Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3f9528-ba1a-4253-8507-7db8f816d077/1/CJPWpn8RP7gsAwpJK6rfiafLL0g.roa
File: CJPWpn8RP7gsAwpJK6rfiafLL0g.roa (raw, json)
Hash identifier: MSILC9AgMAOaApiwEtXOHau49IMY7PQIrPiC8xgTPYU=
Subject key identifier: 08:93:D6:A6:7F:11:3F:B8:2C:03:0A:49:2B:AA:DF:89:A7:CB:2F:48
Certificate issuer: /CN=eab05011722d25c1249e658b2caecc118c29e822
Certificate serial: 0194221F825DDBC46224BD8B809C495146CB
Authority key identifier: EA:B0:50:11:72:2D:25:C1:24:9E:65:8B:2C:AE:CC:11:8C:29:E8:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6rBQEXItJcEknmWLLK7MEYwp6CI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3f9528-ba1a-4253-8507-7db8f816d077/1/CJPWpn8RP7gsAwpJK6rfiafLL0g.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59543
IP address blocks: 194.53.166.0/23 maxlen: 23
194.53.168.0/22 maxlen: 22
2001:67c:2cec::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:82:5d:db:c4:62:24:bd:8b:80:9c:49:51:46:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eab05011722d25c1249e658b2caecc118c29e822
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0893d6a67f113fb82c030a492baadf89a7cb2f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5c:67:02:d8:cd:83:a2:55:fb:ba:3d:12:ba:
8b:22:ae:2a:82:d3:bf:c0:b3:d9:22:67:8f:bc:0a:
a9:45:8b:d8:52:06:dd:4b:38:6d:5b:ef:82:87:4d:
67:7c:0f:3d:72:46:df:43:45:ba:62:c2:f0:11:cd:
bb:94:66:9f:0d:92:36:1f:b4:3b:80:97:7b:84:3b:
e1:0d:1e:d9:74:46:6f:be:81:d2:a1:0c:25:c6:96:
e0:ba:f3:8b:0e:0c:96:83:14:25:59:86:e7:70:14:
41:97:3a:0f:2f:01:dc:dc:3f:22:05:9a:d1:19:16:
fe:3d:fe:57:c0:32:cf:bb:58:fe:07:9a:f7:03:de:
4c:48:5e:99:09:3c:70:98:2e:6b:78:6e:da:48:11:
f0:66:f6:c8:95:7e:ff:ca:93:6f:66:09:54:92:10:
b1:04:46:7f:4c:37:fb:ff:aa:54:21:94:ef:ab:16:
86:1d:4e:7e:26:3d:4b:0a:9a:76:cc:18:11:ea:d0:
bd:b8:61:f5:6e:01:23:b1:6d:be:d5:83:45:23:1a:
dc:5e:4c:72:24:bd:02:04:a7:a4:d6:d0:c2:cd:da:
36:89:a5:66:22:4e:04:06:17:50:3d:6e:cb:40:31:
d1:59:6a:d6:a4:4a:45:e3:c6:1d:1a:7b:73:14:27:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:93:D6:A6:7F:11:3F:B8:2C:03:0A:49:2B:AA:DF:89:A7:CB:2F:48
X509v3 Authority Key Identifier:
keyid:EA:B0:50:11:72:2D:25:C1:24:9E:65:8B:2C:AE:CC:11:8C:29:E8:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6rBQEXItJcEknmWLLK7MEYwp6CI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3f9528-ba1a-4253-8507-7db8f816d077/1/CJPWpn8RP7gsAwpJK6rfiafLL0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3f9528-ba1a-4253-8507-7db8f816d077/1/6rBQEXItJcEknmWLLK7MEYwp6CI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.166.0-194.53.171.255
