Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/I1zHaQQRYLrcyVV_p7zdgQcgj04.roa
File: I1zHaQQRYLrcyVV_p7zdgQcgj04.roa (raw, json)
Hash identifier: nbCYExvOS/Zd2nQEaLZOZ4aCTtDQi4hCq22Gm0Zds8g=
Subject key identifier: 23:5C:C7:69:04:11:60:BA:DC:C9:55:7F:A7:BC:DD:81:07:20:8F:4E
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0193DFD9F6C5F15B73BA515048A673966F31
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/I1zHaQQRYLrcyVV_p7zdgQcgj04.roa
Signing time: Thu 19 Dec 2024 16:57:03 +0000
ROA not before: Thu 19 Dec 2024 16:57:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 95.164.77.0/24 maxlen: 24
95.164.78.0/24 maxlen: 24
95.164.79.0/24 maxlen: 24
95.164.160.0/24 maxlen: 24
95.164.161.0/24 maxlen: 24
95.164.162.0/24 maxlen: 24
95.164.163.0/24 maxlen: 24
95.164.164.0/24 maxlen: 24
95.164.165.0/24 maxlen: 24
95.164.166.0/24 maxlen: 24
95.164.167.0/24 maxlen: 24
95.164.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:d9:f6:c5:f1:5b:73:ba:51:50:48:a6:73:96:6f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 19 16:57:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=235cc769041160badcc9557fa7bcdd8107208f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c3:d7:43:66:eb:68:e8:2a:cf:b3:fb:14:11:
cf:c6:0e:dc:bc:c3:f2:9d:c5:72:3a:1a:4e:77:ec:
7b:49:c5:bb:26:fa:b0:5d:50:4d:10:36:c2:bd:e0:
f7:13:1f:2e:05:73:d1:af:15:1f:4c:8b:83:ae:29:
e4:69:d8:23:9f:0d:0d:60:02:85:60:be:f2:61:f0:
da:20:c0:8f:bb:8f:9b:c8:2a:f2:98:57:e6:36:f0:
f8:69:31:7b:f0:4b:cb:53:99:a5:91:63:62:65:66:
71:b4:34:7a:7d:f8:c0:ae:8e:96:4b:c2:ba:82:35:
6d:68:0e:75:8b:92:d7:03:e5:9a:51:f6:0c:a2:4a:
59:f1:01:d3:c7:3c:8d:c1:0e:cc:28:d9:91:53:c8:
35:6f:66:1f:ac:65:5c:33:7f:5f:38:33:4a:d4:98:
f9:28:a5:e7:da:dd:4d:a8:7d:a8:94:56:e7:fb:33:
87:ca:fa:a9:eb:02:3a:d9:5f:62:1e:1b:f7:4d:04:
54:e5:f1:31:81:c8:4f:b1:c3:a2:c0:aa:52:e8:09:
27:2d:ce:c7:75:c6:b0:81:bb:44:93:bf:37:18:29:
e5:18:6d:43:85:c2:80:31:f5:38:ff:ab:2e:43:ad:
ad:41:d8:1c:f3:22:63:af:c3:56:1e:fa:ad:79:2c:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5C:C7:69:04:11:60:BA:DC:C9:55:7F:A7:BC:DD:81:07:20:8F:4E
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/I1zHaQQRYLrcyVV_p7zdgQcgj04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.77.0-95.164.79.255
95.164.160.0/21
95.164.224.0/22
Signature Algorithm: sha256WithRSAEncryption
32:78:67:8a:0f:5a:2e:bc:a9:67:96:3e:8b:02:06:bb:fc:2f:
45:01:ac:7b:b3:eb:c1:3d:ae:aa:cf:c4:ec:4a:37:70:bf:f3:
ac:08:b9:87:17:64:55:ce:63:1d:fb:c1:25:f0:89:63:0a:43:
6d:09:b2:0b:98:0f:7b:e9:8f:9c:d2:0b:58:7d:50:f8:a3:7d:
a1:a7:9d:68:db:3f:61:30:2f:dc:ba:53:4d:e4:30:f5:8b:ef:
1a:2e:d6:a2:22:37:0c:29:e8:1a:80:aa:46:2f:07:dc:6a:ff:
32:db:56:91:f9:32:5b:34:9c:12:56:98:27:7e:5f:d2:b7:ed:
91:48:a9:79:6b:b7:12:cf:34:af:52:d0:dd:15:a0:db:31:62:
11:40:66:73:12:5e:c5:de:84:8f:e9:18:ad:42:41:6d:b0:05:
1d:22:5f:9b:45:ef:9a:e0:5b:92:4f:a3:76:50:ad:fd:a6:73:
02:ce:67:00:87:c6:a3:2b:75:bb:b4:ae:bd:49:64:c8:5d:7b:
1f:49:9c:16:35:17:39:1b:2f:26:dc:2e:d1:84:cd:b5:72:03:
b3:d7:4c:af:00:ce:b3:49:64:6e:ec:ca:24:d4:e3:af:e7:99:
a2:c6:cb:79:f1:d6:93:e6:14:95:59:80:62:1e:19:03:36:a4:
21:62:09:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZPf2fbF8VtzulFQSKZzlm8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMjE5MTY1NzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVjYzc2OTA0MTE2MGJhZGNjOTU1N2ZhN2JjZGQ4MTA3MjA4ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MPXQ2braOgqz7P7FBHPxg7cvMPy
ncVyOhpOd+x7ScW7JvqwXVBNEDbCveD3Ex8uBXPRrxUfTIuDrinkadgjnw0NYAKF
YL7yYfDaIMCPu4+byCrymFfmNvD4aTF78EvLU5mlkWNiZWZxtDR6ffjAro6WS8K6
gjVtaA51i5LXA+WaUfYMokpZ8QHTxzyNwQ7MKNmRU8g1b2YfrGVcM39fODNK1Jj5
KKXn2t1NqH2olFbn+zOHyvqp6wI62V9iHhv3TQRU5fExgchPscOiwKpS6AknLc7H
dcawgbtEk783GCnlGG1DhcKAMfU4/6suQ62tQdgc8yJjr8NWHvqteSxYBQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCNcx2kEEWC63MlVf6e83YEHII9OMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSTF6SGFRUVJZTHJjeVZWX3A3emRnUWNnajA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABfpE0D
BARfpEADBANfpKADBAJfpOAwDQYJKoZIhvcNAQELBQADggEBADJ4Z4oPWi68qWeW
PosCBrv8L0UBrHuz68E9rqrPxOxKN3C/86wIuYcXZFXOYx37wSXwiWMKQ20JsguY
D3vpj5zSC1h9UPijfaGnnWjbP2EwL9y6U03kMPWL7xou1qIiNwwp6BqAqkYvB9xq
/zLbVpH5Mls0nBJWmCd+X9K37ZFIqXlrtxLPNK9S0N0VoNsxYhFAZnMSXsXehI/p
GK1CQW2wBR0iX5tF75rgW5JPo3ZQrf2mcwLOZwCHxqMrdbu0rr1JZMhdex9JnBY1
FzkbLybcLtGEzbVyA7PXTK8AzrNJZG7syiTU46/nmaLGy3nx1pPmFJVZgGIeGQM2
pCFiCVw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:57 2025 by rpki-client