Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa
File: si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa (raw, json)
Hash identifier: W756W2q9Uo4OIz6cW6EmdvSzWEInH/DkuueIKPPWQnY=
Subject key identifier: B2:2E:DB:48:F4:E9:B7:42:A1:F3:64:03:B7:93:9C:FC:0A:A5:3F:4B
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01856D386535334E0F0E65809F06CB5E2E0A
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa
Signing time: Sun 01 Jan 2023 12:04:50 +0000
ROA not before: Sun 01 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12722
IP address blocks: 95.181.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:65:35:33:4e:0f:0e:65:80:9f:06:cb:5e:2e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 1 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b22edb48f4e9b742a1f36403b7939cfc0aa53f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:11:0b:d5:3c:10:55:e5:f3:4f:44:fe:de:b1:
21:e9:10:da:76:7a:57:66:5b:91:c5:b5:6f:27:f6:
88:d5:d6:0b:1d:f9:48:3d:d9:d2:d4:c8:db:c9:bd:
a7:01:2e:d7:98:6d:24:e2:6a:46:14:f8:92:db:92:
1d:10:4e:55:29:60:c8:88:d6:71:6b:aa:f8:af:62:
a3:fd:47:76:17:b9:68:06:b4:8e:40:11:cd:2f:cc:
df:6f:50:65:c4:5d:69:5e:42:b6:59:55:4b:73:75:
01:4a:c7:0b:4a:1b:43:e8:8e:25:0b:9e:02:6d:3c:
5e:26:b0:cd:77:95:e5:c2:78:ec:5b:e5:c0:30:46:
37:73:f7:71:b1:77:bb:bc:0c:ec:53:f8:27:02:82:
f4:6b:d6:6b:0c:b2:ae:43:c5:d5:9f:3a:3f:33:66:
0f:a6:b9:7c:39:4a:7c:c4:de:a5:52:5d:d6:da:31:
89:91:55:6f:cf:af:c9:67:29:9f:43:c1:6c:8b:d8:
3b:74:e6:0c:77:5a:0e:f9:ee:fd:53:97:41:17:2f:
8b:b5:b9:c8:85:22:37:47:79:1e:3e:9d:10:6f:1e:
e4:b3:be:d4:1d:b5:eb:49:ab:0a:f6:31:55:60:8d:
80:9b:82:b8:d8:24:c2:51:4f:23:cb:07:94:e7:a7:
2c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2E:DB:48:F4:E9:B7:42:A1:F3:64:03:B7:93:9C:FC:0A:A5:3F:4B
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/si7bSPTpt0Kh82QDt5Oc_AqlP0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.161.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b8:02:ab:7f:79:de:0f:5f:44:ba:f0:18:47:41:3e:c8:80:
ed:4f:f7:f7:ee:14:9d:7d:d3:f1:b7:75:e1:58:64:b0:61:10:
07:d5:a2:8c:3a:d9:f6:70:4b:8b:f6:7a:64:e4:0c:50:79:76:
f8:f7:ba:28:f5:5e:b7:ba:3d:b9:17:c2:9d:cd:a9:47:71:2d:
45:94:b9:d2:eb:d6:9c:58:59:f0:53:30:ed:a7:f2:c9:92:36:
75:a9:9d:b8:75:cd:94:e8:8a:91:9a:79:26:17:aa:42:a3:83:
f0:ad:5c:12:ba:a6:14:e1:9d:00:4a:ab:44:a4:68:d5:26:3d:
96:21:85:d4:2c:1e:99:0d:7a:36:3b:7b:e3:0c:ca:e9:c6:47:
ce:2f:cc:39:c1:7a:36:d1:01:0d:89:e6:e0:5f:69:1d:7a:5d:
6d:ef:ba:c8:33:53:b5:a3:7f:9e:83:74:b2:ed:43:22:96:8d:
9d:70:8c:eb:4a:1d:ab:6d:84:65:c6:09:54:c0:11:b5:5e:c2:
44:23:c9:bf:b1:dc:6b:3f:00:55:33:36:9d:de:bc:97:2e:58:
bc:88:23:9d:5b:29:47:99:23:43:4a:83:dc:ab:e4:9b:d7:f3:
1a:02:bc:31:95:90:ee:f3:94:ca:12:87:a5:47:41:26:67:f7:
c0:fc:92:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGU1M04PDmWAnwbLXi4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJlZGI0OGY0ZTliNzQyYTFmMzY0MDNiNzkzOWNmYzBhYTUzZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxEL1TwQVeXzT0T+3rEh6RDadnpX
ZluRxbVvJ/aI1dYLHflIPdnS1Mjbyb2nAS7XmG0k4mpGFPiS25IdEE5VKWDIiNZx
a6r4r2Kj/Ud2F7loBrSOQBHNL8zfb1BlxF1pXkK2WVVLc3UBSscLShtD6I4lC54C
bTxeJrDNd5XlwnjsW+XAMEY3c/dxsXe7vAzsU/gnAoL0a9ZrDLKuQ8XVnzo/M2YP
prl8OUp8xN6lUl3W2jGJkVVvz6/JZymfQ8Fsi9g7dOYMd1oO+e79U5dBFy+LtbnI
hSI3R3kePp0Qbx7ks77UHbXrSasK9jFVYI2Am4K42CTCUU8jyweU56cs7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIu20j06bdCofNkA7eTnPwKpT9LMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvc2k3YlNQVHB0MEtoODJRRHQ1T2NfQXFsUDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7WhMA0G
CSqGSIb3DQEBCwUAA4IBAQBPuAKrf3neD19EuvAYR0E+yIDtT/f37hSdfdPxt3Xh
WGSwYRAH1aKMOtn2cEuL9npk5AxQeXb497oo9V63uj25F8KdzalHcS1FlLnS69ac
WFnwUzDtp/LJkjZ1qZ24dc2U6IqRmnkmF6pCo4PwrVwSuqYU4Z0ASqtEpGjVJj2W
IYXULB6ZDXo2O3vjDMrpxkfOL8w5wXo20QENiebgX2kdel1t77rIM1O1o3+eg3Sy
7UMilo2dcIzrSh2rbYRlxglUwBG1XsJEI8m/sdxrPwBVMzad3ryXLli8iCOdWylH
mSNDSoPcq+Sb1/MaArwxlZDu85TKEoelR0EmZ/fA/JLP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:13 2025 by rpki-client