Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2RrX7oPTdTnB9XDxNkWEc8V7Xso.roa
File: 2RrX7oPTdTnB9XDxNkWEc8V7Xso.roa (raw, json)
Hash identifier: BIUY19hogywB+cIcVna4K7BncI1cup6JG/Dt9oT8M4k=
Subject key identifier: D9:1A:D7:EE:83:D3:75:39:C1:F5:70:F1:36:45:84:73:C5:7B:5E:CA
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570959D0D9C8C65A047E503416214DC11
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2RrX7oPTdTnB9XDxNkWEc8V7Xso.roa
Signing time: Mon 02 Jan 2023 03:45:31 +0000
ROA not before: Mon 02 Jan 2023 03:45:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204752
IP address blocks: 95.47.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:9d:0d:9c:8c:65:a0:47:e5:03:41:62:14:dc:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d91ad7ee83d37539c1f570f136458473c57b5eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:15:46:a1:c2:4a:c8:4a:8b:4b:5e:10:82:45:
be:65:fd:5c:8c:20:86:a9:8d:ec:bb:66:9e:b4:64:
58:7f:9f:81:e5:a8:b4:af:9c:61:94:24:fd:fa:10:
ea:6a:26:1a:89:c6:cb:01:02:e4:1c:54:f9:a6:34:
3a:28:5b:c0:d1:44:ed:15:6d:5b:e5:5a:fc:f3:e4:
67:1c:0e:79:5f:db:4a:3a:80:6d:d0:4d:12:17:b8:
37:27:2f:64:ce:70:1a:85:d3:25:ae:70:d5:73:27:
7a:67:bb:d1:3d:3f:ec:95:6c:77:c5:c5:77:4e:16:
c6:3f:33:3d:a1:56:5c:2f:93:77:f8:d4:78:d2:08:
20:84:b9:7b:a8:fc:1c:0e:a8:ef:29:bd:c9:ff:5c:
36:d9:63:65:20:f4:57:a6:c2:d4:57:05:f4:ea:1c:
07:d9:59:27:8f:3b:73:eb:2f:bd:1e:3c:fd:e5:5c:
77:39:2f:c4:c0:40:18:73:b0:58:cc:e4:4f:31:7f:
cf:2c:5a:9a:dc:ca:4f:a0:88:35:a4:ce:cd:83:66:
ee:07:8f:c0:59:15:06:5b:12:d5:c9:b1:18:9e:a6:
30:ed:98:10:11:e1:6f:3f:ee:8b:d3:72:d2:1b:e4:
5a:f0:55:ad:1f:8c:db:a4:bd:53:fc:e9:6d:0a:7f:
db:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1A:D7:EE:83:D3:75:39:C1:F5:70:F1:36:45:84:73:C5:7B:5E:CA
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2RrX7oPTdTnB9XDxNkWEc8V7Xso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.118.0/24
Signature Algorithm: sha256WithRSAEncryption
20:2f:4c:89:6e:0e:d3:a1:46:51:91:97:8d:dc:15:5c:77:04:
93:af:19:dd:6d:43:1c:26:20:4f:c0:41:dd:29:5e:b4:a1:5b:
aa:16:82:45:f5:6f:a4:ef:fe:99:b7:74:31:21:28:fb:e1:49:
ae:31:bf:81:21:8e:a4:68:00:75:15:cb:39:85:3d:5b:66:1a:
6a:6c:d5:28:4e:56:62:76:85:70:0b:fc:25:bf:86:11:25:74:
39:4d:7d:ae:1a:99:42:4e:fc:c7:8f:f9:d6:1e:5a:fd:70:4d:
9d:7a:05:16:73:1b:f0:a2:a5:cb:f9:2b:5d:ff:80:69:8f:3f:
f6:40:ae:01:ac:43:86:08:93:a9:a1:61:5f:15:58:67:d7:91:
0e:a7:d1:be:d7:eb:a5:15:f7:c5:fe:0c:a1:9f:8d:7b:65:7b:
d4:19:8c:a7:6a:da:7f:60:3b:b2:f2:b2:35:49:eb:05:81:40:
41:0e:31:7c:45:5b:fb:a4:8a:78:83:95:cc:1e:a6:bb:89:5c:
a0:5d:93:f1:d9:06:fb:2f:0b:f0:08:60:05:b8:b7:a2:e0:7f:
6a:b7:4e:02:fd:93:6f:b4:bd:6d:a8:c3:d1:77:db:f1:f9:54:
4b:45:25:04:57:15:99:a4:d7:01:d4:5e:c2:e7:86:a6:3b:b1:
e0:4b:04:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlZ0NnIxloEflA0FiFNwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFhZDdlZTgzZDM3NTM5YzFmNTcwZjEzNjQ1ODQ3M2M1N2I1ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBVGocJKyEqLS14QgkW+Zf1cjCCG
qY3su2aetGRYf5+B5ai0r5xhlCT9+hDqaiYaicbLAQLkHFT5pjQ6KFvA0UTtFW1b
5Vr88+RnHA55X9tKOoBt0E0SF7g3Jy9kznAahdMlrnDVcyd6Z7vRPT/slWx3xcV3
ThbGPzM9oVZcL5N3+NR40ggghLl7qPwcDqjvKb3J/1w22WNlIPRXpsLUVwX06hwH
2Vknjztz6y+9Hjz95Vx3OS/EwEAYc7BYzORPMX/PLFqa3MpPoIg1pM7Ng2buB4/A
WRUGWxLVybEYnqYw7ZgQEeFvP+6L03LSG+Ra8FWtH4zbpL1T/OltCn/b6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNka1+6D03U5wfVw8TZFhHPFe17KMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMlJyWDdvUFRkVG5COVhEeE5rV0VjOFY3WHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy92MA0G
CSqGSIb3DQEBCwUAA4IBAQAgL0yJbg7ToUZRkZeN3BVcdwSTrxndbUMcJiBPwEHd
KV60oVuqFoJF9W+k7/6Zt3QxISj74UmuMb+BIY6kaAB1Fcs5hT1bZhpqbNUoTlZi
doVwC/wlv4YRJXQ5TX2uGplCTvzHj/nWHlr9cE2degUWcxvwoqXL+Std/4Bpjz/2
QK4BrEOGCJOpoWFfFVhn15EOp9G+1+ulFffF/gyhn417ZXvUGYynatp/YDuy8rI1
SesFgUBBDjF8RVv7pIp4g5XMHqa7iVygXZPx2Qb7LwvwCGAFuLei4H9qt04C/ZNv
tL1tqMPRd9vx+VRLRSUEVxWZpNcB1F7C54amO7HgSwT4
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:21 2025 by rpki-client