Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Kcpw5VuB0_1mbQX2KgtJSZk2Y8.roa
File: 1Kcpw5VuB0_1mbQX2KgtJSZk2Y8.roa (raw, json)
Hash identifier: b1eLuDHVXER6bf0JorwF0YMmWEIWPtCFbPybcTXgbX4=
Subject key identifier: D4:A7:29:C3:95:6E:07:4F:F5:99:B4:17:D8:A8:2D:25:26:64:D9:8F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A554BAC81A817B41BFED5152461A9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Kcpw5VuB0_1mbQX2KgtJSZk2Y8.roa
Signing time: Tue 02 Jan 2024 12:33:41 +0000
ROA not before: Tue 02 Jan 2024 12:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211587
IP address blocks: 93.170.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:55:4b:ac:81:a8:17:b4:1b:fe:d5:15:24:61:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4a729c3956e074ff599b417d8a82d252664d98f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:78:8e:77:5a:0c:21:d1:19:fa:aa:a8:b7:2f:
3d:c4:8c:cd:2b:b0:2d:de:b6:f7:b9:16:ac:73:92:
67:79:51:fd:e7:e5:f0:5b:31:c2:92:8b:1c:ca:8d:
85:ab:df:ac:4b:4f:d3:3e:d0:8c:f5:91:32:e3:e3:
32:26:14:f7:ca:13:e9:6d:e3:7c:28:cf:fd:1e:28:
20:65:b2:5a:79:3c:fa:37:52:fd:37:9f:78:92:42:
5d:e7:37:45:0d:97:2a:d9:4c:f9:60:5b:b5:eb:b5:
b7:f8:c2:15:44:65:93:db:9f:2b:c7:9b:0c:0b:06:
29:2d:ec:a1:32:03:77:4c:a7:1a:90:31:1f:b4:19:
87:c1:86:48:6f:eb:00:a1:28:a5:ca:4d:e5:72:36:
ee:ba:9e:03:9f:4a:fd:94:2f:d2:e3:4b:db:b0:f3:
5d:a4:a0:85:47:f5:8c:a2:50:f9:01:3d:6c:f5:6c:
aa:70:54:21:b9:f9:6c:32:51:22:44:91:5f:83:f7:
6b:fd:f7:5b:5f:23:31:14:3a:69:46:5d:9b:e9:3f:
2e:95:27:a7:a0:70:52:74:fc:d8:49:d8:de:61:e1:
a0:c6:40:b1:f7:b2:99:61:cc:3d:d0:14:29:d3:48:
1b:da:03:3d:9d:12:79:ef:f8:02:e3:51:4e:20:6d:
e0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A7:29:C3:95:6E:07:4F:F5:99:B4:17:D8:A8:2D:25:26:64:D9:8F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Kcpw5VuB0_1mbQX2KgtJSZk2Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.141.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0e:86:9b:53:f3:69:42:bc:d2:76:a9:9c:d3:ca:46:b8:4f:
92:30:dd:c7:ad:b9:cc:ba:e5:39:6f:ca:ed:c5:78:5d:94:a6:
13:d9:6d:f8:8d:fd:71:2b:ef:b1:a5:1f:3d:13:d3:53:15:d6:
77:cb:bb:c2:3e:dc:a8:d2:64:68:1f:05:4a:38:27:5b:71:1e:
ca:3c:c0:09:38:60:83:26:30:3f:68:50:65:2a:94:df:83:9e:
34:25:54:57:16:db:bc:87:9d:3d:4f:b9:53:4c:15:d3:8e:87:
da:e5:d3:17:ad:44:f3:22:0f:1b:bd:31:0b:55:5e:fe:c7:51:
76:59:e9:ac:ae:67:23:31:19:ea:b6:f3:ed:c8:35:f1:42:2b:
35:53:a6:06:7e:6e:48:4e:db:17:62:f5:40:83:cd:45:a4:59:
b7:7b:aa:eb:41:91:34:a1:81:90:1c:9f:b0:fa:f4:37:d3:9e:
e9:b4:52:12:4f:ce:70:e2:2f:ea:5f:e1:32:a8:0a:89:d0:fa:
ef:da:ac:34:f0:5b:3a:fa:1f:c6:e2:de:92:65:05:3e:ce:7f:
49:e9:81:0d:49:37:79:1c:1c:f4:d0:2d:c8:b3:dd:59:d9:39:
fa:90:90:69:5f:b1:70:b1:02:91:92:3b:22:b1:d8:6a:00:96:
19:d0:fe:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKlVLrIGoF7Qb/tUVJGGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE3MjljMzk1NmUwNzRmZjU5OWI0MTdkOGE4MmQyNTI2NjRkOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3iOd1oMIdEZ+qqoty89xIzNK7At
3rb3uRasc5JneVH95+XwWzHCkoscyo2Fq9+sS0/TPtCM9ZEy4+MyJhT3yhPpbeN8
KM/9HiggZbJaeTz6N1L9N594kkJd5zdFDZcq2Uz5YFu167W3+MIVRGWT258rx5sM
CwYpLeyhMgN3TKcakDEftBmHwYZIb+sAoSilyk3lcjbuup4Dn0r9lC/S40vbsPNd
pKCFR/WMolD5AT1s9WyqcFQhuflsMlEiRJFfg/dr/fdbXyMxFDppRl2b6T8ulSen
oHBSdPzYSdjeYeGgxkCx97KZYcw90BQp00gb2gM9nRJ57/gC41FOIG3gMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSnKcOVbgdP9Zm0F9ioLSUmZNmPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMUtjcHc1VnVCMF8xbWJRWDJLZ3RKU1prMlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaqNMA0G
CSqGSIb3DQEBCwUAA4IBAQBaDoabU/NpQrzSdqmc08pGuE+SMN3HrbnMuuU5b8rt
xXhdlKYT2W34jf1xK++xpR89E9NTFdZ3y7vCPtyo0mRoHwVKOCdbcR7KPMAJOGCD
JjA/aFBlKpTfg540JVRXFtu8h509T7lTTBXTjofa5dMXrUTzIg8bvTELVV7+x1F2
WemsrmcjMRnqtvPtyDXxQis1U6YGfm5ITtsXYvVAg81FpFm3e6rrQZE0oYGQHJ+w
+vQ3057ptFIST85w4i/qX+EyqAqJ0Prv2qw08Fs6+h/G4t6SZQU+zn9J6YENSTd5
HBz00C3Is91Z2Tn6kJBpX7FwsQKRkjsisdhqAJYZ0P4B
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:23 2025 by rpki-client