Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CFkBfENPYYuyy-r8Ux9HEy3M4KU.roa
File: CFkBfENPYYuyy-r8Ux9HEy3M4KU.roa (raw, json)
Hash identifier: w70s00Cav9BQZL2JZ9U/4HLu7E1UizHp1yCngAfZg3c=
Subject key identifier: 08:59:01:7C:43:4F:61:8B:B2:CB:EA:FC:53:1F:47:13:2D:CC:E0:A5
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827C3FC273E64A5D5657D336BB6FACB
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CFkBfENPYYuyy-r8Ux9HEy3M4KU.roa
Signing time: Thu 02 Jan 2025 17:54:42 +0000
ROA not before: Thu 02 Jan 2025 17:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150770
IP address blocks: 87.229.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:c3:fc:27:3e:64:a5:d5:65:7d:33:6b:b6:fa:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0859017c434f618bb2cbeafc531f47132dcce0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:ee:59:6c:75:ff:0b:fa:a7:41:1f:3f:0e:
db:d8:20:1c:99:91:bc:a7:1c:b2:d6:cc:84:0d:55:
48:62:41:2b:df:48:32:b3:bf:40:6e:64:36:25:5b:
a4:ce:c1:7b:23:8e:00:28:32:e0:60:c1:0b:80:c1:
e7:40:79:d9:5f:15:a3:2d:66:bd:2b:b8:d1:13:e6:
d9:1e:24:01:82:cd:da:cc:02:ea:5b:76:fd:0c:45:
81:34:2b:99:c1:ed:dd:19:12:be:eb:e0:34:fe:e6:
d5:20:c6:20:be:c1:d1:e0:a1:4e:e8:72:ae:f1:fc:
b4:f3:23:87:6a:f9:e3:08:9b:b7:c3:a7:0e:47:0d:
42:81:87:d9:40:e1:8a:a6:58:f4:95:a5:bf:b5:99:
19:58:1d:b5:a5:20:36:82:45:6f:6a:99:8c:ba:3e:
48:0a:e0:9a:a8:70:e5:74:af:f3:97:80:70:46:4f:
71:41:b9:83:0d:6a:2c:03:2b:09:72:0d:a1:64:75:
b9:0c:ee:8b:e1:90:d5:63:c2:49:09:35:7c:63:06:
c4:5d:02:96:c3:bc:14:4c:c1:7b:fb:5d:d3:3c:f0:
34:31:ca:9f:ad:ae:52:73:df:9b:75:6a:cc:59:46:
32:06:7f:2b:df:78:8f:c1:9c:cb:03:76:f3:a6:76:
b7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:59:01:7C:43:4F:61:8B:B2:CB:EA:FC:53:1F:47:13:2D:CC:E0:A5
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/CFkBfENPYYuyy-r8Ux9HEy3M4KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.92.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ff:5e:98:ab:fa:a2:4d:43:ba:71:2a:e6:eb:01:bf:30:01:
c6:54:44:1c:c3:5e:f8:60:05:9b:55:11:bd:8b:8b:86:44:4e:
2d:d3:89:ce:42:aa:dc:fc:dd:d4:e7:fd:f8:21:d7:2f:26:c8:
26:af:4a:4a:c9:2c:28:68:06:be:49:0b:84:a9:61:b9:90:77:
ac:a6:f0:81:94:d1:c0:3c:75:30:3e:0d:ac:18:d8:89:b4:0a:
3e:00:af:70:a0:20:a1:66:78:c3:d3:48:89:ad:54:f1:c0:ef:
73:66:c6:a9:d3:58:03:65:2e:f2:83:27:94:04:44:8b:db:17:
97:54:86:1a:eb:ef:46:6d:9b:9b:84:85:16:01:5e:8a:7d:c7:
3a:be:2c:97:af:56:8a:7d:8e:d2:ef:d7:07:c1:7b:ac:04:1c:
7b:9e:0a:ae:61:85:48:96:28:27:6b:77:c4:28:b0:83:f3:94:
ad:a2:3d:bd:84:66:c6:1a:3a:ee:9e:9f:94:bc:ef:28:31:33:
4f:72:1b:8a:28:9e:95:47:82:6a:de:ce:7f:32:59:c3:fe:c5:
c4:38:2d:1e:4d:5a:94:6a:06:07:62:84:78:e7:16:cb:d7:f4:
b0:e9:72:6b:49:95:8b:9b:be:17:7d:3c:38:de:80:8f:11:3a:
4c:9f:7c:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ8P8Jz5kpdVlfTNrtvrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU5MDE3YzQzNGY2MThiYjJjYmVhZmM1MzFmNDcxMzJkY2NlMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSzuWWx1/wv6p0EfPw7b2CAcmZG8
pxyy1syEDVVIYkEr30gys79AbmQ2JVukzsF7I44AKDLgYMELgMHnQHnZXxWjLWa9
K7jRE+bZHiQBgs3azALqW3b9DEWBNCuZwe3dGRK+6+A0/ubVIMYgvsHR4KFO6HKu
8fy08yOHavnjCJu3w6cORw1CgYfZQOGKplj0laW/tZkZWB21pSA2gkVvapmMuj5I
CuCaqHDldK/zl4BwRk9xQbmDDWosAysJcg2hZHW5DO6L4ZDVY8JJCTV8YwbEXQKW
w7wUTMF7+13TPPA0Mcqfra5Sc9+bdWrMWUYyBn8r33iPwZzLA3bzpna3bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhZAXxDT2GLssvq/FMfRxMtzOClMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQ0ZrQmZFTlBZWXV5eS1yOFV4OUhFeTNNNEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+VcMA0G
CSqGSIb3DQEBCwUAA4IBAQAx/16Yq/qiTUO6cSrm6wG/MAHGVEQcw174YAWbVRG9
i4uGRE4t04nOQqrc/N3U5/34IdcvJsgmr0pKySwoaAa+SQuEqWG5kHespvCBlNHA
PHUwPg2sGNiJtAo+AK9woCChZnjD00iJrVTxwO9zZsap01gDZS7ygyeUBESL2xeX
VIYa6+9GbZubhIUWAV6Kfcc6viyXr1aKfY7S79cHwXusBBx7ngquYYVIligna3fE
KLCD85Stoj29hGbGGjrunp+UvO8oMTNPchuKKJ6VR4Jq3s5/MlnD/sXEOC0eTVqU
agYHYoR45xbL1/Sw6XJrSZWLm74XfTw43oCPETpMn3wt
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:18:08 2025 by rpki-client