Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1KednWgzUQ26oYgb4fOUkjhZIDw.roa
File: 1KednWgzUQ26oYgb4fOUkjhZIDw.roa (raw, json)
Hash identifier: xI1tlJ1LRhmpyoxMvIpZMMRI18fcSBfvaqrIITkCoSk=
Subject key identifier: D4:A7:9D:9D:68:33:51:0D:BA:A1:88:1B:E1:F3:94:92:38:59:20:3C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C86CF5FFE047E9F7062596E24E38E0402
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1KednWgzUQ26oYgb4fOUkjhZIDw.roa
Signing time: Wed 20 Dec 2023 10:39:46 +0000
ROA not before: Wed 20 Dec 2023 10:39:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35004
IP address blocks: 93.170.116.0/22 maxlen: 24
93.170.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:cf:5f:fe:04:7e:9f:70:62:59:6e:24:e3:8e:04:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 20 10:39:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4a79d9d6833510dbaa1881be1f394923859203c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:0e:67:70:88:bd:de:85:37:e0:63:bb:88:
97:93:10:34:5e:9c:88:75:c2:4d:2d:5c:75:a5:43:
ee:a4:2f:fb:9a:d3:72:30:93:92:6f:c4:cf:63:6a:
0f:78:68:39:45:6a:11:9f:aa:9f:1e:a9:a2:3a:0c:
37:16:3b:77:e1:93:16:d2:ca:db:60:6f:75:3e:a6:
9d:3b:82:4d:5b:37:a0:c8:d5:0c:85:67:cb:1f:57:
f0:a4:38:bf:b0:e6:98:9c:d6:35:9f:50:d9:8c:9e:
0b:b3:53:91:b2:e1:c0:28:be:ab:46:ae:5d:f5:82:
da:7d:91:03:fe:b5:f9:0d:4b:9c:eb:14:1d:68:4e:
4a:da:2a:d4:89:8a:9a:31:3b:e7:b6:22:3f:6c:10:
71:e1:5e:f4:eb:cd:c1:19:ca:b6:69:d0:1e:33:ea:
c4:e5:1f:5d:fe:9f:c1:5f:6a:91:fd:be:7f:c3:4a:
a4:b2:7a:18:53:ad:af:ca:36:5c:a9:dc:18:fb:c6:
1b:93:44:5a:b6:9b:02:15:d9:c5:8b:27:4a:05:72:
57:f9:2a:9b:22:13:3c:74:4c:a5:47:a6:7b:d1:07:
9b:8c:28:27:18:06:d8:57:e0:2e:18:b0:4e:73:14:
22:d0:83:71:2a:bf:f2:92:0e:00:a2:ac:fc:cf:58:
44:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A7:9D:9D:68:33:51:0D:BA:A1:88:1B:E1:F3:94:92:38:59:20:3C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1KednWgzUQ26oYgb4fOUkjhZIDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:9e:ff:a9:02:ca:10:97:25:42:60:a9:ec:97:b9:29:02:84:
a8:c9:f9:96:f1:b7:d6:f9:a0:0f:27:84:97:68:a9:25:c3:2f:
5f:99:47:0d:06:53:d0:8c:46:5b:99:52:7e:4b:ed:c9:6c:e7:
55:9b:ab:e8:f4:3e:07:14:cd:17:7f:95:29:68:cb:ef:0b:c3:
ed:5b:02:1b:3c:a5:40:85:3e:61:ee:2f:59:d0:5b:d6:ac:56:
c1:64:df:aa:d0:e2:cf:2d:e0:94:1e:14:09:7a:33:8a:f6:2e:
4b:64:4c:75:7f:31:ff:63:77:f1:fb:08:ab:2c:13:68:ed:00:
06:5e:70:1f:20:75:67:4e:8a:0a:12:ef:4c:ad:c8:66:43:9f:
e5:24:94:e5:78:0b:19:c6:e6:08:7e:19:43:97:ca:d7:99:24:
cb:e8:af:e7:15:b5:e3:be:d1:65:4a:5a:75:be:f2:2b:92:b1:
3b:04:a2:90:ea:85:52:7d:e5:fb:3b:4a:f6:bc:0e:12:48:ba:
27:99:e1:79:9f:cb:e3:66:f4:aa:92:55:78:71:93:b7:19:1e:
e2:f8:64:79:0e:60:fb:ed:55:df:72:83:cc:f6:02:7d:8a:a9:
24:a5:83:38:47:17:e3:b2:3f:23:8b:63:6c:d4:ac:bd:a8:72:
35:78:d1:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyGz1/+BH6fcGJZbiTjjgQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMjIwMTAzOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE3OWQ5ZDY4MzM1MTBkYmFhMTg4MWJlMWYzOTQ5MjM4NTkyMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIwOZ3CIvd6FN+Bju4iXkxA0XpyI
dcJNLVx1pUPupC/7mtNyMJOSb8TPY2oPeGg5RWoRn6qfHqmiOgw3Fjt34ZMW0srb
YG91PqadO4JNWzegyNUMhWfLH1fwpDi/sOaYnNY1n1DZjJ4Ls1ORsuHAKL6rRq5d
9YLafZED/rX5DUuc6xQdaE5K2irUiYqaMTvntiI/bBBx4V70683BGcq2adAeM+rE
5R9d/p/BX2qR/b5/w0qksnoYU62vyjZcqdwY+8Ybk0RatpsCFdnFiydKBXJX+Sqb
IhM8dEylR6Z70QebjCgnGAbYV+AuGLBOcxQi0INxKr/ykg4Aoqz8z1hEHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSnnZ1oM1ENuqGIG+HzlJI4WSA8MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMUtlZG5XZ3pVUTI2b1lnYjRmT1VramhaSUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXap0MA0G
CSqGSIb3DQEBCwUAA4IBAQCanv+pAsoQlyVCYKnsl7kpAoSoyfmW8bfW+aAPJ4SX
aKklwy9fmUcNBlPQjEZbmVJ+S+3JbOdVm6vo9D4HFM0Xf5UpaMvvC8PtWwIbPKVA
hT5h7i9Z0FvWrFbBZN+q0OLPLeCUHhQJejOK9i5LZEx1fzH/Y3fx+wirLBNo7QAG
XnAfIHVnTooKEu9MrchmQ5/lJJTleAsZxuYIfhlDl8rXmSTL6K/nFbXjvtFlSlp1
vvIrkrE7BKKQ6oVSfeX7O0r2vA4SSLonmeF5n8vjZvSqklV4cZO3GR7i+GR5DmD7
7VXfcoPM9gJ9iqkkpYM4Rxfjsj8ji2Ns1Ky9qHI1eNGy
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:49 2025 by rpki-client