Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2O7i4AnACwOL6rM2x51GdzWpS7E.roa
File: 2O7i4AnACwOL6rM2x51GdzWpS7E.roa (raw, json)
Hash identifier: QXyHIxbloT/DtdpLbV3rCE7xBz8PFTeJcOFeAWjn05c=
Subject key identifier: D8:EE:E2:E0:09:C0:0B:03:8B:EA:B3:36:C7:9D:46:77:35:A9:4B:B1
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709569C14981372C92D9407B44E7F031
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2O7i4AnACwOL6rM2x51GdzWpS7E.roa
Signing time: Mon 02 Jan 2023 03:45:18 +0000
ROA not before: Mon 02 Jan 2023 03:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60245
IP address blocks: 95.46.148.0/24 maxlen: 24
95.46.149.0/24 maxlen: 24
93.170.92.0/23 maxlen: 24
31.148.172.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:69:c1:49:81:37:2c:92:d9:40:7b:44:e7:f0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8eee2e009c00b038beab336c79d467735a94bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4e:0c:4b:4d:f2:3c:7e:75:31:2f:bb:37:3e:
89:8a:00:fe:81:99:40:77:02:2f:eb:56:72:8e:37:
7b:e8:5d:db:bf:16:fc:84:da:a0:9c:c5:fb:56:a5:
cf:42:28:15:1d:80:21:90:1b:97:73:26:cf:b2:bf:
65:66:12:ee:26:80:ac:9a:bd:ae:8b:8c:5e:9e:3e:
dc:1b:ef:4d:81:80:c8:0d:31:dd:fb:95:22:6c:03:
e5:67:03:39:25:37:34:f9:69:f1:49:e5:47:20:69:
5d:df:69:3e:73:47:82:ad:c8:2b:08:0d:a9:ba:bd:
14:64:45:37:2a:59:c3:49:79:db:3a:46:b2:25:12:
45:58:a2:c8:be:ae:4f:c6:2e:37:57:7b:f7:38:64:
3f:4f:59:96:da:a4:58:c9:12:a1:92:95:e1:da:2c:
00:40:df:b1:f5:7c:b1:35:f4:f7:09:a0:49:c3:56:
08:92:96:28:9a:42:17:3e:60:3f:8d:b6:94:60:a8:
60:cf:22:e2:d7:72:9c:5d:ed:da:ce:1a:95:21:ad:
63:d5:1c:63:ec:ef:b0:0b:7d:eb:28:c1:2b:47:6c:
82:84:c0:1e:24:ae:4d:d6:e5:14:96:78:3e:04:cc:
07:00:40:60:52:7b:5e:33:66:41:b0:f9:8c:15:86:
fc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EE:E2:E0:09:C0:0B:03:8B:EA:B3:36:C7:9D:46:77:35:A9:4B:B1
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2O7i4AnACwOL6rM2x51GdzWpS7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.172.0/23
93.170.92.0/23
95.46.148.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:9a:0b:e4:3b:b6:95:1b:a9:f2:45:24:ad:bd:b3:6e:29:35:
98:82:d4:1c:12:ff:29:c2:a6:18:e6:3d:82:fc:5d:8f:cb:f6:
a9:64:fa:f9:ca:42:04:c9:24:28:36:91:4b:b3:55:6e:fc:02:
8c:b5:a6:f1:da:61:6c:9c:2f:28:8b:f2:3a:ae:14:b1:67:56:
9b:4d:dc:0d:27:ae:0a:b1:dc:04:ef:3b:d4:93:d7:f8:b5:f5:
fd:d1:44:eb:c1:af:97:2a:77:1a:47:89:86:08:61:69:c6:13:
51:53:2f:3b:b9:f2:91:1c:a1:e3:31:db:86:bb:bd:8b:b1:87:
43:56:50:c6:55:de:bc:1a:30:f2:ba:16:09:af:10:f5:2e:8e:
c8:e9:ee:da:12:00:d3:5e:eb:cb:63:1f:ef:9d:42:9c:6d:55:
97:95:56:c0:a9:19:ad:22:8c:79:3f:af:41:4c:6e:72:33:fa:
ee:af:18:bc:9e:2f:14:96:05:81:b5:fd:56:26:c8:da:b5:f6:
93:e7:10:19:2c:85:a1:3f:51:3c:ce:56:a6:64:36:08:95:70:
3e:e7:78:6f:a3:d0:0f:f3:e6:db:9e:b0:47:9a:dc:a7:0f:1b:
b3:2a:c8:af:9d:37:90:5e:df:79:7b:2f:7f:18:23:a1:b5:da:
0c:7d:88:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlWnBSYE3LJLZQHtE5/AxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGVlZTJlMDA5YzAwYjAzOGJlYWIzMzZjNzlkNDY3NzM1YTk0YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8k4MS03yPH51MS+7Nz6JigD+gZlA
dwIv61Zyjjd76F3bvxb8hNqgnMX7VqXPQigVHYAhkBuXcybPsr9lZhLuJoCsmr2u
i4xenj7cG+9NgYDIDTHd+5UibAPlZwM5JTc0+WnxSeVHIGld32k+c0eCrcgrCA2p
ur0UZEU3KlnDSXnbOkayJRJFWKLIvq5Pxi43V3v3OGQ/T1mW2qRYyRKhkpXh2iwA
QN+x9XyxNfT3CaBJw1YIkpYomkIXPmA/jbaUYKhgzyLi13KcXe3azhqVIa1j1Rxj
7O+wC33rKMErR2yChMAeJK5N1uUUlng+BMwHAEBgUnteM2ZBsPmMFYb8qQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNju4uAJwAsDi+qzNsedRnc1qUuxMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMk83aTRBbkFDd09MNnJNMng1MUdkeldwUzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH5SsAwQB
XapcAwQBXy6UMA0GCSqGSIb3DQEBCwUAA4IBAQBumgvkO7aVG6nyRSStvbNuKTWY
gtQcEv8pwqYY5j2C/F2Py/apZPr5ykIEySQoNpFLs1Vu/AKMtabx2mFsnC8oi/I6
rhSxZ1abTdwNJ64KsdwE7zvUk9f4tfX90UTrwa+XKncaR4mGCGFpxhNRUy87ufKR
HKHjMduGu72LsYdDVlDGVd68GjDyuhYJrxD1Lo7I6e7aEgDTXuvLYx/vnUKcbVWX
lVbAqRmtIox5P69BTG5yM/rurxi8ni8UlgWBtf1WJsjatfaT5xAZLIWhP1E8zlam
ZDYIlXA+53hvo9AP8+bbnrBHmtynDxuzKsivnTeQXt95ey9/GCOhtdoMfYjU
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:38:56 2025 by rpki-client