Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77fe48-d1f1-449a-807d-4c19ec5b57ca/1/U_CJPYiKsC4pTY0SsfSjtBrH8dE.roa
File: U_CJPYiKsC4pTY0SsfSjtBrH8dE.roa (raw, json)
Hash identifier: AQXnBaIOWVXqlXh1gif0C/a7bntYjy34IbEEU6kS/30=
Subject key identifier: 53:F0:89:3D:88:8A:B0:2E:29:4D:8D:12:B1:F4:A3:B4:1A:C7:F1:D1
Certificate issuer: /CN=09cd218abcdf66e79500ab913cd21cf06e405d4e
Certificate serial: 019427481AA07F61A1E829782AC77EBF992F
Authority key identifier: 09:CD:21:8A:BC:DF:66:E7:95:00:AB:91:3C:D2:1C:F0:6E:40:5D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cc0hirzfZueVAKuRPNIc8G5AXU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/77fe48-d1f1-449a-807d-4c19ec5b57ca/1/U_CJPYiKsC4pTY0SsfSjtBrH8dE.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43766
IP address blocks: 82.167.0.0/20 maxlen: 20
82.167.16.0/20 maxlen: 20
82.167.32.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1a:a0:7f:61:a1:e8:29:78:2a:c7:7e:bf:99:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09cd218abcdf66e79500ab913cd21cf06e405d4e
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53f0893d888ab02e294d8d12b1f4a3b41ac7f1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:26:0e:d0:d1:ad:5c:68:9d:8e:17:90:21:69:
9c:5d:8e:73:e6:b4:4a:2f:47:57:6d:da:9c:f5:19:
63:1a:7a:b1:40:48:b4:cf:3d:63:ce:a7:cf:21:cc:
8e:c0:0f:ed:36:64:62:4b:b0:12:52:d0:06:38:42:
fe:5d:96:93:85:0f:8f:20:39:e4:0f:32:0c:e8:69:
f4:dc:51:b3:b7:a0:e4:c3:94:18:ef:5f:82:c9:83:
02:c7:df:52:a6:91:f6:4a:9a:0a:2b:0c:c5:9e:2c:
df:d6:a2:6b:0d:33:50:5c:46:3f:3e:0e:da:f8:a9:
b6:0a:3e:5b:f3:68:1a:58:a5:b1:b5:8c:82:eb:d8:
f6:ee:aa:43:60:02:39:8b:af:24:65:24:39:79:37:
9a:88:87:0c:88:70:18:9c:ee:72:05:11:d1:1d:48:
c9:e4:0c:84:de:af:22:4a:ad:11:27:61:87:f8:1c:
a7:25:76:9e:59:a1:4d:ad:d6:4b:ae:1a:d7:60:eb:
c9:d7:62:99:ac:78:48:b0:3e:5c:92:81:94:1e:dc:
a0:ea:fc:ec:1d:5b:e2:f6:00:2a:e2:aa:52:4e:aa:
e0:19:a5:6d:ce:e3:e1:a9:4e:63:50:eb:3d:f9:dd:
82:c4:e8:40:fa:2a:5f:5a:44:26:fa:40:97:ef:ae:
fc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F0:89:3D:88:8A:B0:2E:29:4D:8D:12:B1:F4:A3:B4:1A:C7:F1:D1
X509v3 Authority Key Identifier:
keyid:09:CD:21:8A:BC:DF:66:E7:95:00:AB:91:3C:D2:1C:F0:6E:40:5D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cc0hirzfZueVAKuRPNIc8G5AXU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77fe48-d1f1-449a-807d-4c19ec5b57ca/1/U_CJPYiKsC4pTY0SsfSjtBrH8dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77fe48-d1f1-449a-807d-4c19ec5b57ca/1/Cc0hirzfZueVAKuRPNIc8G5AXU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.167.0.0-82.167.47.255
