Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CPFbbnVbV85Q54xZdljo6XSscBc.roa
File: CPFbbnVbV85Q54xZdljo6XSscBc.roa (raw, json)
Hash identifier: 9m4EjkM8HxLNwWVcKoNJNb1OoGMTUc8L8Zc7clqArU0=
Subject key identifier: 08:F1:5B:6E:75:5B:57:CE:50:E7:8C:59:76:58:E8:E9:74:AC:70:17
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0194206810FF75653F9B214AEF2D93920701
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CPFbbnVbV85Q54xZdljo6XSscBc.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35178
IP address blocks: 85.239.32.0/24 maxlen: 24
2a07:7dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:10:ff:75:65:3f:9b:21:4a:ef:2d:93:92:07:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08f15b6e755b57ce50e78c597658e8e974ac7017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:77:6d:93:ff:26:d3:19:11:98:d4:5a:ac:f1:
ce:2e:28:93:c3:56:81:d5:20:c7:c5:bf:9c:94:44:
57:63:4a:31:82:b2:21:20:da:79:d9:fa:ae:ed:3e:
c7:d5:ab:23:8f:69:cf:fc:e1:ac:24:fd:48:e7:cb:
38:be:b7:4b:65:47:c5:9c:ab:4e:6c:e1:db:35:9b:
ea:3d:01:92:b9:47:50:5a:83:b2:21:f0:11:94:43:
31:9c:7d:9c:3a:cd:8a:f1:c9:2b:bb:bf:bb:8f:e7:
76:4e:2f:aa:96:f7:f2:8c:e9:6a:66:40:03:b1:59:
62:a5:91:03:93:81:51:44:a8:f5:38:d9:29:33:93:
18:15:11:30:47:3b:af:fd:25:5a:d2:31:99:bb:5e:
7c:ee:dc:c0:b2:3c:1c:aa:46:40:03:a7:16:d0:7a:
96:69:3c:2e:de:80:37:52:27:65:b7:35:c1:d1:32:
7c:6d:1c:b4:71:2c:e6:cb:d9:3b:8b:41:c7:21:4e:
f7:12:c7:1d:a4:af:ae:0f:86:fb:6b:56:79:2d:a4:
a1:33:51:ff:d4:62:ad:38:d2:aa:45:88:ef:88:3d:
96:a1:26:60:08:8a:c5:05:39:4a:1d:c9:ba:ad:fc:
d3:a0:0f:27:8a:31:6c:a0:e3:86:33:2c:f7:44:d2:
9a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F1:5B:6E:75:5B:57:CE:50:E7:8C:59:76:58:E8:E9:74:AC:70:17
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/CPFbbnVbV85Q54xZdljo6XSscBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.32.0/24
IPv6:
2a07:7dc0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:87:9b:01:52:71:8f:e2:e6:6c:98:ef:e5:cc:24:ea:83:18:
33:85:e3:09:ec:0f:a3:f1:21:9c:f3:ce:90:f8:3a:17:01:11:
31:3a:01:32:1b:8b:b2:9e:c2:b0:9c:46:2e:8b:59:b6:b2:8a:
92:d2:63:53:0b:62:62:1c:1e:d3:96:9d:a1:a4:2f:7a:82:ff:
d9:b8:07:6f:bb:8a:65:4c:26:16:8b:b7:bf:ca:24:eb:1b:33:
9e:d4:46:9c:ad:cd:4b:6e:0d:b7:53:d0:c8:f5:71:e5:8e:8c:
dc:23:a3:89:b0:64:5c:06:52:80:40:79:15:1a:32:48:ce:19:
3b:28:ce:59:4d:e4:d3:39:4f:cb:15:c5:f6:3e:ec:1a:25:20:
0d:af:8b:13:13:86:ae:9b:5e:e6:1d:01:07:e8:e6:a0:4b:bc:
07:73:1f:2e:e8:4d:a0:44:1f:97:61:f0:a8:74:36:c5:2f:d2:
0c:63:2a:c3:c0:ca:cd:10:12:bb:9c:75:b7:7d:5c:03:eb:b8:
e3:31:27:02:f4:c0:8b:14:bd:37:33:bd:5b:e7:a5:8f:a5:51:
d3:90:14:db:f2:6f:45:64:a6:ef:12:a5:c1:6d:83:ec:d6:e2:
5d:67:04:42:29:3c:e5:62:63:7d:7a:65:1f:51:ec:82:57:50:
cb:81:e9:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaBD/dWU/myFK7y2TkgcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYxNWI2ZTc1NWI1N2NlNTBlNzhjNTk3NjU4ZThlOTc0YWM3MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXdtk/8m0xkRmNRarPHOLiiTw1aB
1SDHxb+clERXY0oxgrIhINp52fqu7T7H1asjj2nP/OGsJP1I58s4vrdLZUfFnKtO
bOHbNZvqPQGSuUdQWoOyIfARlEMxnH2cOs2K8ckru7+7j+d2Ti+qlvfyjOlqZkAD
sVlipZEDk4FRRKj1ONkpM5MYFREwRzuv/SVa0jGZu1587tzAsjwcqkZAA6cW0HqW
aTwu3oA3UidltzXB0TJ8bRy0cSzmy9k7i0HHIU73EscdpK+uD4b7a1Z5LaShM1H/
1GKtONKqRYjviD2WoSZgCIrFBTlKHcm6rfzToA8nijFsoOOGMyz3RNKaBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjxW251W1fOUOeMWXZY6Ol0rHAXMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvQ1BGYmJuVmJWODVRNTR4WmRsam82WFNzY0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVe8gMA0E
AgACMAcDBQMqB33AMA0GCSqGSIb3DQEBCwUAA4IBAQCrh5sBUnGP4uZsmO/lzCTq
gxgzheMJ7A+j8SGc886Q+DoXARExOgEyG4uynsKwnEYui1m2soqS0mNTC2JiHB7T
lp2hpC96gv/ZuAdvu4plTCYWi7e/yiTrGzOe1Eacrc1Lbg23U9DI9XHljozcI6OJ
sGRcBlKAQHkVGjJIzhk7KM5ZTeTTOU/LFcX2PuwaJSANr4sTE4aum17mHQEH6Oag
S7wHcx8u6E2gRB+XYfCodDbFL9IMYyrDwMrNEBK7nHW3fVwD67jjMScC9MCLFL03
M71b56WPpVHTkBTb8m9FZKbvEqXBbYPs1uJdZwRCKTzlYmN9emUfUeyCV1DLgel5
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:25 2025 by rpki-client