Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/AFXKRWkq4CEJ7e_q_TT8oCKNDgs.roa
File: AFXKRWkq4CEJ7e_q_TT8oCKNDgs.roa (raw, json)
Hash identifier: vvcSpEWzby7j1iGxx2OT88XWdiMYKYH4weh98eM4dfY=
Subject key identifier: 00:55:CA:45:69:2A:E0:21:09:ED:EF:EA:FD:34:FC:A0:22:8D:0E:0B
Certificate issuer: /CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Certificate serial: 0194258F73AC487E1B54D57D2A4510835B27
Authority key identifier: 4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/AFXKRWkq4CEJ7e_q_TT8oCKNDgs.roa
Signing time: Thu 02 Jan 2025 05:49:05 +0000
ROA not before: Thu 02 Jan 2025 05:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200272
IP address blocks: 84.39.196.0/23 maxlen: 23
84.39.198.0/24 maxlen: 24
84.39.199.0/24 maxlen: 24
2a09:ee00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:73:ac:48:7e:1b:54:d5:7d:2a:45:10:83:5b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Validity
Not Before: Jan 2 05:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0055ca45692ae02109edefeafd34fca0228d0e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dd:13:bc:84:f3:4a:2a:df:46:04:a5:68:a8:
77:cd:1d:cf:f9:e6:61:21:48:d4:47:36:9d:cc:be:
9a:91:f6:d1:66:32:5b:3e:4e:9d:eb:b8:74:d7:77:
34:c2:d5:27:d5:c4:7e:1d:2e:7f:86:02:c4:6f:e4:
b1:22:ed:5c:ae:d6:ae:8f:5f:2f:d4:bd:f3:b5:91:
76:a4:1b:73:83:c7:c5:1f:b1:c1:a7:9a:2b:88:76:
81:6d:a0:c2:05:e7:fb:95:f1:fc:0d:d6:9a:ef:29:
7c:ef:87:17:7c:74:13:08:fc:25:10:1b:84:14:80:
28:a4:7a:08:ca:77:00:29:4c:7d:e2:bc:10:4d:b2:
fe:41:14:8f:7b:03:8f:7a:85:5c:2e:44:d0:71:e7:
8b:76:7b:af:a0:8f:cd:f5:d2:24:92:cd:93:19:7a:
34:a1:0b:43:b8:bc:4c:bd:b8:68:51:3d:16:20:11:
de:b9:01:8b:8d:f4:8a:4d:54:03:02:77:26:43:d2:
c1:00:11:25:2b:c6:60:02:8e:69:e3:3c:88:2d:67:
90:9f:cd:7a:eb:90:cd:5e:04:77:e3:38:e6:24:f5:
63:b0:a0:67:aa:06:04:cc:b7:77:c5:8b:66:ae:ae:
30:58:12:50:65:78:69:4e:e0:16:19:3e:df:62:90:
4e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:55:CA:45:69:2A:E0:21:09:ED:EF:EA:FD:34:FC:A0:22:8D:0E:0B
X509v3 Authority Key Identifier:
keyid:4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/AFXKRWkq4CEJ7e_q_TT8oCKNDgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.196.0/22
IPv6:
2a09:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
19:c4:13:08:aa:38:f8:52:58:d4:1e:24:f5:1b:af:5a:56:cd:
d6:6b:3e:14:d1:c2:66:bd:e7:b1:ae:62:7b:1d:7d:67:da:2e:
24:a9:a7:4c:a8:7d:21:4c:15:51:3d:03:60:7c:02:2c:e9:0f:
bb:47:b7:30:d6:62:4d:f2:2b:1c:b4:08:fe:c3:cd:03:8a:cb:
77:e2:74:87:16:bf:8c:63:59:3d:5f:be:c0:40:af:e3:5e:fa:
e7:b7:09:bf:e6:d3:b6:cd:5e:85:a3:89:d1:91:64:a0:ad:8a:
bd:0f:75:0f:37:2f:17:4e:03:a1:46:32:55:4b:26:7b:98:59:
ef:5c:43:e4:99:57:73:d8:91:73:d8:cf:70:aa:7c:b1:7f:d7:
4c:53:36:2c:4b:ac:7c:f7:48:96:43:f5:47:4c:a7:57:d8:53:
a1:0d:91:00:61:28:4e:e0:6b:06:b8:9e:45:d4:27:59:1e:01:
c9:87:2f:80:4a:cf:0f:cb:9b:bd:c2:43:52:91:b1:d4:43:3a:
7c:69:2d:78:ea:03:6a:e2:c4:db:fd:26:78:5e:cf:b3:db:f0:
9a:b7:78:d2:b0:fb:82:85:79:b1:11:8b:08:8e:00:e8:bf:b3:
e8:4c:78:f3:68:6a:41:a6:54:06:32:ef:cf:17:29:02:26:ca:
5d:e6:ec:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj3OsSH4bVNV9KkUQg1snMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2NjODM3MWVkMjRiYWNmNjdhY2E4YjkwMmNlZTcwNmFm
YzYyNGIwHhcNMjUwMTAyMDU0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU1Y2E0NTY5MmFlMDIxMDllZGVmZWFmZDM0ZmNhMDIyOGQwZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvt0TvITzSirfRgSlaKh3zR3P+eZh
IUjURzadzL6akfbRZjJbPk6d67h013c0wtUn1cR+HS5/hgLEb+SxIu1crtauj18v
1L3ztZF2pBtzg8fFH7HBp5oriHaBbaDCBef7lfH8Ddaa7yl874cXfHQTCPwlEBuE
FIAopHoIyncAKUx94rwQTbL+QRSPewOPeoVcLkTQceeLdnuvoI/N9dIkks2TGXo0
oQtDuLxMvbhoUT0WIBHeuQGLjfSKTVQDAncmQ9LBABElK8ZgAo5p4zyILWeQn816
65DNXgR34zjmJPVjsKBnqgYEzLd3xYtmrq4wWBJQZXhpTuAWGT7fYpBOpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABVykVpKuAhCe3v6v00/KAijQ4LMB8GA1UdIwQY
MBaAFE58yDce0kus9nrKi5As7nBq/GJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQt
OGVkNWE3OWRlODM1LzEvQUZYS1JXa3E0Q0VKN2VfcV9UVDhvQ0tORGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQtOGVkNWE3OWRlODM1
LzEvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVCfEMA0E
AgACMAcDBQMqCe4AMA0GCSqGSIb3DQEBCwUAA4IBAQAZxBMIqjj4UljUHiT1G69a
Vs3Waz4U0cJmveexrmJ7HX1n2i4kqadMqH0hTBVRPQNgfAIs6Q+7R7cw1mJN8isc
tAj+w80Dist34nSHFr+MY1k9X77AQK/jXvrntwm/5tO2zV6Fo4nRkWSgrYq9D3UP
Ny8XTgOhRjJVSyZ7mFnvXEPkmVdz2JFz2M9wqnyxf9dMUzYsS6x890iWQ/VHTKdX
2FOhDZEAYShO4GsGuJ5F1CdZHgHJhy+ASs8Py5u9wkNSkbHUQzp8aS146gNq4sTb
/SZ4Xs+z2/Cat3jSsPuChXmxEYsIjgDov7PoTHjzaGpBplQGMu/PFykCJspd5uwh
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:51:33 2025 by rpki-client