Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cpQDuCQS_PmKGa6mRrggJump5IQ.roa
File: cpQDuCQS_PmKGa6mRrggJump5IQ.roa (raw, json)
Hash identifier: pejGEaNqW754xgC8ojt2JY5OjOdgLVYVhBOgK3JEQ/g=
Subject key identifier: 72:94:03:B8:24:12:FC:F9:8A:19:AE:A6:46:B8:20:26:E9:A9:E4:84
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01941F8C958426F817A45B03D81A377A76B1
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cpQDuCQS_PmKGa6mRrggJump5IQ.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135391
IP address blocks: 195.114.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:95:84:26:f8:17:a4:5b:03:d8:1a:37:7a:76:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=729403b82412fcf98a19aea646b82026e9a9e484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:30:95:5e:06:1c:66:a8:22:d6:66:69:36:98:
bf:15:e6:bd:97:8d:72:8d:2d:be:cd:0f:4d:95:cf:
ae:78:b7:95:43:77:b9:d3:77:60:dd:0e:76:39:03:
9e:42:ac:84:8f:8f:e9:e5:2b:87:e1:2a:9b:8b:2d:
ef:c8:bf:05:68:f5:04:f8:14:ed:b7:84:5b:78:e0:
ff:5e:12:6b:34:83:4a:f5:70:c1:78:8a:07:64:b0:
20:9e:62:78:03:26:2a:b6:e1:e1:8b:2c:8a:99:ed:
02:43:d5:8c:79:5c:31:e8:36:91:36:ec:98:47:38:
b9:bc:e0:37:43:a1:8d:14:28:4e:e2:9a:73:98:52:
8b:b5:15:e1:6a:56:57:2d:fd:4d:28:0b:32:9d:ec:
fa:02:fe:4c:d2:98:e1:39:33:3e:f4:6e:5b:32:d7:
19:e6:95:5e:71:87:bf:e5:58:a8:d4:81:f0:9d:52:
6d:0e:86:4a:af:4d:a8:78:3e:5a:79:aa:e1:70:dc:
26:dd:6b:15:a6:c2:4a:00:e5:1e:73:e7:57:f7:5c:
1b:df:de:c7:c1:72:18:50:53:66:81:ba:08:f9:3a:
97:86:eb:41:ca:37:46:6d:ab:71:e8:b9:2c:ee:24:
84:c3:21:3c:dc:50:d6:bf:2e:a3:72:8e:ff:2f:2b:
7d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:03:B8:24:12:FC:F9:8A:19:AE:A6:46:B8:20:26:E9:A9:E4:84
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cpQDuCQS_PmKGa6mRrggJump5IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.200.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:28:74:89:d7:88:a8:3f:97:83:59:5d:6b:1d:3e:18:52:c0:
b4:87:c6:e8:94:26:4e:82:b9:2b:58:0b:98:1d:14:c5:e7:51:
51:76:3a:cb:e0:f0:62:55:45:f4:39:ac:4c:0c:09:53:2b:50:
b7:ac:f4:20:3e:bb:72:39:8f:27:4e:29:88:f4:93:ca:ed:88:
db:d8:e8:a3:cb:65:55:a7:6b:9d:a7:21:01:ca:08:bf:76:d2:
5f:e7:82:e2:3c:f9:0a:b7:73:7a:17:da:51:70:52:f8:ac:4c:
0f:f0:da:2c:bb:d8:31:ca:1e:cb:d8:b7:1b:5e:50:5a:c8:e0:
13:e7:a0:d3:06:63:e1:d3:d8:5e:28:bb:3d:01:f9:c7:cd:42:
cf:5b:53:e4:28:25:0c:c4:c2:25:f9:cc:ac:34:74:6d:c1:47:
d4:2f:88:f1:2e:b0:f0:12:4f:94:a3:bf:4c:b1:b6:c9:b6:6c:
b2:ca:fc:29:1f:c0:b4:1a:60:78:f6:be:bd:3a:63:a1:e9:de:
c0:3b:9f:71:24:93:44:07:d8:e8:f4:f1:3b:bd:03:5b:68:4b:
af:eb:bd:03:33:47:52:77:78:1a:42:83:6d:a9:da:5e:82:ed:
68:3d:de:30:18:89:04:d3:53:8d:1d:62:a6:0a:6a:2c:c9:6a:
02:24:5d:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJWEJvgXpFsD2Bo3enaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk0MDNiODI0MTJmY2Y5OGExOWFlYTY0NmI4MjAyNmU5YTllNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjCVXgYcZqgi1mZpNpi/Fea9l41y
jS2+zQ9Nlc+ueLeVQ3e503dg3Q52OQOeQqyEj4/p5SuH4Sqbiy3vyL8FaPUE+BTt
t4RbeOD/XhJrNINK9XDBeIoHZLAgnmJ4AyYqtuHhiyyKme0CQ9WMeVwx6DaRNuyY
Rzi5vOA3Q6GNFChO4ppzmFKLtRXhalZXLf1NKAsynez6Av5M0pjhOTM+9G5bMtcZ
5pVecYe/5Vio1IHwnVJtDoZKr02oeD5aearhcNwm3WsVpsJKAOUec+dX91wb397H
wXIYUFNmgboI+TqXhutByjdGbatx6Lks7iSEwyE83FDWvy6jco7/Lyt9awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKUA7gkEvz5ihmupka4ICbpqeSEMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvY3BRRHVDUVNfUG1LR2E2bVJyZ2dKdW1wNUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LIMA0G
CSqGSIb3DQEBCwUAA4IBAQAqKHSJ14ioP5eDWV1rHT4YUsC0h8bolCZOgrkrWAuY
HRTF51FRdjrL4PBiVUX0OaxMDAlTK1C3rPQgPrtyOY8nTimI9JPK7Yjb2Oijy2VV
p2udpyEBygi/dtJf54LiPPkKt3N6F9pRcFL4rEwP8Nosu9gxyh7L2LcbXlBayOAT
56DTBmPh09heKLs9AfnHzULPW1PkKCUMxMIl+cysNHRtwUfUL4jxLrDwEk+Uo79M
sbbJtmyyyvwpH8C0GmB49r69OmOh6d7AO59xJJNEB9jo9PE7vQNbaEuv670DM0dS
d3gaQoNtqdpegu1oPd4wGIkE01ONHWKmCmosyWoCJF3Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:57:30 2025 by rpki-client