Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/2ab0d0-8e44-4294-9030-145867e63c36/1/CPReP6KUHFjI-G_LF9f3e6Eb5ek.roa
File: CPReP6KUHFjI-G_LF9f3e6Eb5ek.roa (raw, json)
Hash identifier: tzJbSvqS0VX//xlzuLKLcr1YZThbLwcLRDfpdw5boCM=
Subject key identifier: 08:F4:5E:3F:A2:94:1C:58:C8:F8:6F:CB:17:D7:F7:7B:A1:1B:E5:E9
Certificate issuer: /CN=2cb8016dbda57876e3c9c95f752e7566b25a184f
Certificate serial: 01856D93D2317ABB12FBD464FFB194946232
Authority key identifier: 2C:B8:01:6D:BD:A5:78:76:E3:C9:C9:5F:75:2E:75:66:B2:5A:18:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLgBbb2leHbjyclfdS51ZrJaGE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/2ab0d0-8e44-4294-9030-145867e63c36/1/CPReP6KUHFjI-G_LF9f3e6Eb5ek.roa
Signing time: Sun 01 Jan 2023 13:44:42 +0000
ROA not before: Sun 01 Jan 2023 13:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 109.107.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:d2:31:7a:bb:12:fb:d4:64:ff:b1:94:94:62:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb8016dbda57876e3c9c95f752e7566b25a184f
Validity
Not Before: Jan 1 13:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08f45e3fa2941c58c8f86fcb17d7f77ba11be5e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d9:e5:f7:9c:14:6c:7b:58:6b:c2:34:b4:f0:
50:22:b5:dd:91:6a:f0:86:37:94:0d:b4:09:7b:60:
0d:86:cb:db:88:e0:9c:0b:4d:01:82:53:50:36:ac:
d4:d7:5a:2e:58:3e:74:4d:57:9b:53:c3:55:b3:db:
ff:a8:74:81:54:31:fe:2e:9d:81:40:9a:8c:d8:35:
fb:63:50:1e:1d:56:e9:4d:f2:ed:0c:21:65:e8:a3:
fa:64:14:cf:f6:0a:df:43:58:5b:79:ee:13:84:17:
dd:6d:12:03:b7:e1:44:3b:2e:2b:8f:cd:71:6f:14:
f4:52:44:90:57:bc:83:7c:1c:f8:2c:8a:2b:61:56:
5b:3c:d5:78:91:af:19:2c:99:a7:07:16:48:0a:d6:
d0:fe:20:9c:43:f2:b4:00:b1:9a:05:5c:03:08:84:
dd:f4:99:4a:4e:8b:1d:c6:7a:cb:06:2f:7f:83:89:
87:b8:8b:17:34:c9:7a:f7:e0:53:3e:ef:b8:b1:6d:
ec:a2:d1:51:ff:89:8d:16:ae:9c:a7:a6:0c:5c:0f:
13:a0:6b:f7:3c:e7:d0:22:14:c0:63:5d:21:b1:70:
c7:65:15:c5:c1:ad:75:51:b9:fb:33:4b:c4:b3:15:
f3:53:70:c1:3c:1e:28:0d:af:b3:ce:70:fa:20:7e:
32:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F4:5E:3F:A2:94:1C:58:C8:F8:6F:CB:17:D7:F7:7B:A1:1B:E5:E9
X509v3 Authority Key Identifier:
keyid:2C:B8:01:6D:BD:A5:78:76:E3:C9:C9:5F:75:2E:75:66:B2:5A:18:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLgBbb2leHbjyclfdS51ZrJaGE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/2ab0d0-8e44-4294-9030-145867e63c36/1/CPReP6KUHFjI-G_LF9f3e6Eb5ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/2ab0d0-8e44-4294-9030-145867e63c36/1/LLgBbb2leHbjyclfdS51ZrJaGE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.153.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8a:7e:d4:f6:89:f6:8b:8d:cb:93:a8:5b:fe:22:39:20:d5:
