Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/cpnhqfce8KySv3KE-UKHwfwuoms.roa
File: cpnhqfce8KySv3KE-UKHwfwuoms.roa (raw, json)
Hash identifier: 1TXU9QUphIKyACgNXqjT77dj22VuZuKl0E/zgbZQiRg=
Subject key identifier: 72:99:E1:A9:F7:1E:F0:AC:92:BF:72:84:F9:42:87:C1:FC:2E:A2:6B
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0194282819176D3BA3C90EDEE2F722BB3938
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/cpnhqfce8KySv3KE-UKHwfwuoms.roa
Signing time: Thu 02 Jan 2025 17:55:03 +0000
ROA not before: Thu 02 Jan 2025 17:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47453
IP address blocks: 85.118.94.0/24 maxlen: 24
85.118.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:19:17:6d:3b:a3:c9:0e:de:e2:f7:22:bb:39:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7299e1a9f71ef0ac92bf7284f94287c1fc2ea26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:53:78:f4:08:dc:34:f8:66:03:0a:48:58:
07:3c:aa:09:b1:c3:b7:16:c3:72:ea:75:7f:6e:5b:
2b:b3:fc:f2:73:13:36:42:93:d8:81:c3:7a:54:42:
32:bb:f9:d2:b8:34:0c:0e:48:7a:a4:c0:f0:60:b4:
b7:85:e3:be:89:dd:69:2b:87:fc:cd:2c:03:b9:d3:
50:db:97:2f:85:3b:74:56:3e:51:5e:f4:2d:56:0e:
22:ef:ba:86:2b:aa:22:22:40:cf:fe:95:2e:37:da:
5a:08:08:e6:4e:cd:ba:f1:5e:27:e0:8f:72:ba:ff:
5e:c6:63:06:0d:5e:be:ed:de:ab:6b:a9:ab:90:c3:
80:d4:f1:a6:9f:2d:bb:37:8a:1d:85:19:c3:71:5b:
71:7e:d0:cc:2e:53:a8:df:08:ea:e2:ce:7c:b8:97:
5d:86:2d:4f:99:06:5c:69:1e:28:a4:b0:95:1b:1b:
95:ec:9c:32:8c:f3:00:02:62:a1:f1:a0:18:e2:8e:
ee:13:28:9b:ef:e7:c3:39:9e:7d:2f:36:d1:95:6f:
9a:37:eb:2c:74:e2:27:fc:28:29:a7:1b:08:83:df:
d4:ba:73:b3:d7:33:75:60:9e:b0:34:99:35:85:e5:
9a:70:c8:48:cc:2c:5e:b6:e2:4a:14:d2:0b:4f:90:
e1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:99:E1:A9:F7:1E:F0:AC:92:BF:72:84:F9:42:87:C1:FC:2E:A2:6B
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/cpnhqfce8KySv3KE-UKHwfwuoms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.94.0/23
Signature Algorithm: sha256WithRSAEncryption
22:76:f0:21:ae:8a:f4:88:63:94:91:82:b9:b5:1a:bd:6f:80:
38:4e:48:ac:2b:cb:3a:d9:bc:4b:d2:ac:e8:c2:44:b6:5c:fc:
c2:53:83:db:f8:bf:2b:0c:5e:38:93:4c:8e:42:bd:bb:e3:6f:
fb:88:f9:c3:d0:a8:5f:56:7d:c5:2a:69:62:f6:6c:af:90:a4:
fb:54:47:32:24:4f:9d:1d:44:7f:0c:fd:3a:eb:a6:1f:77:a1:
3b:26:2f:a7:ff:e5:02:1c:ba:b5:6b:53:1b:25:6a:fe:4d:14:
ca:44:0f:16:bf:0f:62:64:02:32:48:b2:d4:1a:ab:33:a9:db:
6b:9c:79:3c:e1:d2:20:a9:97:2a:b0:34:59:40:a5:0a:3e:64:
52:7e:78:0a:2e:28:00:b4:a8:17:31:07:9c:94:5a:e7:ba:6b:
4b:e0:6f:bf:14:32:ed:04:93:1b:75:14:35:78:8e:b0:b1:82:
64:ab:b0:9e:b5:94:a7:08:70:d4:3d:79:d9:c2:75:3a:39:f8:
55:c1:57:12:3f:10:ad:95:3b:c3:a2:54:c3:42:29:ae:e2:a6:
cf:7c:b3:b1:d8:3f:98:76:7f:df:d2:fe:56:89:34:ee:ed:09:
06:66:74:60:7a:7b:33:bd:b2:a0:e9:6e:65:41:6f:89:52:4d:
97:7b:35:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKBkXbTujyQ7e4vciuzk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk5ZTFhOWY3MWVmMGFjOTJiZjcyODRmOTQyODdjMWZjMmVhMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0BTePQI3DT4ZgMKSFgHPKoJscO3
FsNy6nV/blsrs/zycxM2QpPYgcN6VEIyu/nSuDQMDkh6pMDwYLS3heO+id1pK4f8
zSwDudNQ25cvhTt0Vj5RXvQtVg4i77qGK6oiIkDP/pUuN9paCAjmTs268V4n4I9y
uv9exmMGDV6+7d6ra6mrkMOA1PGmny27N4odhRnDcVtxftDMLlOo3wjq4s58uJdd
hi1PmQZcaR4opLCVGxuV7JwyjPMAAmKh8aAY4o7uEyib7+fDOZ59LzbRlW+aN+ss
dOIn/CgppxsIg9/UunOz1zN1YJ6wNJk1heWacMhIzCxetuJKFNILT5Dh1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKZ4an3HvCskr9yhPlCh8H8LqJrMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvY3BuaHFmY2U4S3lTdjNLRS1VS0h3Znd1b21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXZeMA0G
CSqGSIb3DQEBCwUAA4IBAQAidvAhror0iGOUkYK5tRq9b4A4TkisK8s62bxL0qzo
wkS2XPzCU4Pb+L8rDF44k0yOQr2742/7iPnD0KhfVn3FKmli9myvkKT7VEcyJE+d
HUR/DP0666Yfd6E7Ji+n/+UCHLq1a1MbJWr+TRTKRA8Wvw9iZAIySLLUGqszqdtr
nHk84dIgqZcqsDRZQKUKPmRSfngKLigAtKgXMQeclFrnumtL4G+/FDLtBJMbdRQ1
eI6wsYJkq7CetZSnCHDUPXnZwnU6OfhVwVcSPxCtlTvDolTDQimu4qbPfLOx2D+Y
dn/f0v5WiTTu7QkGZnRgenszvbKg6W5lQW+JUk2XezXv
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:16 2025 by rpki-client