Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/0qPI6vSRjl3MDD4x9uyJJa-SO1o.roa
File: 0qPI6vSRjl3MDD4x9uyJJa-SO1o.roa (raw, json)
Hash identifier: jH91v0lF95ojhMb/uZyaF18Y6ODL7io9YWPdskFoWP4=
Subject key identifier: D2:A3:C8:EA:F4:91:8E:5D:CC:0C:3E:31:F6:EC:89:25:AF:92:3B:5A
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01944243AE34DCF999542ED5A7615EB34D4F
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/0qPI6vSRjl3MDD4x9uyJJa-SO1o.roa
Signing time: Tue 07 Jan 2025 19:35:19 +0000
ROA not before: Tue 07 Jan 2025 19:35:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 95.214.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:43:ae:34:dc:f9:99:54:2e:d5:a7:61:5e:b3:4d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 7 19:35:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2a3c8eaf4918e5dcc0c3e31f6ec8925af923b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:07:5d:4a:40:4f:59:9b:5c:03:69:14:a4:86:
a4:18:4f:4d:49:54:fb:a1:1d:8d:fb:35:24:f5:b6:
d3:15:9c:04:d9:03:e0:8d:90:f2:78:9c:d9:d7:9a:
0d:08:cd:18:0e:2c:5e:1f:33:a9:a7:16:60:f1:d9:
d1:36:63:74:64:4c:33:fb:79:e2:3d:6a:70:ab:87:
5e:b4:bf:b0:67:21:4d:d3:a3:d5:0c:aa:d0:19:ea:
75:f5:bd:20:5e:51:7b:60:7f:38:0b:c8:91:12:60:
df:71:57:d3:64:51:8e:c4:6b:c2:60:cb:35:26:09:
13:d4:e3:d8:86:3d:7d:ad:c7:b8:5f:25:98:09:49:
6c:f0:9e:f0:6e:47:07:ab:a0:3e:54:8d:b3:6a:18:
9c:3f:51:d0:a3:6f:8b:a2:04:ac:b8:b6:dd:a5:1f:
37:e8:29:47:77:14:f6:2e:d9:34:b4:b8:0e:5f:bc:
4c:48:54:99:b0:c1:fd:04:71:72:1c:d8:b2:34:35:
ab:24:8d:0d:ff:2f:69:2c:33:1d:22:f3:c7:45:36:
6e:66:59:3e:f1:c3:8c:a9:b2:d6:a2:2b:ca:58:53:
f4:cd:bc:e0:be:3e:6c:2a:db:21:14:e0:58:5c:33:
82:c3:39:01:ec:20:fb:58:51:17:56:2d:b0:91:66:
4b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A3:C8:EA:F4:91:8E:5D:CC:0C:3E:31:F6:EC:89:25:AF:92:3B:5A
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/0qPI6vSRjl3MDD4x9uyJJa-SO1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.181.0/24
Signature Algorithm: sha256WithRSAEncryption
02:09:49:43:68:46:17:99:80:21:3e:75:b0:50:be:16:54:50:
91:c6:b7:aa:ef:f2:6d:b7:87:c4:02:95:fb:d2:27:c4:22:95:
f1:9f:14:cd:ec:35:89:fc:92:bf:69:aa:07:9b:d4:3a:e1:dd:
a7:07:48:b8:73:5f:61:21:62:23:1e:0c:66:21:b2:eb:48:14:
41:34:6f:d7:0f:61:11:3a:c1:22:d9:9e:63:73:85:06:5a:34:
42:a1:23:97:25:f9:73:38:df:95:e7:28:22:e3:c3:ab:63:f6:
b2:22:59:85:45:ca:24:7b:40:fd:bb:a0:0e:db:2a:3c:20:da:
e1:72:b5:95:02:01:0e:00:9c:c2:f5:75:28:05:09:3b:8f:b8:
f8:24:2f:c9:7d:a2:c1:d2:4d:5b:17:27:df:62:64:0c:a3:b9:
06:af:c6:35:c4:d9:bd:63:63:06:94:25:83:75:68:8a:33:d3:
5b:58:f3:7f:3c:a5:71:39:38:fc:bb:15:48:7e:d7:b6:91:35:
86:9a:b9:09:0c:99:3c:68:26:af:ff:1b:b5:ec:ee:e1:7a:d4:
29:3c:d2:9d:37:86:c1:37:4c:a8:45:24:86:17:e2:1b:03:b4:
3a:c7:1a:6f:ce:e5:6b:72:0d:f5:ef:d6:37:f7:ca:06:2c:3a:
df:c1:23:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRCQ6403PmZVC7Vp2Fes01PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjUwMTA3MTkzNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEzYzhlYWY0OTE4ZTVkY2MwYzNlMzFmNmVjODkyNWFmOTIzYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwddSkBPWZtcA2kUpIakGE9NSVT7
oR2N+zUk9bbTFZwE2QPgjZDyeJzZ15oNCM0YDixeHzOppxZg8dnRNmN0ZEwz+3ni
PWpwq4detL+wZyFN06PVDKrQGep19b0gXlF7YH84C8iREmDfcVfTZFGOxGvCYMs1
JgkT1OPYhj19rce4XyWYCUls8J7wbkcHq6A+VI2zahicP1HQo2+LogSsuLbdpR83
6ClHdxT2Ltk0tLgOX7xMSFSZsMH9BHFyHNiyNDWrJI0N/y9pLDMdIvPHRTZuZlk+
8cOMqbLWoivKWFP0zbzgvj5sKtshFOBYXDOCwzkB7CD7WFEXVi2wkWZLjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKjyOr0kY5dzAw+MfbsiSWvkjtaMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvMHFQSTZ2U1JqbDNNREQ0eDl1eUpKYS1TTzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9a1MA0G
CSqGSIb3DQEBCwUAA4IBAQACCUlDaEYXmYAhPnWwUL4WVFCRxreq7/Jtt4fEApX7
0ifEIpXxnxTN7DWJ/JK/aaoHm9Q64d2nB0i4c19hIWIjHgxmIbLrSBRBNG/XD2ER
OsEi2Z5jc4UGWjRCoSOXJflzON+V5ygi48OrY/ayIlmFRcoke0D9u6AO2yo8INrh
crWVAgEOAJzC9XUoBQk7j7j4JC/JfaLB0k1bFyffYmQMo7kGr8Y1xNm9Y2MGlCWD
dWiKM9NbWPN/PKVxOTj8uxVIfte2kTWGmrkJDJk8aCav/xu17O7hetQpPNKdN4bB
N0yoRSSGF+IbA7Q6xxpvzuVrcg3179Y398oGLDrfwSNX
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:33:39 2025 by rpki-client