b9:f3:ef:41:78:a1:3a:09:95:80:1c:f2:81:d9:a4:90:ce:62:
3f:a2:f7:38:5f:9d:3d:3c:89:0a:b2:06:f7:4b:4d:97:40:8e:
da:19:d1:bc:6e:97:df:a3:e0:f9:e5:42:17:89:30:b2:b4:b6:
97:4d:b7:97:a8:65:dc:a0:e4:56:c2:f6:91:83:08:71:21:bb:
6c:23:57:ea:74:4d:2a:f8:13:d6:ac:8c:2c:f6:de:eb:06:ba:
ea:48:83:e2:ed:0c:f9:69:c1:ae:3e:f8:d4:55:79:8d:d9:69:
13:e8:b2:f8:03:24:89:f5:e3:96:97:f9:92:02:bf:d5:fb:b8:
04:b0:0e:d6:e8:d8:22:ac:aa:ce:93:4a:f6:49:7d:c1:f2:f9:
c9:be:91:38:8e:2e:ad:ff:4e:0e:4c:3e:3a:bc:36:b2:15:fc:
23:27:18:eb:d5:7e:5c:5f:11:95:76:d9:5a:24:68:05:df:c6:
7c:97:47:b4:31:2d:c7:cb:0e:2b:51:ec:53:8b:67:f8:d7:73:
86:30:ec:5a:30:ce:7e:77:48:55:14:20:fd:cf:2a:34:80:9b:
7c:da:ac:13:9e:19:00:3b:98:ec:46:7c:8f:3a:cd:f4:4b:40:
23:ba:19:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk9IxersS+9Rk/7GUlGIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjgwMTZkYmRhNTc4NzZlM2M5Yzk1Zjc1MmU3NTY2YjI1
YTE4NGYwHhcNMjMwMTAxMTM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGY0NWUzZmEyOTQxYzU4YzhmODZmY2IxN2Q3Zjc3YmExMWJlNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtnl95wUbHtYa8I0tPBQIrXdkWrw
hjeUDbQJe2ANhsvbiOCcC00BglNQNqzU11ouWD50TVebU8NVs9v/qHSBVDH+Lp2B
QJqM2DX7Y1AeHVbpTfLtDCFl6KP6ZBTP9grfQ1hbee4ThBfdbRIDt+FEOy4rj81x
bxT0UkSQV7yDfBz4LIorYVZbPNV4ka8ZLJmnBxZICtbQ/iCcQ/K0ALGaBVwDCITd
9JlKTosdxnrLBi9/g4mHuIsXNMl69+BTPu+4sW3sotFR/4mNFq6cp6YMXA8ToGv3
POfQIhTAY10hsXDHZRXFwa11Ubn7M0vEsxXzU3DBPB4oDa+zznD6IH4yRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAj0Xj+ilBxYyPhvyxfX93uhG+XpMB8GA1UdIwQY
MBaAFCy4AW29pXh248nJX3UudWayWhhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExnQmJiMmxlSGJqeWNsZmRTNTFackphR0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yYWIwZDAtOGU0NC00Mjk0LTkwMzAt
MTQ1ODY3ZTYzYzM2LzEvQ1BSZVA2S1VIRmpJLUdfTEY5ZjNlNkViNWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yYWIwZDAtOGU0NC00Mjk0LTkwMzAtMTQ1ODY3ZTYzYzM2
LzEvTExnQmJiMmxlSGJqeWNsZmRTNTFackphR0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuZMA0G
CSqGSIb3DQEBCwUAA4IBAQAnin7U9on2i43Lk6hb/iI5INW58+9BeKE6CZWAHPKB
2aSQzmI/ovc4X509PIkKsgb3S02XQI7aGdG8bpffo+D55UIXiTCytLaXTbeXqGXc
oORWwvaRgwhxIbtsI1fqdE0q+BPWrIws9t7rBrrqSIPi7Qz5acGuPvjUVXmN2WkT
6LL4AySJ9eOWl/mSAr/V+7gEsA7W6NgirKrOk0r2SX3B8vnJvpE4ji6t/04OTD46
vDayFfwjJxjr1X5cXxGVdtlaJGgF38Z8l0e0MS3Hyw4rUexTi2f413OGMOxaMM5+
d0hVFCD9zyo0gJt82qwTnhkAO5jsRnyPOs30S0Ajuhnj
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:09:03 2025 by rpki-client