Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/v0k4i0yYiRrMpNl3FAFokbEEV9Y.roa
File: v0k4i0yYiRrMpNl3FAFokbEEV9Y.roa (raw, json)
Hash identifier: lnn+u4uGidwpual9K7CTbQWO7FV9tijoeEgSnabOwWY=
Subject key identifier: BF:49:38:8B:4C:98:89:1A:CC:A4:D9:77:14:01:68:91:B1:04:57:D6
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019421B1E0766D376A72C6FC4DEB661371DD
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/v0k4i0yYiRrMpNl3FAFokbEEV9Y.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21294
IP address blocks: 84.239.19.0/24 maxlen: 24
84.239.20.0/24 maxlen: 24
84.239.22.0/24 maxlen: 24
84.239.23.0/24 maxlen: 24
84.239.24.0/24 maxlen: 24
84.239.26.0/24 maxlen: 24
84.239.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:76:6d:37:6a:72:c6:fc:4d:eb:66:13:71:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf49388b4c98891acca4d97714016891b10457d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d3:68:f4:fd:eb:9e:17:f2:20:bb:f2:48:43:
a7:fa:ac:2f:50:c7:75:f8:1b:5f:44:42:03:45:ed:
e9:db:06:0b:04:6a:ac:2d:62:4b:e7:bd:cd:df:4d:
51:51:f9:2c:9f:ab:28:ad:a7:14:b4:8b:cf:40:bc:
ed:13:0c:84:fa:16:80:58:6b:19:80:e8:b0:f3:f4:
0b:22:4e:41:bd:b7:e3:d6:ee:69:f5:3b:0c:0d:4e:
af:61:a2:0a:7c:5a:6c:68:dd:84:ac:91:0c:c8:8f:
62:8f:8d:24:5b:05:6b:84:3e:1f:91:91:97:bd:56:
68:17:04:e5:46:a4:1d:77:e4:f5:0d:86:75:46:b8:
71:79:43:91:3d:00:d4:a0:cb:1b:ef:85:b9:3b:8b:
6b:09:d0:4c:45:ef:98:09:92:65:ff:51:16:5c:da:
d9:0a:ce:6b:08:3e:5a:df:68:6c:5b:26:ce:b3:1f:
61:d1:e6:b8:58:d1:bb:c0:69:18:ed:14:95:80:10:
4d:0d:e9:53:47:db:f4:73:b9:70:f0:fe:11:f7:61:
e1:50:f0:4b:8a:23:4a:48:d1:89:c1:be:51:62:a9:
e5:81:69:4e:f7:9a:d2:27:92:b3:9c:62:6a:59:77:
be:50:e3:63:5f:9c:f6:7c:04:ea:94:19:c0:9c:a1:
4b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:49:38:8B:4C:98:89:1A:CC:A4:D9:77:14:01:68:91:B1:04:57:D6
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/v0k4i0yYiRrMpNl3FAFokbEEV9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.19.0-84.239.20.255
84.239.22.0-84.239.24.255
84.239.26.0/24
84.239.53.0/24
Signature Algorithm: sha256WithRSAEncryption
70:fa:4e:58:f6:9b:ab:f2:82:89:34:8c:78:09:fe:49:96:4e:
81:98:08:bb:34:17:2c:3c:c9:10:ec:f7:fb:78:6e:65:7a:ad:
e1:cf:e9:ac:a4:10:a9:ff:a4:cd:d1:04:7b:c0:a6:07:4c:24:
17:00:51:f5:e5:cc:91:aa:e4:12:4c:a9:52:d6:28:30:0a:a7:
0c:76:1c:d8:ab:93:72:04:da:79:46:4e:92:80:63:24:9e:57:
2e:cc:31:9a:04:80:84:73:5a:24:4a:79:a7:10:e0:be:79:ce:
28:86:c8:50:59:56:05:5e:9b:05:2b:72:eb:df:d3:da:71:6b:
64:fd:b3:e0:35:4a:fb:0e:81:2a:70:64:74:21:2f:c8:7f:c6:
d9:20:9f:dd:54:0e:90:9a:e1:08:8e:aa:ce:d3:c0:8a:35:d5:
35:b4:88:bd:47:2e:2e:6d:16:62:77:81:f1:d9:62:1d:dd:d0:
e7:7c:54:8f:98:0a:f4:18:98:58:65:2d:a2:c2:2b:52:a6:a4:
e7:f2:ab:a0:39:5f:84:1f:76:4c:99:69:f9:50:52:7b:d6:9c:
85:ae:74:72:6d:5c:df:9e:f2:72:ea:74:85:f0:8a:f8:fc:72:
d4:31:59:46:3f:6f:3d:dc:3b:1a:16:b2:63:cf:ce:02:27:b6:
28:61:5e:b3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQhseB2bTdqcsb8TetmE3HdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQ5Mzg4YjRjOTg4OTFhY2NhNGQ5NzcxNDAxNjg5MWIxMDQ1N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NNo9P3rnhfyILvySEOn+qwvUMd1
+BtfREIDRe3p2wYLBGqsLWJL573N301RUfksn6soracUtIvPQLztEwyE+haAWGsZ
gOiw8/QLIk5Bvbfj1u5p9TsMDU6vYaIKfFpsaN2ErJEMyI9ij40kWwVrhD4fkZGX
vVZoFwTlRqQdd+T1DYZ1RrhxeUORPQDUoMsb74W5O4trCdBMRe+YCZJl/1EWXNrZ
Cs5rCD5a32hsWybOsx9h0ea4WNG7wGkY7RSVgBBNDelTR9v0c7lw8P4R92HhUPBL
iiNKSNGJwb5RYqnlgWlO95rSJ5KznGJqWXe+UONjX5z2fATqlBnAnKFLNwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL9JOItMmIkazKTZdxQBaJGxBFfWMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvdjBrNGkweVlpUnJNcE5sM0ZBRm9rYkVFVjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABU7xMD
BABU7xQwDAMEAVTvFgMEAFTvGAMEAFTvGgMEAFTvNTANBgkqhkiG9w0BAQsFAAOC
AQEAcPpOWPabq/KCiTSMeAn+SZZOgZgIuzQXLDzJEOz3+3huZXqt4c/prKQQqf+k
zdEEe8CmB0wkFwBR9eXMkarkEkypUtYoMAqnDHYc2KuTcgTaeUZOkoBjJJ5XLswx
mgSAhHNaJEp5pxDgvnnOKIbIUFlWBV6bBSty69/T2nFrZP2z4DVK+w6BKnBkdCEv
yH/G2SCf3VQOkJrhCI6qztPAijXVNbSIvUcuLm0WYneB8dliHd3Q53xUj5gK9BiY
WGUtosIrUqak5/KroDlfhB92TJlp+VBSe9acha50cm1c357ycup0hfCK+Pxy1DFZ
Rj9vPdw7GhayY8/OAie2KGFesw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:27 2025 by rpki-client