNEdpUXNYakZTQ0hxQTRYNVRhY0x6bk4yTFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVPcEAwQC
VPcoAwQCVmgUMA0GCSqGSIb3DQEBCwUAA4IBAQAKw9L574wDVQse7KTtF+2lHMdV
r45bzOeVubQrk6EbMVz0kpPXLOiuFR58xeQGNukKtYsDuKVeBYqI+zIpW/Q+h8JZ
hNxXd/tfuKpHsIE12oYtJTLU+GAjyFTmlrB038sg5Za+CamxzhpTCtfhC+JuubZf
+HkphUmNRa8Y38WHW3oJ51bbmgpF4p5AFpcV9k4UkXzQF0qEqFBmiaSUb25R4emB
CqOyVitO3ta7VFuLT91luxiqxcbOm2ntDfJMZVi5SGo8abxcB3zcTp4JT8cdzCTV
NJqmjpIZGn3tefKde0FFOpxM4cp8Cm333nJhesRlqWoPVoeihJssGlU87h5g
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:09:29 2025 by rpki-client