Signature Algorithm: sha256WithRSAEncryption
76:c7:8b:51:de:f1:eb:86:10:65:cf:d0:4c:65:79:86:21:ae:
cd:d7:3a:fe:0a:fd:65:38:8c:fe:7b:cd:8b:5e:55:fd:48:bb:
c9:c2:1b:8b:e7:7b:da:1b:6b:e0:00:1b:a2:6e:f5:07:b4:07:
39:d6:75:28:4e:ec:38:fa:7b:c5:9e:b6:0c:46:2d:a3:07:22:
a7:1d:5d:9e:6b:50:f8:c6:c7:3d:a4:6c:0d:94:0b:07:39:b7:
84:31:1a:03:07:3c:eb:c5:ec:05:99:46:8d:22:25:d6:9c:9b:
fe:6c:c9:7f:4e:a0:4b:24:a3:ae:51:89:07:49:7b:f3:48:7b:
de:08:45:81:bf:29:7b:bf:e6:6d:dd:fe:d5:eb:b7:6b:bf:1e:
46:db:57:17:cd:73:f8:83:90:6c:08:bf:0b:51:a0:3c:72:02:
ea:a1:77:21:1b:c9:6b:d2:c6:ce:7a:74:ee:49:3b:ba:ba:2f:
de:23:57:cc:0c:28:1c:32:2a:1e:7e:e9:97:fe:33:64:fc:a2:
46:e7:7c:78:e7:a2:bd:21:05:02:07:f3:0f:5c:0a:36:e1:9b:
c3:b7:92:55:cf:76:00:3b:70:08:e8:2d:eb:dc:42:f9:8d:98:
b5:4d:ed:56:e9:bd:6b:f9:d9:f4:97:07:9d:39:86:8a:97:49:
d1:62:07:f9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQnSBqgf2Gh6Cl4Ksd+v5kvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5Y2QyMThhYmNkZjY2ZTc5NTAwYWI5MTNjZDIxY2YwNmU0
MDVkNGUwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2YwODkzZDg4OGFiMDJlMjk0ZDhkMTJiMWY0YTNiNDFhYzdmMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSYO0NGtXGidjheQIWmcXY5z5rRK
L0dXbdqc9RljGnqxQEi0zz1jzqfPIcyOwA/tNmRiS7ASUtAGOEL+XZaThQ+PIDnk
DzIM6Gn03FGzt6Dkw5QY71+CyYMCx99SppH2SpoKKwzFnizf1qJrDTNQXEY/Pg7a
+Km2Cj5b82gaWKWxtYyC69j27qpDYAI5i68kZSQ5eTeaiIcMiHAYnO5yBRHRHUjJ
5AyE3q8iSq0RJ2GH+BynJXaeWaFNrdZLrhrXYOvJ12KZrHhIsD5ckoGUHtyg6vzs
HVvi9gAq4qpSTqrgGaVtzuPhqU5jUOs9+d2CxOhA+ipfWkQm+kCX7678RwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFFPwiT2IirAuKU2NErH0o7Qax/HRMB8GA1UdIwQY
MBaAFAnNIYq832bnlQCrkTzSHPBuQF1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2MwaGlyemZadWVWQUt1UlBOSWM4RzVBWFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2ZlNDgtZDFmMS00NDlhLTgwN2Qt
NGMxOWVjNWI1N2NhLzEvVV9DSlBZaUtzQzRwVFkwU3NmU2p0QnJIOGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2ZlNDgtZDFmMS00NDlhLTgwN2QtNGMxOWVjNWI1N2Nh
LzEvQ2MwaGlyemZadWVWQUt1UlBOSWM4RzVBWFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwBSpwME
BFKnIDANBgkqhkiG9w0BAQsFAAOCAQEAdseLUd7x64YQZc/QTGV5hiGuzdc6/gr9
ZTiM/nvNi15V/Ui7ycIbi+d72htr4AAbom71B7QHOdZ1KE7sOPp7xZ62DEYtowci
px1dnmtQ+MbHPaRsDZQLBzm3hDEaAwc868XsBZlGjSIl1pyb/mzJf06gSySjrlGJ
B0l780h73ghFgb8pe7/mbd3+1eu3a78eRttXF81z+IOQbAi/C1GgPHIC6qF3IRvJ
a9LGznp07kk7urov3iNXzAwoHDIqHn7pl/4zZPyiRud8eOeivSEFAgfzD1wKNuGb
w7eSVc92ADtwCOgt69xC+Y2YtU3tVum9a/nZ9JcHnTmGipdJ0WIH+Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:50:01 2025 by rpki-client