Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/72wVVpbwkMecusvyy0IJ5XCMTxI.roa
File: 72wVVpbwkMecusvyy0IJ5XCMTxI.roa (raw, json)
Hash identifier: 2XXKheXeigGZ4bRnfvDlKRiZepnoIQgf5F9fxhuiYYA=
Subject key identifier: EF:6C:15:56:96:F0:90:C7:9C:BA:CB:F2:CB:42:09:E5:70:8C:4F:12
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709583842D4B68A53C11F359FA4F2071
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/72wVVpbwkMecusvyy0IJ5XCMTxI.roa
Signing time: Mon 02 Jan 2023 03:45:24 +0000
ROA not before: Mon 02 Jan 2023 03:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62331
IP address blocks: 95.47.244.0/24 maxlen: 24
95.47.189.0/24 maxlen: 24
31.148.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:83:84:2d:4b:68:a5:3c:11:f3:59:fa:4f:20:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef6c155696f090c79cbacbf2cb4209e5708c4f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d1:51:8f:ff:e6:b4:cc:1b:3f:68:8c:d3:7f:
aa:3e:4c:ca:84:1d:5c:2a:6a:c7:11:d2:8b:e0:0d:
f9:14:35:33:79:ff:78:a8:86:fc:82:f7:ee:0c:0f:
c7:8e:39:0d:c3:65:cd:d1:75:1b:cb:05:65:a1:4e:
1b:59:99:56:d5:1b:1e:c9:fd:ef:f1:63:b6:54:c3:
cc:9f:ba:82:a7:2a:73:31:ec:bc:c3:68:36:d4:a9:
ce:ff:f5:07:d2:bc:32:f8:3a:ea:69:0b:d4:6d:01:
b8:bd:e7:56:9a:b4:ff:e5:d1:e2:35:b7:fd:22:ba:
d4:b3:48:fc:56:be:3a:7c:ca:80:a1:7d:f1:82:1f:
56:b8:ce:9f:68:e2:20:db:27:21:dd:17:4d:96:26:
13:b6:3b:8c:8c:69:6e:b3:57:56:eb:bd:69:7a:eb:
cc:6d:14:b3:21:a9:d7:20:42:6b:46:7d:a3:e0:f2:
09:b9:be:a3:fb:b8:b6:fa:1b:ea:27:5b:db:af:fa:
2e:2e:30:be:82:bf:b2:6b:bd:88:0c:a1:91:44:7c:
b8:72:83:7b:8c:3c:2c:84:90:3b:20:b8:ea:dc:20:
3e:0b:28:8e:36:7b:ee:6e:2e:0f:de:a4:86:9d:a0:
a8:85:27:53:19:c8:65:23:81:80:67:22:3b:72:77:
3d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6C:15:56:96:F0:90:C7:9C:BA:CB:F2:CB:42:09:E5:70:8C:4F:12
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/72wVVpbwkMecusvyy0IJ5XCMTxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.205.0/24
95.47.189.0/24
95.47.244.0/24
Signature Algorithm: sha256WithRSAEncryption
75:fd:19:85:f5:10:fc:78:a4:7d:bb:ac:67:4b:a3:87:14:00:
cb:c9:e8:12:1c:ec:52:b7:b3:54:a7:ce:90:61:cc:63:a4:43:
78:27:97:95:62:7a:f7:de:bb:44:c9:3f:70:aa:1d:25:e4:3b:
8a:07:2c:02:ff:f9:82:9d:7d:30:5b:2d:69:df:83:eb:5b:48:
2e:03:19:df:32:b5:94:65:f1:14:d9:85:36:cd:0a:7a:ea:90:
34:8d:10:15:f4:92:00:18:ca:6e:f7:b8:fa:a0:e2:06:1c:5d:
84:58:3b:60:8f:75:4d:4a:d8:6b:b8:2d:a7:28:a5:43:53:3c:
dc:ae:23:c1:3e:18:81:8b:30:9a:d5:3e:c2:1e:bc:22:3a:c6:
61:2e:a5:65:c4:d1:40:41:78:0f:13:41:a2:36:09:75:03:47:
1a:f2:57:45:c0:95:2f:96:75:c2:4c:49:1d:56:60:44:69:c9:
df:cc:8b:1d:e4:d7:01:6f:fe:bb:55:2c:f7:00:00:e1:5a:7e:
0f:bd:24:87:08:0b:aa:9a:a6:ec:9b:91:ba:a8:92:f2:8d:55:
29:96:21:54:2c:7d:ca:b3:64:71:28:fa:d8:49:c3:cb:a6:7d:
fa:1e:88:5c:6f:d4:1a:cd:97:18:6e:ac:5a:f7:5c:11:2e:01:
2a:4e:25:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlYOELUtopTwR81n6TyBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZjMTU1Njk2ZjA5MGM3OWNiYWNiZjJjYjQyMDllNTcwOGM0ZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tFRj//mtMwbP2iM03+qPkzKhB1c
KmrHEdKL4A35FDUzef94qIb8gvfuDA/HjjkNw2XN0XUbywVloU4bWZlW1Rseyf3v
8WO2VMPMn7qCpypzMey8w2g21KnO//UH0rwy+DrqaQvUbQG4vedWmrT/5dHiNbf9
IrrUs0j8Vr46fMqAoX3xgh9WuM6faOIg2ych3RdNliYTtjuMjGlus1dW671peuvM
bRSzIanXIEJrRn2j4PIJub6j+7i2+hvqJ1vbr/ouLjC+gr+ya72IDKGRRHy4coN7
jDwshJA7ILjq3CA+CyiONnvubi4P3qSGnaCohSdTGchlI4GAZyI7cnc9UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9sFVaW8JDHnLrL8stCCeVwjE8SMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNzJ3VlZwYndrTWVjdXN2eXkwSUo1WENNVHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5TNAwQA
Xy+9AwQAXy/0MA0GCSqGSIb3DQEBCwUAA4IBAQB1/RmF9RD8eKR9u6xnS6OHFADL
yegSHOxSt7NUp86QYcxjpEN4J5eVYnr33rtEyT9wqh0l5DuKBywC//mCnX0wWy1p
34PrW0guAxnfMrWUZfEU2YU2zQp66pA0jRAV9JIAGMpu97j6oOIGHF2EWDtgj3VN
SthruC2nKKVDUzzcriPBPhiBizCa1T7CHrwiOsZhLqVlxNFAQXgPE0GiNgl1A0ca
8ldFwJUvlnXCTEkdVmBEacnfzIsd5NcBb/67VSz3AADhWn4PvSSHCAuqmqbsm5G6
qJLyjVUpliFULH3Ks2RxKPrYScPLpn36Hohcb9QazZcYbqxa91wRLgEqTiUf
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:39 2025 by rpki-client