IPv6:
2001:67c:2cec::/48
Signature Algorithm: sha256WithRSAEncryption
5b:d7:e2:e4:1b:21:33:21:dd:64:de:8e:02:4f:1c:e0:14:bf:
e0:9d:98:32:1e:f5:4f:8c:b3:01:c0:24:da:23:6f:02:cd:6c:
8f:61:1a:fb:58:16:2d:ac:a5:09:eb:59:63:1b:02:1b:c2:d3:
04:ff:21:a3:d4:9b:2b:2f:83:97:c2:3b:17:c7:c6:17:b8:90:
6f:f4:6c:d3:63:fe:48:d3:26:eb:3f:bc:b7:45:65:56:6d:49:
42:54:7d:0d:40:38:63:89:ad:3d:e2:e8:bd:61:87:68:13:ba:
f5:a4:44:3e:60:b9:99:04:e1:f6:99:85:eb:80:70:93:3c:95:
12:03:a5:ae:dc:f3:cd:4c:31:f7:b7:ab:db:15:c5:42:79:da:
50:a8:dd:df:51:db:27:25:61:68:49:ed:33:58:20:f8:24:cf:
12:b1:3b:d4:45:44:a7:d1:a2:5b:f8:3e:d7:3e:14:d0:16:29:
e5:ce:dd:73:1c:73:2f:18:29:3d:a8:04:ce:cf:69:bf:91:4f:
eb:31:07:b5:35:ea:ef:5f:40:24:ca:8a:bf:a9:7d:46:21:e9:
3e:0b:90:9a:d4:3d:be:d5:ea:b7:ec:07:db:8d:51:a1:1d:2f:
d7:8c:57:b4:7e:b8:0f:71:ca:23:c7:e1:e0:ef:dd:ee:40:b3:
25:ce:2a:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQiH4Jd28RiJL2LgJxJUUbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYjA1MDExNzIyZDI1YzEyNDllNjU4YjJjYWVjYzExOGMy
OWU4MjIwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODkzZDZhNjdmMTEzZmI4MmMwMzBhNDkyYmFhZGY4OWE3Y2IyZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1xnAtjNg6JV+7o9ErqLIq4qgtO/
wLPZImePvAqpRYvYUgbdSzhtW++Ch01nfA89ckbfQ0W6YsLwEc27lGafDZI2H7Q7
gJd7hDvhDR7ZdEZvvoHSoQwlxpbguvOLDgyWgxQlWYbncBRBlzoPLwHc3D8iBZrR
GRb+Pf5XwDLPu1j+B5r3A95MSF6ZCTxwmC5reG7aSBHwZvbIlX7/ypNvZglUkhCx
BEZ/TDf7/6pUIZTvqxaGHU5+Jj1LCpp2zBgR6tC9uGH1bgEjsW2+1YNFIxrcXkxy
JL0CBKek1tDCzdo2iaVmIk4EBhdQPW7LQDHRWWrWpEpF48YdGntzFCeyQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiT1qZ/ET+4LAMKSSuq34mnyy9IMB8GA1UdIwQY
MBaAFOqwUBFyLSXBJJ5liyyuzBGMKegiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnJCUUVYSXRKY0Vrbm1XTExLN01FWXdwNkNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZjk1MjgtYmExYS00MjUzLTg1MDct
N2RiOGY4MTZkMDc3LzEvQ0pQV3BuOFJQN2dzQXdwSks2cmZpYWZMTDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZjk1MjgtYmExYS00MjUzLTg1MDctN2RiOGY4MTZkMDc3
LzEvNnJCUUVYSXRKY0Vrbm1XTExLN01FWXdwNkNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAHCNaYD
BALCNagwDwQCAAIwCQMHACABBnws7DANBgkqhkiG9w0BAQsFAAOCAQEAW9fi5Bsh
MyHdZN6OAk8c4BS/4J2YMh71T4yzAcAk2iNvAs1sj2Ea+1gWLaylCetZYxsCG8LT
BP8ho9SbKy+Dl8I7F8fGF7iQb/Rs02P+SNMm6z+8t0VlVm1JQlR9DUA4Y4mtPeLo
vWGHaBO69aREPmC5mQTh9pmF64BwkzyVEgOlrtzzzUwx97er2xXFQnnaUKjd31Hb
JyVhaEntM1gg+CTPErE71EVEp9GiW/g+1z4U0BYp5c7dcxxzLxgpPagEzs9pv5FP
6zEHtTXq719AJMqKv6l9RiHpPguQmtQ9vtXqt+wH241RoR0v14xXtH64D3HKI8fh
4O/d7kCzJc4q5w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net