Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Cof8eev8n1uM7JC5vqffwrxP-x0.roa
File: Cof8eev8n1uM7JC5vqffwrxP-x0.roa (raw, json)
Hash identifier: L3gyFbzSnpA7qzEPac0XApSOePsviNFdneQIfFUzHbM=
Subject key identifier: 0A:87:FC:79:EB:FC:9F:5B:8C:EC:90:B9:BE:A7:DF:C2:BC:4F:FB:1D
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 019424B26D4ABCE4C21AE0D18DE9436C7501
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Cof8eev8n1uM7JC5vqffwrxP-x0.roa
Signing time: Thu 02 Jan 2025 01:47:40 +0000
ROA not before: Thu 02 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12946
IP address blocks: 83.97.128.0/17 maxlen: 17
85.152.0.0/16 maxlen: 16
85.152.0.0/19 maxlen: 19
85.152.32.0/19 maxlen: 19
85.152.64.0/19 maxlen: 19
85.152.96.0/19 maxlen: 19
93.156.0.0/17 maxlen: 17
93.156.128.0/18 maxlen: 18
93.156.224.0/19 maxlen: 19
185.54.192.0/22 maxlen: 22
188.171.0.0/16 maxlen: 16
188.171.0.0/20 maxlen: 20
188.171.16.0/20 maxlen: 20
188.171.16.0/21 maxlen: 21
212.89.0.0/19 maxlen: 19
212.89.1.0/24 maxlen: 24
212.89.16.0/20 maxlen: 20
213.141.32.0/19 maxlen: 19
213.141.32.0/20 maxlen: 20
2a00:bec7::/40 maxlen: 40
2a00:bec7:10::/48 maxlen: 48
2a00:bec7:11::/48 maxlen: 48
2a00:bec7:f800::/40 maxlen: 40
2a00:bec7:ff00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6d:4a:bc:e4:c2:1a:e0:d1:8d:e9:43:6c:75:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Jan 2 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a87fc79ebfc9f5b8cec90b9bea7dfc2bc4ffb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a5:4d:e2:e5:61:85:23:3c:8b:06:ff:a1:aa:
d4:19:be:62:84:b8:18:33:ee:20:86:c4:ce:a7:3e:
ff:bb:1d:30:ff:7a:92:a8:63:cd:b0:51:78:22:17:
cc:8d:c9:5e:cb:a0:b6:f6:b0:67:05:44:f0:2e:9b:
59:fb:b2:d2:33:1b:65:cb:88:42:11:33:33:1d:dc:
7c:b0:91:a5:cc:25:35:f1:a7:f4:2b:3e:ac:e9:72:
90:36:cf:28:ee:d0:1a:32:de:d9:64:ac:b4:12:2a:
4f:58:9d:e6:3c:c2:79:2e:00:12:e0:53:a2:fa:cd:
0b:15:90:41:27:ff:c4:31:68:93:ff:7f:e7:af:28:
18:6f:13:f3:d6:97:6a:0a:7f:f5:8f:16:e0:f2:e8:
c3:67:1d:df:7e:87:a1:09:2e:04:53:1c:5e:23:e4:
d7:a2:70:fd:02:6b:91:e0:30:03:0d:73:b2:8c:23:
66:5e:77:93:10:11:31:54:4a:0b:0b:04:15:d7:f7:
a2:76:63:95:43:98:8a:29:46:01:17:6e:05:b0:20:
b8:5b:f0:00:4e:eb:29:4b:a3:5e:56:3f:8c:37:d4:
a0:c4:c0:0e:48:ca:b1:1c:0b:96:ad:3d:62:d4:72:
51:d3:eb:c5:67:44:79:de:cc:a2:b1:09:72:21:80:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:87:FC:79:EB:FC:9F:5B:8C:EC:90:B9:BE:A7:DF:C2:BC:4F:FB:1D
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Cof8eev8n1uM7JC5vqffwrxP-x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.128.0/17
