Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CFGGyacDxGSvUMuIHBHBQfBg9UY.roa
File: CFGGyacDxGSvUMuIHBHBQfBg9UY.roa (raw, json)
Hash identifier: G9FM0NybPGChRl09gUocvnYTNsxk9Hflv8DtuPqf4g4=
Subject key identifier: 08:51:86:C9:A7:03:C4:64:AF:50:CB:88:1C:11:C1:41:F0:60:F5:46
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427488170A4B7BD8C8794BC95DA49B492
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CFGGyacDxGSvUMuIHBHBQfBg9UY.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211551
IP address blocks: 194.71.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:81:70:a4:b7:bd:8c:87:94:bc:95:da:49:b4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=085186c9a703c464af50cb881c11c141f060f546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:15:fd:b3:0b:be:40:ea:ad:bf:0b:e1:6c:3f:
b0:7f:8a:ff:b9:e4:41:86:64:dc:b5:f3:2e:0d:65:
08:7d:01:97:99:a4:31:ac:7a:38:f8:52:d9:db:e8:
d5:8d:0e:0b:eb:ce:75:ac:67:2f:89:d5:62:e1:a2:
00:d6:38:43:e1:fe:ae:fa:0d:13:7f:f8:54:71:40:
5b:d4:82:72:a7:59:4c:9b:d1:b8:56:30:c6:c6:78:
1e:ca:85:8d:1b:b0:b7:73:20:7e:6f:a6:d1:68:05:
ef:00:d0:8b:d2:58:5a:99:a6:4f:f5:f6:8a:1c:f6:
2d:2d:10:32:ef:37:01:ab:d4:f5:f1:b8:2c:74:75:
e6:d6:78:6f:17:cc:41:9d:fb:e6:cb:a5:21:64:18:
78:7f:8c:62:36:72:6d:fd:ed:e4:7e:81:ba:82:e2:
5e:d9:38:fa:ae:60:c1:5b:ce:92:30:2b:34:23:47:
c0:a9:f7:9f:46:f8:ed:89:d9:7c:39:4c:54:a6:f2:
f8:90:9b:e6:a0:cb:d2:31:23:ce:2d:9e:90:69:cb:
52:2e:ff:59:90:b6:63:95:a6:2f:2a:23:57:35:f5:
76:c5:2b:14:41:6c:8c:37:48:8e:90:ea:10:61:5a:
84:ef:10:2d:b6:64:be:39:f1:c1:e0:94:15:2c:22:
b3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:51:86:C9:A7:03:C4:64:AF:50:CB:88:1C:11:C1:41:F0:60:F5:46
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CFGGyacDxGSvUMuIHBHBQfBg9UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.71.139.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1c:cd:08:91:d0:f1:80:74:5f:c2:2d:bd:26:0a:23:3f:09:
12:af:6d:45:97:1a:c1:e0:dd:de:bf:96:ab:3a:a3:a4:2b:ad:
e3:49:2c:07:46:1c:4a:00:c7:1f:6a:14:bc:d6:17:e9:53:9d:
3f:00:dc:51:91:25:2b:f0:2b:09:37:78:4b:9a:ac:39:cf:6e:
4e:ab:b7:0e:2e:68:70:9c:02:e5:b1:08:91:3f:a2:6b:e4:b6:
25:50:fa:5e:16:8e:9d:54:3a:f7:cb:cc:5c:5f:9e:03:59:ff:
4c:68:ed:3d:ae:11:c3:ac:6b:66:55:c7:27:3d:58:f8:6c:18:
09:8d:61:d0:78:93:c9:c5:f8:b2:82:3b:67:2f:35:1b:a9:6c:
50:6b:3f:57:48:a2:b9:8e:14:5e:22:8d:86:ac:f6:b2:d6:5b:
90:bd:92:57:b4:2d:35:5e:3f:7c:c6:1d:b8:43:58:af:be:dd:
2d:63:d7:07:79:dd:3e:8b:97:41:a1:5e:f5:2d:fd:af:db:2b:
2d:35:50:52:f8:2c:84:cf:b0:11:29:ee:b1:9f:a8:1e:8f:31:
70:6a:2d:c6:95:e2:69:14:91:f1:12:26:42:0a:1f:d8:9c:14:
8d:8f:f6:d3:2b:0c:5e:80:1b:a4:8a:31:0c:27:7c:bb:d5:c1:
ef:d5:c8:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSIFwpLe9jIeUvJXaSbSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUxODZjOWE3MDNjNDY0YWY1MGNiODgxYzExYzE0MWYwNjBmNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBX9swu+QOqtvwvhbD+wf4r/ueRB
hmTctfMuDWUIfQGXmaQxrHo4+FLZ2+jVjQ4L6851rGcvidVi4aIA1jhD4f6u+g0T
f/hUcUBb1IJyp1lMm9G4VjDGxngeyoWNG7C3cyB+b6bRaAXvANCL0lhamaZP9faK
HPYtLRAy7zcBq9T18bgsdHXm1nhvF8xBnfvmy6UhZBh4f4xiNnJt/e3kfoG6guJe
2Tj6rmDBW86SMCs0I0fAqfefRvjtidl8OUxUpvL4kJvmoMvSMSPOLZ6QactSLv9Z
kLZjlaYvKiNXNfV2xSsUQWyMN0iOkOoQYVqE7xAttmS+OfHB4JQVLCKzpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhRhsmnA8Rkr1DLiBwRwUHwYPVGMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQ0ZHR3lhY0R4R1N2VU11SUhCSEJRZkJnOVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkeLMA0G
CSqGSIb3DQEBCwUAA4IBAQCLHM0IkdDxgHRfwi29JgojPwkSr21FlxrB4N3ev5ar
OqOkK63jSSwHRhxKAMcfahS81hfpU50/ANxRkSUr8CsJN3hLmqw5z25Oq7cOLmhw
nALlsQiRP6Jr5LYlUPpeFo6dVDr3y8xcX54DWf9MaO09rhHDrGtmVccnPVj4bBgJ
jWHQeJPJxfiygjtnLzUbqWxQaz9XSKK5jhReIo2GrPay1luQvZJXtC01Xj98xh24
Q1ivvt0tY9cHed0+i5dBoV71Lf2v2ystNVBS+CyEz7ARKe6xn6gejzFwai3GleJp
FJHxEiZCCh/YnBSNj/bTKwxegBukijEMJ3y71cHv1ciH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:06 2025 by rpki-client