Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/p3CfwknfntcJcKeXNwkBmQDTjRo.roa
File: p3CfwknfntcJcKeXNwkBmQDTjRo.roa (raw, json)
Hash identifier: HQKyD96aQw0B1cae393pm4KC6jsUYb1IgbC2E55egQc=
Subject key identifier: A7:70:9F:C2:49:DF:9E:D7:09:70:A7:97:37:09:01:99:00:D3:8D:1A
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 0194228DFCADFA1D8204BA43A640826883E4
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/p3CfwknfntcJcKeXNwkBmQDTjRo.roa
Signing time: Wed 01 Jan 2025 15:48:38 +0000
ROA not before: Wed 01 Jan 2025 15:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211804
IP address blocks: 82.129.14.0/23 maxlen: 24
82.129.24.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fc:ad:fa:1d:82:04:ba:43:a6:40:82:68:83:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Jan 1 15:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7709fc249df9ed70970a7973709019900d38d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:80:3e:af:57:33:67:32:9a:f8:43:b9:a8:
67:a0:5a:1f:d1:cb:73:33:36:d5:6c:7f:b2:23:8c:
e4:24:53:0e:e7:1b:60:de:14:f8:83:d4:37:a2:a1:
bb:4b:65:05:57:6e:de:35:43:d4:76:d0:d0:09:6a:
98:1f:42:f5:14:78:7f:1e:f1:82:98:ed:4d:14:b7:
f9:37:0f:15:65:ef:ad:b5:1f:37:85:cd:7a:9e:c5:
cf:e3:c6:4b:6a:8b:bc:31:5f:13:6b:a2:13:b9:46:
b8:23:71:da:b5:61:14:b7:31:37:98:24:3a:ba:01:
43:a5:ca:b9:29:dd:6f:d2:5c:4b:86:8b:4e:b6:fa:
c1:2d:45:72:94:55:db:c1:9d:b0:fb:be:d0:59:00:
d4:66:b1:25:e6:6d:5c:31:5b:73:98:8f:de:9a:9f:
0b:84:32:51:5b:c6:fb:f8:a2:55:0d:a0:cb:52:a1:
f4:48:30:c4:fb:9b:a5:72:7b:bc:ad:0f:a1:f8:c3:
de:65:f8:e6:e8:77:5f:fb:7e:38:1d:30:e1:6d:83:
02:55:d4:94:3e:fb:51:df:68:30:b9:c7:8a:fe:87:
3e:e5:46:80:dc:21:5b:6e:2f:e7:95:62:9b:72:be:
7a:f9:73:38:de:02:c2:bd:d6:15:c9:9f:7f:2c:39:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:70:9F:C2:49:DF:9E:D7:09:70:A7:97:37:09:01:99:00:D3:8D:1A
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/p3CfwknfntcJcKeXNwkBmQDTjRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.129.14.0/23
82.129.24.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:b0:5b:4b:cf:13:7a:e3:86:56:14:f1:72:53:7a:55:a5:f6:
4b:2e:7e:4d:dd:19:92:b2:7a:a5:0f:3b:5b:f4:be:42:05:87:
c1:54:00:a1:5c:10:35:33:cc:7b:2f:93:50:88:fe:27:14:41:
19:15:53:69:d7:2e:c0:92:f9:5c:29:56:9c:48:e1:71:a9:b3:
cd:5e:73:8d:d5:55:59:fb:90:d0:c9:90:0c:c1:02:31:6b:16:
fb:51:2f:5c:86:74:03:37:cc:51:ca:ab:bd:9a:95:c2:13:3c:
d3:aa:2b:51:c3:ce:ef:f6:ea:3b:9e:1b:a9:f6:91:c7:6d:db:
4c:45:6a:4c:b5:df:68:a7:59:1a:4c:85:ec:7b:aa:19:0f:54:
74:86:02:f9:09:ff:5c:1e:6b:1b:a0:88:b4:67:e7:94:4e:e0:
60:84:1e:df:6f:7d:b8:fd:c6:62:d1:c0:0d:7f:46:c7:55:e1:
0a:2b:6f:76:6e:aa:c1:3e:55:cd:b9:1d:74:99:2c:c9:52:43:
88:ac:e2:56:a4:5c:f2:36:bd:da:dd:8f:3a:dd:7f:28:54:7c:
18:e5:cc:fc:aa:97:4d:8b:56:78:e6:ab:72:0a:0a:30:6c:1a:
1d:7c:5e:41:9d:88:76:c3:97:f2:c0:67:54:15:e6:54:31:15:
87:9a:64:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijfyt+h2CBLpDpkCCaIPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjUwMTAxMTU0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzcwOWZjMjQ5ZGY5ZWQ3MDk3MGE3OTczNzA5MDE5OTAwZDM4ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLqAPq9XM2cymvhDuahnoFof0ctz
MzbVbH+yI4zkJFMO5xtg3hT4g9Q3oqG7S2UFV27eNUPUdtDQCWqYH0L1FHh/HvGC
mO1NFLf5Nw8VZe+ttR83hc16nsXP48ZLaou8MV8Ta6ITuUa4I3HatWEUtzE3mCQ6
ugFDpcq5Kd1v0lxLhotOtvrBLUVylFXbwZ2w+77QWQDUZrEl5m1cMVtzmI/emp8L
hDJRW8b7+KJVDaDLUqH0SDDE+5ulcnu8rQ+h+MPeZfjm6Hdf+344HTDhbYMCVdSU
PvtR32gwuceK/oc+5UaA3CFbbi/nlWKbcr56+XM43gLCvdYVyZ9/LDnFOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKdwn8JJ357XCXCnlzcJAZkA040aMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvcDNDZndrbmZudGNKY0tlWE53a0JtUURUalJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUoEOAwQB
UoEYMA0GCSqGSIb3DQEBCwUAA4IBAQA/sFtLzxN644ZWFPFyU3pVpfZLLn5N3RmS
snqlDztb9L5CBYfBVAChXBA1M8x7L5NQiP4nFEEZFVNp1y7AkvlcKVacSOFxqbPN
XnON1VVZ+5DQyZAMwQIxaxb7US9chnQDN8xRyqu9mpXCEzzTqitRw87v9uo7nhup
9pHHbdtMRWpMtd9op1kaTIXse6oZD1R0hgL5Cf9cHmsboIi0Z+eUTuBghB7fb324
/cZi0cANf0bHVeEKK292bqrBPlXNuR10mSzJUkOIrOJWpFzyNr3a3Y863X8oVHwY
5cz8qpdNi1Z45qtyCgowbBodfF5BnYh2w5fywGdUFeZUMRWHmmSl
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:43:18 2025 by rpki-client