Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-y3ZmQZzvPqSyraQnQkGGdOkr60.roa
File: 1-y3ZmQZzvPqSyraQnQkGGdOkr60.roa (raw, json)
Hash identifier: MfhjvytLapUKU3x+cb0NdgzQLpsZkQYe2jgaC/evxSU=
Subject key identifier: FB:2D:D9:99:06:73:BC:FA:92:CA:B6:90:9D:09:06:19:D3:A4:AF:AD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095C06B350C704073A75B8AA6BFA14B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-y3ZmQZzvPqSyraQnQkGGdOkr60.roa
Signing time: Mon 02 Jan 2023 03:45:40 +0000
ROA not before: Mon 02 Jan 2023 03:45:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212463
IP address blocks: 31.148.149.0/24 maxlen: 24
95.47.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:c0:6b:35:0c:70:40:73:a7:5b:8a:a6:bf:a1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb2dd9990673bcfa92cab6909d090619d3a4afad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:73:f2:4a:d4:c5:04:6a:96:36:65:a5:0f:
76:61:6c:03:d1:0e:95:c0:52:16:b6:98:4e:c4:6e:
ee:63:79:97:fb:5d:23:8a:f1:0a:a9:36:63:22:22:
f0:08:ec:a7:62:55:bc:96:8d:d6:b5:0a:8c:d8:e9:
c2:26:bf:eb:83:d8:71:ea:71:bf:7c:79:1b:70:af:
cf:e1:79:6e:17:72:f2:96:25:bd:71:23:b5:b6:ee:
5c:b3:c8:f4:ce:3a:8d:3e:6e:d4:d5:f6:ab:df:26:
64:1a:bf:b9:00:74:c3:79:1c:a9:75:e3:fe:a8:a8:
40:aa:ff:38:da:d9:1c:1f:8c:53:73:dd:cc:8c:58:
b0:5c:5c:8f:6c:85:90:ea:65:af:5b:15:3d:75:bb:
fa:6a:08:6c:b7:10:23:69:88:d9:e8:95:b4:8a:f3:
06:f2:8b:42:f6:c8:e1:b3:4b:28:90:28:e4:c3:74:
a9:da:5c:b6:69:e4:dd:29:c4:09:ef:e7:23:e3:57:
37:ae:f7:ea:f3:fd:7f:38:ad:9b:4f:d1:99:c0:58:
6f:90:8c:7c:1c:18:26:52:6b:ed:5a:99:9c:a7:aa:
8d:f0:87:4a:91:02:59:14:95:7d:8d:ea:39:fc:f5:
75:11:fc:91:1b:ed:cd:51:ee:21:fc:a0:65:52:a0:
a0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:2D:D9:99:06:73:BC:FA:92:CA:B6:90:9D:09:06:19:D3:A4:AF:AD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-y3ZmQZzvPqSyraQnQkGGdOkr60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.149.0/24
95.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b6:08:c4:ea:8e:43:fa:e4:3b:c7:35:12:c6:18:03:b1:7e:
c0:0c:7c:4d:49:39:e2:2e:3c:65:5a:1e:6a:f7:9c:4a:b8:0f:
56:bc:73:b3:03:1c:e0:18:54:bf:e2:33:f7:af:89:09:bf:09:
17:52:64:30:d2:66:9f:ea:2c:06:8b:d4:8e:e7:76:1e:12:ee:
db:a8:5d:44:93:25:14:0e:c3:60:23:c3:11:fa:02:89:f3:a1:
f7:d8:07:8f:54:07:94:4b:a3:15:e7:f2:65:5f:4c:43:96:61:
6f:97:ab:e4:bb:ab:20:51:7d:64:ec:20:1e:a2:61:46:00:cb:
80:5e:57:63:c5:8d:eb:36:2e:8c:15:a5:c1:a6:fc:2b:cf:9e:
27:06:04:5e:26:5e:cc:82:39:23:12:d5:e1:5b:ee:af:ba:fe:
c5:7f:c8:b3:15:2e:2d:3d:d2:d1:95:4a:8a:e7:a8:40:f4:c4:
75:48:71:9f:c8:86:45:b2:77:7f:85:ea:c0:67:4a:00:10:f2:
20:3e:93:01:33:db:73:4d:a5:d8:42:f7:28:1f:df:3a:ab:53:
0f:ff:1d:9f:71:db:d0:b3:95:1e:10:d5:fd:b4:ee:a0:5c:ce:
f6:3d:32:8e:3b:a4:ca:a5:4a:0d:72:5c:c2:86:e0:33:bc:2b:
29:19:ab:3d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVwlcBrNQxwQHOnW4qmv6FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjJkZDk5OTA2NzNiY2ZhOTJjYWI2OTA5ZDA5MDYxOWQzYTRhZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi71z8krUxQRqljZlpQ92YWwD0Q6V
wFIWtphOxG7uY3mX+10jivEKqTZjIiLwCOynYlW8lo3WtQqM2OnCJr/rg9hx6nG/
fHkbcK/P4XluF3LyliW9cSO1tu5cs8j0zjqNPm7U1far3yZkGr+5AHTDeRypdeP+
qKhAqv842tkcH4xTc93MjFiwXFyPbIWQ6mWvWxU9dbv6aghstxAjaYjZ6JW0ivMG
8otC9sjhs0sokCjkw3Sp2ly2aeTdKcQJ7+cj41c3rvfq8/1/OK2bT9GZwFhvkIx8
HBgmUmvtWpmcp6qN8IdKkQJZFJV9jeo5/PV1EfyRG+3NUe4h/KBlUqCgbwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPst2ZkGc7z6ksq2kJ0JBhnTpK+tMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS15M1ptUVp6dlBxU3lyYVFuUWtHR2RPa3I2MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB+UlQME
AF8vOzANBgkqhkiG9w0BAQsFAAOCAQEAHrYIxOqOQ/rkO8c1EsYYA7F+wAx8TUk5
4i48ZVoeavecSrgPVrxzswMc4BhUv+Iz96+JCb8JF1JkMNJmn+osBovUjud2HhLu
26hdRJMlFA7DYCPDEfoCifOh99gHj1QHlEujFefyZV9MQ5Zhb5er5LurIFF9ZOwg
HqJhRgDLgF5XY8WN6zYujBWlwab8K8+eJwYEXiZezII5IxLV4Vvur7r+xX/IsxUu
LT3S0ZVKiueoQPTEdUhxn8iGRbJ3f4XqwGdKABDyID6TATPbc02l2EL3KB/fOqtT
D/8dn3Hb0LOVHhDV/bTuoFzO9j0yjjukyqVKDXJcwobgM7wrKRmrPQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:22 2025 by rpki-client