85.152.0.0/16
93.156.0.0-93.156.191.255
93.156.224.0/19
185.54.192.0/22
188.171.0.0/16
212.89.0.0/19
213.141.32.0/19
IPv6:
2a00:bec7::/40
2a00:bec7:f800::/40
2a00:bec7:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
a7:22:db:54:58:d3:1d:b5:34:6d:8e:6a:0f:0d:56:e8:79:9a:
7e:39:fb:1f:19:7c:80:bb:18:3a:60:b1:d1:a2:98:60:9b:32:
b4:b9:c5:ae:f3:35:cf:d2:75:91:a4:cd:00:92:1b:aa:a8:80:
7f:d0:d2:c6:f0:97:61:58:c8:a7:5b:6e:62:1c:1e:65:dd:4a:
bf:b0:93:fb:b3:eb:ee:71:88:d8:03:e0:40:f5:e8:d1:71:69:
79:57:bd:a0:83:5e:b4:42:1b:c2:91:87:90:a1:fe:09:e5:bd:
51:dd:c9:fb:2a:e3:34:36:26:60:a9:e4:01:3f:1c:ef:6e:cc:
da:9e:fe:43:d0:8a:68:ce:c4:be:ff:19:1f:02:6a:34:52:af:
a9:a8:98:38:d3:dd:46:e0:0c:c7:1c:be:d0:2b:0c:ff:73:73:
c3:1c:e9:9d:e5:d5:14:8d:b0:7c:d8:35:0d:fb:21:73:d3:e2:
2f:63:8f:26:d8:24:d5:28:73:d4:b1:67:2c:6e:80:a5:60:5a:
ff:c5:97:9f:de:ce:6b:62:f2:f6:e3:5e:08:d1:25:4e:ae:ba:
a9:d8:9a:74:9a:20:6c:18:ed:40:82:89:93:05:f6:f6:7e:f9:
0a:69:38:6b:af:91:a8:78:b6:02:92:63:b7:55:d0:4c:c5:68:
b2:e2:5d:00
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQksm1KvOTCGuDRjelDbHUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwMTAyMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTg3ZmM3OWViZmM5ZjViOGNlYzkwYjliZWE3ZGZjMmJjNGZmYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6VN4uVhhSM8iwb/oarUGb5ihLgY
M+4ghsTOpz7/ux0w/3qSqGPNsFF4IhfMjcley6C29rBnBUTwLptZ+7LSMxtly4hC
ETMzHdx8sJGlzCU18af0Kz6s6XKQNs8o7tAaMt7ZZKy0EipPWJ3mPMJ5LgAS4FOi
+s0LFZBBJ//EMWiT/3/nrygYbxPz1pdqCn/1jxbg8ujDZx3ffoehCS4EUxxeI+TX
onD9AmuR4DADDXOyjCNmXneTEBExVEoLCwQV1/eidmOVQ5iKKUYBF24FsCC4W/AA
TuspS6NeVj+MN9SgxMAOSMqxHAuWrT1i1HJR0+vFZ0R53syisQlyIYCvqwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFAqH/Hnr/J9bjOyQub6n38K8T/sdMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvQ29mOGVldjhuMXVNN0pDNXZxZmZ3cnhQLXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA7BAIAATA1AwQHU2GAAwMA
VZgwCwMDAl2cAwQGXZyAAwQFXZzgAwQCuTbAAwMAvKsDBAXUWQADBAXVjSAwHgQC
AAIwGAMGACoAvscAAwYAKgC+x/gDBgAqAL7H/zANBgkqhkiG9w0BAQsFAAOCAQEA
pyLbVFjTHbU0bY5qDw1W6Hmafjn7Hxl8gLsYOmCx0aKYYJsytLnFrvM1z9J1kaTN
AJIbqqiAf9DSxvCXYVjIp1tuYhweZd1Kv7CT+7Pr7nGI2APgQPXo0XFpeVe9oINe
tEIbwpGHkKH+CeW9Ud3J+yrjNDYmYKnkAT8c727M2p7+Q9CKaM7Evv8ZHwJqNFKv
qaiYONPdRuAMxxy+0CsM/3NzwxzpneXVFI2wfNg1Dfshc9PiL2OPJtgk1Shz1LFn
LG6ApWBa/8WXn97Oa2Ly9uNeCNElTq66qdiadJogbBjtQIKJkwX29n75Cmk4a6+R
qHi2ApJjt1XQTMVosuJdAA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:19:36 2025 by rpki-client