Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cpRfAK_EZDJI9ogPn9ugNvxqbrM.roa
File: cpRfAK_EZDJI9ogPn9ugNvxqbrM.roa (raw, json)
Hash identifier: u88i0HYo0GxqBfr9ickquLpH00ROQeMCdrYRzWvNT/Y=
Subject key identifier: 72:94:5F:00:AF:C4:64:32:48:F6:88:0F:9F:DB:A0:36:FC:6A:6E:B3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427483881C9624EB91B72F8057BE18E8C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cpRfAK_EZDJI9ogPn9ugNvxqbrM.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 23
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:38:81:c9:62:4e:b9:1b:72:f8:05:7b:e1:8e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72945f00afc4643248f6880f9fdba036fc6a6eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3a:6a:55:c0:ee:3c:72:14:7a:33:dc:63:cc:
9e:12:2f:aa:9a:bb:52:5c:5d:aa:74:a9:09:7e:7e:
94:f2:01:86:1d:df:ee:c8:61:d2:fc:1b:15:33:4f:
9c:4f:f7:e8:a7:38:14:99:06:01:32:5e:c0:2c:0f:
38:1e:74:50:1a:13:0c:fb:48:8e:79:09:12:24:09:
e0:eb:b3:51:e6:e5:5d:d6:2f:e1:11:d9:b4:e1:81:
5c:94:2d:f3:f7:ac:cf:76:f6:2d:e9:43:05:12:f7:
11:71:fd:b5:0d:52:25:b7:68:ea:0b:37:93:fe:c2:
07:75:03:d1:2a:9a:ac:27:e2:8e:72:45:f9:75:2d:
b1:7f:7c:7b:f3:e7:20:00:c8:b6:62:d8:a1:ea:a2:
8c:33:11:93:3a:6b:be:6d:92:29:eb:cd:1c:f8:a5:
3f:9a:27:32:98:28:ad:22:8f:34:02:07:7b:31:1d:
cc:b7:92:a8:41:dd:db:8d:92:44:93:0c:f2:b7:30:
a9:b3:03:a2:09:d0:dc:57:0c:39:4f:c4:9b:7a:e0:
60:7f:63:e5:75:51:a5:97:3d:20:8b:4f:0c:aa:62:
4c:82:43:66:de:bd:79:b5:26:0a:79:b6:5e:a4:bc:
95:3f:e0:49:53:43:72:ed:f2:00:b0:20:1f:37:80:
45:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:5F:00:AF:C4:64:32:48:F6:88:0F:9F:DB:A0:36:FC:6A:6E:B3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cpRfAK_EZDJI9ogPn9ugNvxqbrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/24
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:5a:aa:dc:9f:63:08:56:6f:8e:76:8e:5a:1c:61:c7:b2:3f:
12:8f:06:f2:34:b1:ac:57:80:ce:6c:be:e5:bb:e6:2d:2e:a6:
62:89:77:02:76:74:87:14:c4:6c:ff:d9:21:00:b2:2b:cb:bb:
80:5c:7e:0d:89:3a:a5:bd:79:70:aa:87:57:24:63:1a:7e:78:
4d:9c:3f:0e:6e:93:e8:d7:50:3f:8c:9b:c8:22:5d:dd:2b:89:
40:ba:a2:15:e0:62:42:9e:51:c6:40:1f:d2:15:27:f6:c2:12:
11:02:a7:aa:8f:df:91:4d:53:5d:22:06:00:5f:a3:3c:b7:3b:
e6:49:17:9e:5b:93:a0:53:4d:24:28:29:ad:73:72:86:dd:a7:
f3:12:16:38:47:e9:2f:e5:3b:77:b0:c3:24:9c:7d:0a:0a:63:
ea:4a:24:a5:3c:27:69:06:b4:64:3d:21:85:8b:05:32:d0:d9:
7f:3a:90:53:5d:1f:30:06:1c:4f:1e:a1:b2:3f:17:8b:6b:76:
49:26:6d:07:0a:11:5f:41:26:67:1f:df:96:f3:f9:98:b4:56:
73:07:1e:33:76:fe:4f:a0:58:78:52:1f:f9:bb:93:8c:37:d6:
5e:7c:ce:81:5f:60:d3:b5:6f:17:e7:7c:99:cb:fd:9a:1e:b0:
9e:0b:d1:41
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZQnSDiByWJOuRty+AV74Y6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk0NWYwMGFmYzQ2NDMyNDhmNjg4MGY5ZmRiYTAzNmZjNmE2ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDpqVcDuPHIUejPcY8yeEi+qmrtS
XF2qdKkJfn6U8gGGHd/uyGHS/BsVM0+cT/fopzgUmQYBMl7ALA84HnRQGhMM+0iO
eQkSJAng67NR5uVd1i/hEdm04YFclC3z96zPdvYt6UMFEvcRcf21DVIlt2jqCzeT
/sIHdQPRKpqsJ+KOckX5dS2xf3x78+cgAMi2Ytih6qKMMxGTOmu+bZIp680c+KU/
micymCitIo80Agd7MR3Mt5KoQd3bjZJEkwzytzCpswOiCdDcVww5T8SbeuBgf2Pl
dVGllz0gi08MqmJMgkNm3r15tSYKebZepLyVP+BJU0Ny7fIAsCAfN4BFuQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFHKUXwCvxGQySPaID5/boDb8am6zMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvY3BSZkFLX0VaREpJOW9nUG45dWdOdnhxYnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
wCQlAwQAwEcFAwQAwEcoAwQAwEdhAwQAwEeeAwQAwHllAwQAwHmsAwQAwHnAAwQA
wKVBAwQAwKVWAwQAwLChAwQAwbQ9AwQAwbUAAwQAwbW7AwQAwbcDAwQBwbdEAwQA
wbdPAwQBwbdcAwQAwbdoAwQAwbd2AwQBwepEAwQBwercAwQAwertAwQBweuOAwQA
wg6BAwQAwg7UAwQBwkQ4AwQAwkRjAwQAwkR+AwQBwkTCAwQAwkcbAwQAwkdTAwQB
wkeMAwQAwkeoAwQDwkf4AwQAwmcyAwQBwoRsAwQBwoSuMA0GCSqGSIb3DQEBCwUA
A4IBAQCiWqrcn2MIVm+Odo5aHGHHsj8SjwbyNLGsV4DObL7lu+YtLqZiiXcCdnSH
FMRs/9khALIry7uAXH4NiTqlvXlwqodXJGMafnhNnD8ObpPo11A/jJvIIl3dK4lA
uqIV4GJCnlHGQB/SFSf2whIRAqeqj9+RTVNdIgYAX6M8tzvmSReeW5OgU00kKCmt
c3KG3afzEhY4R+kv5Tt3sMMknH0KCmPqSiSlPCdpBrRkPSGFiwUy0Nl/OpBTXR8w
BhxPHqGyPxeLa3ZJJm0HChFfQSZnH9+W8/mYtFZzBx4zdv5PoFh4Uh/5u5OMN9Ze
fM6BX2DTtW8X53yZy/2aHrCeC9FB
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:11:04 2025 by rpki-client