Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/gaOh4dRANA1L6Htcm-OdaW1WqyU.roa
File: gaOh4dRANA1L6Htcm-OdaW1WqyU.roa (raw, json)
Hash identifier: V0dGQBVXKaSspgJZ7ffRktG1OCKNxo1MG7vzNcgEjTo=
Subject key identifier: 81:A3:A1:E1:D4:40:34:0D:4B:E8:7B:5C:9B:E3:9D:69:6D:56:AB:25
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C48561FFDD87F65BB92BA282AEF05DBAE
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/gaOh4dRANA1L6Htcm-OdaW1WqyU.roa
Signing time: Fri 08 Dec 2023 07:30:52 +0000
ROA not before: Fri 08 Dec 2023 07:30:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 95.82.0.0/21 maxlen: 21
95.82.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:48:56:1f:fd:d8:7f:65:bb:92:ba:28:2a:ef:05:db:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 8 07:30:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81a3a1e1d440340d4be87b5c9be39d696d56ab25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:0d:40:c3:a4:a3:a5:9c:81:be:55:ff:0f:2e:
e4:58:5a:52:31:6b:31:6b:33:7d:ea:3c:fd:ff:6e:
29:cd:02:23:9c:f2:6d:35:9e:2a:b4:d8:f1:90:f5:
3d:44:1c:86:81:cf:1a:3f:b0:48:03:44:57:4f:46:
51:42:f8:47:e8:9c:22:78:e2:05:d8:cc:be:cc:59:
99:81:20:85:89:b8:7c:c5:33:fd:e2:e7:cc:aa:d3:
d8:1f:ba:34:54:a2:3a:41:2e:ec:0e:eb:bf:2f:68:
b2:a0:e4:83:eb:5e:cc:44:3f:d7:f4:b9:a2:a7:62:
2c:75:ce:5e:11:30:18:a4:b5:0a:bc:61:33:dd:ce:
52:c7:fd:46:ff:94:e8:ac:83:fa:d4:a2:ab:c1:c8:
bd:a5:63:ab:5f:36:f1:0b:b0:4c:ab:f0:2a:bf:b4:
07:71:08:04:a1:78:e1:31:1b:32:62:92:75:24:b5:
5e:12:2d:2c:92:7f:0c:e7:03:8b:e2:8d:39:88:cc:
95:f0:f8:bc:7f:f5:ba:9d:b2:16:aa:3e:47:56:53:
cc:6b:30:bc:ba:98:f0:85:94:b3:11:ab:7c:f8:a2:
d0:92:aa:2c:33:bc:fc:95:8a:40:65:61:48:ea:e7:
14:82:a1:c1:bb:57:3e:d2:38:fd:0f:ea:7d:16:bd:
e9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A3:A1:E1:D4:40:34:0D:4B:E8:7B:5C:9B:E3:9D:69:6D:56:AB:25
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/gaOh4dRANA1L6Htcm-OdaW1WqyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/20
Signature Algorithm: sha256WithRSAEncryption
63:33:54:19:e3:1c:19:35:4c:87:76:17:94:b4:34:32:ef:b2:
64:39:79:b4:4d:d8:64:27:e6:3f:67:ee:6e:77:c0:48:ed:53:
8a:0e:0d:47:97:c3:f9:9f:55:c3:3a:17:e3:27:65:70:cf:3f:
58:51:9b:94:21:d5:17:0d:e9:29:68:d3:7d:9e:33:c7:b5:ed:
30:f2:4c:9e:15:92:92:36:9c:2a:fd:77:a9:99:cb:45:b6:1a:
54:38:81:70:68:c4:8b:1d:77:40:46:5c:2f:f0:63:37:db:5f:
67:f9:47:52:98:3f:69:d2:6d:cc:37:c5:0f:c3:4c:dd:78:88:
bf:39:df:d9:ae:24:02:bc:c6:55:e7:1a:58:39:a3:9a:90:f2:
8c:e7:f0:ef:a0:59:94:06:c2:20:23:7f:09:eb:f7:ae:0f:d1:
cd:e2:cd:64:e8:30:07:0c:54:c6:a7:8e:d8:f5:b0:d1:9b:fa:
09:ab:2f:9a:a1:35:ab:29:89:bc:7a:bc:0f:84:8c:58:e0:39:
c9:9e:95:25:f6:c4:3c:de:39:e2:21:5c:3a:e8:b7:01:09:76:
2d:d6:ad:48:46:03:f3:c9:a2:31:32:0d:c1:f7:cc:e0:55:52:
10:44:48:3a:60:d6:53:2d:bd:24:e6:44:0e:95:99:20:80:cd:
a6:08:ac:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxIVh/92H9lu5K6KCrvBduuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjA4MDczMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEzYTFlMWQ0NDAzNDBkNGJlODdiNWM5YmUzOWQ2OTZkNTZhYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6w1Aw6SjpZyBvlX/Dy7kWFpSMWsx
azN96jz9/24pzQIjnPJtNZ4qtNjxkPU9RByGgc8aP7BIA0RXT0ZRQvhH6JwieOIF
2My+zFmZgSCFibh8xTP94ufMqtPYH7o0VKI6QS7sDuu/L2iyoOSD617MRD/X9Lmi
p2Isdc5eETAYpLUKvGEz3c5Sx/1G/5TorIP61KKrwci9pWOrXzbxC7BMq/Aqv7QH
cQgEoXjhMRsyYpJ1JLVeEi0skn8M5wOL4o05iMyV8Pi8f/W6nbIWqj5HVlPMazC8
upjwhZSzEat8+KLQkqosM7z8lYpAZWFI6ucUgqHBu1c+0jj9D+p9Fr3pgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGjoeHUQDQNS+h7XJvjnWltVqslMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZ2FPaDRkUkFOQTFMNkh0Y20tT2RhVzFXcXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEX1IAMA0G
CSqGSIb3DQEBCwUAA4IBAQBjM1QZ4xwZNUyHdheUtDQy77JkOXm0TdhkJ+Y/Z+5u
d8BI7VOKDg1Hl8P5n1XDOhfjJ2Vwzz9YUZuUIdUXDekpaNN9njPHte0w8kyeFZKS
Npwq/XepmctFthpUOIFwaMSLHXdARlwv8GM3219n+UdSmD9p0m3MN8UPw0zdeIi/
Od/ZriQCvMZV5xpYOaOakPKM5/DvoFmUBsIgI38J6/euD9HN4s1k6DAHDFTGp47Y
9bDRm/oJqy+aoTWrKYm8erwPhIxY4DnJnpUl9sQ83jniIVw66LcBCXYt1q1IRgPz
yaIxMg3B98zgVVIQREg6YNZTLb0k5kQOlZkggM2mCKy5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:18 2025 by rpki-client