Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/CPJvfKG9AEorpsEiz1e05zSo0sY.roa
File: CPJvfKG9AEorpsEiz1e05zSo0sY.roa (raw, json)
Hash identifier: NjB+IttX3MugwGYS/PHLAC82z3nIjH+wrKBqWV/iJTI=
Subject key identifier: 08:F2:6F:7C:A1:BD:00:4A:2B:A6:C1:22:CF:57:B4:E7:34:A8:D2:C6
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 01941F8C820771368834295878432AB9DA81
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/CPJvfKG9AEorpsEiz1e05zSo0sY.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 45.128.172.0/24 maxlen: 24
45.128.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:82:07:71:36:88:34:29:58:78:43:2a:b9:da:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08f26f7ca1bd004a2ba6c122cf57b4e734a8d2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5b:36:bf:5a:3e:07:38:d3:79:7a:b9:94:23:
78:dc:2a:0d:41:d9:bb:73:41:6d:b8:9d:70:fa:46:
f3:83:20:01:3e:89:74:e7:8d:f6:e9:a6:54:33:d3:
d0:30:52:98:fb:35:dd:7f:73:15:20:b3:bd:99:2d:
0d:62:64:cb:57:ee:13:26:61:06:3e:37:1b:1b:ae:
25:95:2f:7e:e6:39:f2:d4:cc:09:1e:6f:ea:4d:05:
5b:63:14:aa:6e:cf:e8:8d:31:1a:6e:70:c4:89:c3:
0c:3a:8e:84:50:44:95:fb:fd:d7:01:6c:0c:e6:12:
46:ac:f1:e8:ea:95:d0:6a:2e:6f:6b:7b:e3:70:d2:
d2:ff:cf:01:ee:dc:fd:14:ce:a4:2f:a1:01:8a:5a:
75:f3:81:f0:2e:76:6c:e4:ce:fa:14:6e:da:17:bd:
e4:8c:47:2a:23:1a:12:50:78:57:cb:57:fd:bc:75:
c6:38:c3:b5:0a:12:99:29:36:bd:c4:87:2e:10:1b:
d7:7c:66:59:e3:c9:de:7b:87:47:07:b0:86:a4:24:
9e:cb:0b:27:fb:13:37:c4:64:0a:3d:5f:f1:9e:fc:
ea:11:61:b1:1f:46:02:0a:0f:b7:16:6c:fe:78:80:
91:b9:f6:c3:14:a7:0d:2b:7f:b0:a4:ee:7e:55:02:
f9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F2:6F:7C:A1:BD:00:4A:2B:A6:C1:22:CF:57:B4:E7:34:A8:D2:C6
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/CPJvfKG9AEorpsEiz1e05zSo0sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.172.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ca:8e:6c:70:9e:82:db:f7:6c:ec:6f:aa:b2:9b:1a:23:9a:
a3:16:46:ad:1b:ef:d6:c8:ca:ed:ad:68:c3:b0:1c:56:bf:ae:
80:c6:56:ac:78:0b:a3:16:d6:4f:91:3f:0b:e2:9c:fa:60:76:
7d:c0:de:20:99:77:4e:f3:d2:21:27:78:85:a5:a3:6f:f7:93:
e8:bb:42:80:60:cf:d5:31:5d:d3:98:00:4f:4c:ba:17:18:3a:
ed:b4:2b:79:26:78:95:ff:ff:da:c8:95:e9:e4:2b:2d:ef:fd:
ee:ba:82:db:be:fb:6e:c3:70:1f:51:18:01:4b:e1:8b:aa:99:
ac:4e:25:cd:db:e3:09:4d:d4:78:e4:8c:fc:3d:c9:c3:66:36:
ba:e2:74:e8:af:35:57:b2:c3:66:64:d1:b5:3b:01:eb:4d:0c:
a1:60:ff:16:34:89:4e:61:5e:4c:ef:ab:bd:52:74:e7:d3:7c:
d3:1b:56:ee:9b:1f:ef:16:b1:e9:71:71:8b:76:75:7c:4c:8c:
d1:c9:57:68:7d:ca:e8:bc:d7:93:92:01:62:88:2a:84:4b:a2:
45:0f:6b:32:4d:fa:e8:b5:f9:e8:3e:5a:90:c0:4a:5a:39:95:
e5:49:74:8b:b2:12:62:46:aa:46:bc:87:07:f7:c0:0b:88:cb:
88:11:6b:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIIHcTaINClYeEMqudqBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYyNmY3Y2ExYmQwMDRhMmJhNmMxMjJjZjU3YjRlNzM0YThkMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Fs2v1o+BzjTeXq5lCN43CoNQdm7
c0FtuJ1w+kbzgyABPol054326aZUM9PQMFKY+zXdf3MVILO9mS0NYmTLV+4TJmEG
PjcbG64llS9+5jny1MwJHm/qTQVbYxSqbs/ojTEabnDEicMMOo6EUESV+/3XAWwM
5hJGrPHo6pXQai5va3vjcNLS/88B7tz9FM6kL6EBilp184HwLnZs5M76FG7aF73k
jEcqIxoSUHhXy1f9vHXGOMO1ChKZKTa9xIcuEBvXfGZZ48nee4dHB7CGpCSeywsn
+xM3xGQKPV/xnvzqEWGxH0YCCg+3Fmz+eICRufbDFKcNK3+wpO5+VQL5qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjyb3yhvQBKK6bBIs9XtOc0qNLGMB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvQ1BKdmZLRzlBRW9ycHNFaXoxZTA1elNvMHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYCsMA0G
CSqGSIb3DQEBCwUAA4IBAQCdyo5scJ6C2/ds7G+qspsaI5qjFkatG+/WyMrtrWjD
sBxWv66AxlaseAujFtZPkT8L4pz6YHZ9wN4gmXdO89IhJ3iFpaNv95Pou0KAYM/V
MV3TmABPTLoXGDrttCt5JniV///ayJXp5Cst7/3uuoLbvvtuw3AfURgBS+GLqpms
TiXN2+MJTdR45Iz8PcnDZja64nTorzVXssNmZNG1OwHrTQyhYP8WNIlOYV5M76u9
UnTn03zTG1bumx/vFrHpcXGLdnV8TIzRyVdofcrovNeTkgFiiCqES6JFD2syTfro
tfnoPlqQwEpaOZXlSXSLshJiRqpGvIcH98ALiMuIEWuq
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:55:08 2025 by rpki-client