Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0rohnjb5HQwXsXbo1HMzCHX4L0s.roa
File: 0rohnjb5HQwXsXbo1HMzCHX4L0s.roa (raw, json)
Hash identifier: uShcFIw/WZzATWJuLyI+w4jG9XIQaQlBoHRhsCpwqYg=
Subject key identifier: D2:BA:21:9E:36:F9:1D:0C:17:B1:76:E8:D4:73:33:08:75:F8:2F:4B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570951477DCEAA163465AB4776FB92ED7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0rohnjb5HQwXsXbo1HMzCHX4L0s.roa
Signing time: Mon 02 Jan 2023 03:44:56 +0000
ROA not before: Mon 02 Jan 2023 03:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39906
IP address blocks: 93.170.84.0/22 maxlen: 24
95.46.33.0/24 maxlen: 24
95.46.32.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:14:77:dc:ea:a1:63:46:5a:b4:77:6f:b9:2e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ba219e36f91d0c17b176e8d473330875f82f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:9d:3d:1d:ad:39:ec:f0:12:e9:e6:e0:a5:
b1:8d:1a:77:99:87:21:db:d9:6d:a2:48:3f:b1:e4:
e5:4b:44:16:3c:69:f4:03:b7:c3:28:b3:ae:3b:19:
80:1e:5e:38:33:fb:cc:83:4f:85:c7:11:5d:3b:3e:
9c:f3:d4:73:77:e0:bc:a3:3d:a6:f6:b6:6e:02:7d:
0b:33:6f:de:35:82:51:2f:f3:74:84:53:5a:b3:8f:
ec:b4:40:ca:b6:0d:38:88:a0:4d:cd:0a:03:80:11:
e8:d2:80:88:f7:9b:82:0b:65:90:37:e6:5e:7e:c6:
90:09:f7:fa:8d:5f:fa:ed:94:26:ef:a2:8a:1d:4b:
df:67:63:52:bc:3d:f0:e5:3f:54:93:07:fe:59:5a:
14:fa:6a:fd:32:f9:dd:83:29:d1:91:43:a0:bc:a3:
ce:95:09:0b:5b:2f:58:e3:54:9e:ca:2a:15:47:cb:
64:a3:61:fa:5b:76:c0:3f:7c:af:a6:73:35:e2:48:
ad:22:08:a0:36:ff:a7:cb:c0:b0:af:0b:bd:ee:25:
fa:a7:b2:aa:54:d5:61:2a:8b:ab:de:95:30:11:7e:
78:f7:b1:5e:38:96:e0:c5:c0:17:37:20:82:b7:12:
8d:1a:b0:16:ac:da:5f:77:8e:16:42:c2:5c:fd:44:
df:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BA:21:9E:36:F9:1D:0C:17:B1:76:E8:D4:73:33:08:75:F8:2F:4B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0rohnjb5HQwXsXbo1HMzCHX4L0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.84.0/22
95.46.32.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:2e:f6:22:b1:cf:65:4c:7d:cc:d4:6b:68:ea:19:a6:d0:e8:
92:9c:31:3f:ae:c7:d8:d6:9b:60:f3:e7:48:14:cd:49:f8:f9:
7e:a7:dd:fa:3d:46:78:71:80:28:ff:1a:50:c1:aa:ec:f7:4a:
99:6e:0b:d0:d9:ce:f2:f1:84:f9:dd:dd:84:ac:f6:7c:30:00:
f0:f8:de:00:81:7d:f7:6e:4f:8a:12:86:58:ce:33:10:ee:ea:
57:58:07:d8:1d:2e:37:f4:8c:75:03:d1:21:d1:b2:08:dd:e6:
ba:11:30:7e:fa:34:dd:10:ed:79:4e:34:1c:12:e3:cb:32:d0:
b6:5c:f0:68:b0:2e:d9:ae:6d:d6:8c:d8:9b:9d:86:e8:34:9a:
9a:3a:d8:e9:07:bd:5b:35:b3:fc:d5:21:c9:11:a6:b7:80:a0:
47:95:86:d8:59:78:77:b3:9c:dc:48:21:44:b9:09:47:82:25:
db:b6:83:8e:b4:60:a3:83:fd:be:4c:48:a9:b8:7f:f6:99:d8:
3e:91:1b:c6:2d:69:ea:88:88:6b:0b:46:44:5e:62:1c:38:4e:
d8:66:54:d6:a9:1d:91:8b:41:34:50:58:b8:f5:47:d3:da:76:
be:99:e2:a1:bb:a8:6a:65:61:4c:bb:c2:ca:ff:d6:82:89:89:
87:ab:3f:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlRR33OqhY0ZatHdvuS7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmJhMjE5ZTM2ZjkxZDBjMTdiMTc2ZThkNDczMzMwODc1ZjgyZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhadPR2tOezwEunm4KWxjRp3mYch
29ltokg/seTlS0QWPGn0A7fDKLOuOxmAHl44M/vMg0+FxxFdOz6c89Rzd+C8oz2m
9rZuAn0LM2/eNYJRL/N0hFNas4/stEDKtg04iKBNzQoDgBHo0oCI95uCC2WQN+Ze
fsaQCff6jV/67ZQm76KKHUvfZ2NSvD3w5T9Ukwf+WVoU+mr9MvndgynRkUOgvKPO
lQkLWy9Y41SeyioVR8tko2H6W3bAP3yvpnM14kitIgigNv+ny8Cwrwu97iX6p7Kq
VNVhKour3pUwEX5497FeOJbgxcAXNyCCtxKNGrAWrNpfd44WQsJc/UTfZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNK6IZ42+R0MF7F26NRzMwh1+C9LMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMHJvaG5qYjVIUXdYc1hibzFITXpDSFg0TDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXapUAwQB
Xy4gMA0GCSqGSIb3DQEBCwUAA4IBAQBMLvYisc9lTH3M1Gto6hmm0OiSnDE/rsfY
1ptg8+dIFM1J+Pl+p936PUZ4cYAo/xpQwars90qZbgvQ2c7y8YT53d2ErPZ8MADw
+N4AgX33bk+KEoZYzjMQ7upXWAfYHS439Ix1A9Eh0bII3ea6ETB++jTdEO15TjQc
EuPLMtC2XPBosC7Zrm3WjNibnYboNJqaOtjpB71bNbP81SHJEaa3gKBHlYbYWXh3
s5zcSCFEuQlHgiXbtoOOtGCjg/2+TEipuH/2mdg+kRvGLWnqiIhrC0ZEXmIcOE7Y
ZlTWqR2Ri0E0UFi49UfT2na+meKhu6hqZWFMu8LK/9aCiYmHqz9j
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:38 2025 by rpki-client