Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1BbLoEfE6ba8U5BhG-OhjhFr7b4.roa
File: 1BbLoEfE6ba8U5BhG-OhjhFr7b4.roa (raw, json)
Hash identifier: Gy8AFyVrSCMT781//raaAw/TLpY8q9KFc5nug7MTnb4=
Subject key identifier: D4:16:CB:A0:47:C4:E9:B6:BC:53:90:61:1B:E3:A1:8E:11:6B:ED:BE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0189D58B40DFC126218DB4B148BA4A38643A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1BbLoEfE6ba8U5BhG-OhjhFr7b4.roa
Signing time: Tue 08 Aug 2023 14:27:00 +0000
ROA not before: Tue 08 Aug 2023 14:27:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60286
IP address blocks: 146.120.92.0/24 maxlen: 24
146.120.92.0/23 maxlen: 24
146.120.93.0/24 maxlen: 24
95.47.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:8b:40:df:c1:26:21:8d:b4:b1:48:ba:4a:38:64:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 8 14:27:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d416cba047c4e9b6bc5390611be3a18e116bedbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:40:e5:da:3a:52:20:f3:87:41:8b:de:e3:de:
bd:e1:6e:d4:01:7e:47:60:db:1e:d5:c8:97:23:da:
d7:76:ba:2f:ef:a0:39:fe:16:49:d2:24:d9:0f:f5:
f5:2b:6d:3d:9d:f2:4c:ea:27:61:b9:91:dc:93:89:
5f:73:d3:b0:dd:d4:6a:bc:39:a8:50:95:19:b6:54:
59:41:13:82:12:4b:4d:33:6f:61:be:c3:b1:44:83:
45:94:c7:dc:6d:0b:3b:53:96:3f:c2:96:fb:07:24:
cb:f1:06:45:ca:e7:47:c1:a7:8d:6c:7c:98:d4:e7:
cf:06:c5:58:08:7e:d8:62:4d:42:fc:5f:bd:53:80:
6b:34:d3:7f:08:4e:c0:ef:9d:f5:1b:7b:98:a4:16:
3b:25:e7:71:a7:3a:f6:c6:a0:3a:1f:ee:bd:23:23:
41:1f:0f:8f:a2:7a:54:a8:66:1a:9a:67:e9:3c:54:
50:a1:67:e0:46:4e:3c:26:ef:24:66:9c:03:52:bf:
61:7e:7b:9c:b0:08:b3:b1:9c:88:6b:41:2b:22:d5:
d5:64:de:c8:33:e2:e6:70:88:a8:f8:33:57:7e:dd:
49:e6:11:3c:e9:61:fc:e4:02:34:c5:dd:47:a6:0c:
27:d5:f2:53:61:bd:93:89:00:e2:df:44:14:e7:75:
42:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:16:CB:A0:47:C4:E9:B6:BC:53:90:61:1B:E3:A1:8E:11:6B:ED:BE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1BbLoEfE6ba8U5BhG-OhjhFr7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.188.0/24
146.120.92.0/23
Signature Algorithm: sha256WithRSAEncryption
59:7b:8a:1c:ca:09:75:15:58:f9:2d:62:57:f9:b6:c6:f4:b9:
8d:7a:a1:92:cc:17:20:2e:c2:57:e8:e2:76:d8:aa:4d:c1:49:
6c:02:54:67:e6:c1:e8:d1:52:c3:bc:f3:ec:a0:13:2c:d3:c2:
2b:71:05:ba:cd:c1:57:2d:3a:d5:19:96:4c:8e:f1:a2:04:8f:
17:31:77:58:fb:99:5a:d0:ff:7b:2e:1c:76:8a:43:28:4b:12:
59:e6:8d:5c:aa:9b:8c:b8:16:35:75:f5:95:6e:d9:c5:4f:4c:
09:fb:c7:70:2e:1c:60:69:c4:2e:2f:df:31:f5:68:28:89:73:
fa:fc:db:20:10:26:14:18:c7:94:ba:d3:da:c7:f3:9d:0a:d1:
e5:14:c1:78:44:4b:6f:78:a9:1d:e0:32:28:63:f4:54:2e:53:
e1:6b:01:4e:55:30:b1:f9:5b:10:99:9e:71:4d:f7:07:5e:de:
2c:af:16:4b:aa:73:f5:1b:84:4c:e4:53:b0:57:8c:ad:6e:66:
3a:55:18:d8:98:75:85:2a:0b:42:d3:ab:2c:63:3d:15:5d:84:
37:70:12:c3:25:6b:ba:10:c1:ec:6a:7c:67:9b:74:cc:8c:30:
b5:58:57:1d:f6:e6:96:b8:d7:c4:c0:31:f7:b5:af:f7:d9:69:
ff:19:77:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnVi0DfwSYhjbSxSLpKOGQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwODA4MTQyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE2Y2JhMDQ3YzRlOWI2YmM1MzkwNjExYmUzYTE4ZTExNmJlZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUDl2jpSIPOHQYve49694W7UAX5H
YNse1ciXI9rXdrov76A5/hZJ0iTZD/X1K209nfJM6idhuZHck4lfc9Ow3dRqvDmo
UJUZtlRZQROCEktNM29hvsOxRINFlMfcbQs7U5Y/wpb7ByTL8QZFyudHwaeNbHyY
1OfPBsVYCH7YYk1C/F+9U4BrNNN/CE7A7531G3uYpBY7Jedxpzr2xqA6H+69IyNB
Hw+PonpUqGYammfpPFRQoWfgRk48Ju8kZpwDUr9hfnucsAizsZyIa0ErItXVZN7I
M+LmcIio+DNXft1J5hE86WH85AI0xd1Hpgwn1fJTYb2TiQDi30QU53VC2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNQWy6BHxOm2vFOQYRvjoY4Ra+2+MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMUJiTG9FZkU2YmE4VTVCaEctT2hqaEZyN2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXy+8AwQB
knhcMA0GCSqGSIb3DQEBCwUAA4IBAQBZe4ocygl1FVj5LWJX+bbG9LmNeqGSzBcg
LsJX6OJ22KpNwUlsAlRn5sHo0VLDvPPsoBMs08IrcQW6zcFXLTrVGZZMjvGiBI8X
MXdY+5la0P97Lhx2ikMoSxJZ5o1cqpuMuBY1dfWVbtnFT0wJ+8dwLhxgacQuL98x
9WgoiXP6/NsgECYUGMeUutPax/OdCtHlFMF4REtveKkd4DIoY/RULlPhawFOVTCx
+VsQmZ5xTfcHXt4srxZLqnP1G4RM5FOwV4ytbmY6VRjYmHWFKgtC06ssYz0VXYQ3
cBLDJWu6EMHsanxnm3TMjDC1WFcd9uaWuNfEwDH3ta/32Wn/GXc/
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:49 2025 by rpki-client