Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/ihNwlKbuNiGlnJM8yFd2Nxrvaqo.roa
File: ihNwlKbuNiGlnJM8yFd2Nxrvaqo.roa (raw, json)
Hash identifier: auV56nH817P5x20E5reCmB5GZHUds7d7BudXxN/HlG8=
Subject key identifier: 8A:13:70:94:A6:EE:36:21:A5:9C:93:3C:C8:57:76:37:1A:EF:6A:AA
Certificate issuer: /CN=03ceb09d5eea6a18e58dfdefebf29b4105e0267c
Certificate serial: 019423699EF23131D985AAB9B040CAF706AB
Authority key identifier: 03:CE:B0:9D:5E:EA:6A:18:E5:8D:FD:EF:EB:F2:9B:41:05:E0:26:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A86wnV7qahjljf3v6_KbQQXgJnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/ihNwlKbuNiGlnJM8yFd2Nxrvaqo.roa
Signing time: Wed 01 Jan 2025 19:48:31 +0000
ROA not before: Wed 01 Jan 2025 19:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51849
IP address blocks: 95.215.72.0/24 maxlen: 24
95.215.73.0/24 maxlen: 24
95.215.74.0/24 maxlen: 24
95.215.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:9e:f2:31:31:d9:85:aa:b9:b0:40:ca:f7:06:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ceb09d5eea6a18e58dfdefebf29b4105e0267c
Validity
Not Before: Jan 1 19:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a137094a6ee3621a59c933cc85776371aef6aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:20:03:f9:8d:ae:b3:18:c7:d7:69:fb:0c:b3:
39:ed:a3:e3:18:c2:90:f7:75:95:85:c2:d5:bf:1f:
05:2b:52:be:ba:f4:6c:e5:92:56:1b:63:e1:e0:aa:
9b:9e:94:38:52:06:af:70:1e:ad:34:4e:32:38:7c:
c5:e4:45:39:4f:07:ab:73:54:48:8e:1f:e5:2e:0f:
67:35:0c:41:0f:9f:b9:c9:25:62:eb:88:41:55:8e:
e9:12:80:01:f5:b3:d8:f9:db:d7:96:03:1a:01:60:
b2:8a:67:bb:1a:21:26:34:2e:a4:28:f0:e0:27:cb:
dd:56:62:18:71:3f:b4:fd:d3:4d:22:3c:17:2b:be:
7b:5c:e3:c9:8e:cb:97:e7:3f:28:f1:fc:d5:2f:04:
9a:ba:48:62:19:a8:b9:c0:66:48:4b:cc:4d:73:2f:
78:e2:63:ff:37:44:e9:45:81:b2:e4:07:74:df:70:
22:18:3e:f8:c5:09:0c:24:e4:72:cd:85:82:fd:2d:
a5:9f:c3:3d:6b:c9:18:07:c1:6f:14:d1:41:0d:f4:
fd:ef:6a:a3:9b:1b:b3:7e:be:ae:37:7a:71:aa:24:
d5:3c:68:89:39:33:63:72:60:a1:92:44:38:f7:74:
a9:36:3b:08:f1:c9:ee:59:27:b9:c4:d0:a6:35:9e:
2c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:13:70:94:A6:EE:36:21:A5:9C:93:3C:C8:57:76:37:1A:EF:6A:AA
X509v3 Authority Key Identifier:
keyid:03:CE:B0:9D:5E:EA:6A:18:E5:8D:FD:EF:EB:F2:9B:41:05:E0:26:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A86wnV7qahjljf3v6_KbQQXgJnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/ihNwlKbuNiGlnJM8yFd2Nxrvaqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0c4650-7964-48af-985a-34018d5c9df5/1/A86wnV7qahjljf3v6_KbQQXgJnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.72.0/22
Signature Algorithm: sha256WithRSAEncryption
78:a9:68:db:ad:cd:33:1e:4e:62:01:76:61:2d:c8:da:0b:30:
d6:05:15:6b:7f:04:4d:b0:96:43:6c:77:85:00:6b:2b:91:dc:
fd:a5:64:71:c0:0f:5d:fb:d5:56:32:68:f0:07:06:21:c7:ce:
89:a5:f1:5e:3c:8b:2b:69:0b:ab:03:e5:f4:b6:9b:33:b2:03:
d3:83:e6:11:dd:53:e6:22:76:98:e1:00:c8:bf:09:62:84:3e:
5b:bb:38:0e:99:99:5a:03:90:ef:d4:ae:33:1e:33:3e:fc:16:
bd:88:4d:7e:e0:79:e1:1c:b8:5d:12:1e:b6:30:79:d7:cf:27:
54:e0:f8:40:4a:20:85:66:73:de:32:eb:01:4b:7f:fd:78:44:
a5:60:a1:5e:16:5c:c4:b9:38:8a:a8:48:96:04:70:0d:55:8c:
92:8c:37:64:e2:a3:c9:82:a9:af:83:98:aa:8e:f7:dc:63:3f:
1e:7b:23:e6:7f:b8:fb:bd:45:bf:34:ce:19:d2:26:f7:b9:b9:
49:11:75:71:af:ae:a5:f2:7a:94:e2:25:77:d8:7e:63:2c:38:
ce:b1:d3:c5:3c:9d:6d:4f:55:95:62:f7:18:44:ed:b9:21:ca:
3c:2c:85:e6:da:ab:6b:35:f2:c8:c5:57:ff:fe:95:bd:d7:10:
e0:f0:4a:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaZ7yMTHZhaq5sEDK9warMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2ViMDlkNWVlYTZhMThlNThkZmRlZmViZjI5YjQxMDVl
MDI2N2MwHhcNMjUwMTAxMTk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTEzNzA5NGE2ZWUzNjIxYTU5YzkzM2NjODU3NzYzNzFhZWY2YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSAD+Y2usxjH12n7DLM57aPjGMKQ
93WVhcLVvx8FK1K+uvRs5ZJWG2Ph4KqbnpQ4UgavcB6tNE4yOHzF5EU5Twerc1RI
jh/lLg9nNQxBD5+5ySVi64hBVY7pEoAB9bPY+dvXlgMaAWCyime7GiEmNC6kKPDg
J8vdVmIYcT+0/dNNIjwXK757XOPJjsuX5z8o8fzVLwSaukhiGai5wGZIS8xNcy94
4mP/N0TpRYGy5Ad033AiGD74xQkMJORyzYWC/S2ln8M9a8kYB8FvFNFBDfT972qj
mxuzfr6uN3pxqiTVPGiJOTNjcmChkkQ493SpNjsI8cnuWSe5xNCmNZ4siwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoTcJSm7jYhpZyTPMhXdjca72qqMB8GA1UdIwQY
MBaAFAPOsJ1e6moY5Y397+vym0EF4CZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTg2d25WN3FhaGpsamYzdjZfS2JRUVhnSm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYzQ2NTAtNzk2NC00OGFmLTk4NWEt
MzQwMThkNWM5ZGY1LzEvaWhOd2xLYnVOaUdsbkpNOHlGZDJOeHJ2YXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYzQ2NTAtNzk2NC00OGFmLTk4NWEtMzQwMThkNWM5ZGY1
LzEvQTg2d25WN3FhaGpsamYzdjZfS2JRUVhnSm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9dIMA0G
CSqGSIb3DQEBCwUAA4IBAQB4qWjbrc0zHk5iAXZhLcjaCzDWBRVrfwRNsJZDbHeF
AGsrkdz9pWRxwA9d+9VWMmjwBwYhx86JpfFePIsraQurA+X0tpszsgPTg+YR3VPm
InaY4QDIvwlihD5buzgOmZlaA5Dv1K4zHjM+/Ba9iE1+4HnhHLhdEh62MHnXzydU
4PhASiCFZnPeMusBS3/9eESlYKFeFlzEuTiKqEiWBHANVYySjDdk4qPJgqmvg5iq
jvfcYz8eeyPmf7j7vUW/NM4Z0ib3ublJEXVxr66l8nqU4iV32H5jLDjOsdPFPJ1t
T1WVYvcYRO25Ico8LIXm2qtrNfLIxVf//pW91xDg8Eq4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:34 2025 by rpki-client