Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8w5_Vh2t89-XLpW_2N3FPkthlaM.roa
File: 8w5_Vh2t89-XLpW_2N3FPkthlaM.roa (raw, json)
Hash identifier: cAXGkLnZnNyNNMCpweHXvUXlYbJJRNYtERm7wYFtpsA=
Subject key identifier: F3:0E:7F:56:1D:AD:F3:DF:97:2E:95:BF:D8:DD:C5:3E:4B:61:95:A3
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095780F7AA67A2AB45EBB6C495B1DDC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8w5_Vh2t89-XLpW_2N3FPkthlaM.roa
Signing time: Mon 02 Jan 2023 03:45:21 +0000
ROA not before: Mon 02 Jan 2023 03:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61372
IP address blocks: 31.148.12.0/22 maxlen: 24
95.47.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:78:0f:7a:a6:7a:2a:b4:5e:bb:6c:49:5b:1d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f30e7f561dadf3df972e95bfd8ddc53e4b6195a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ba:de:44:04:ba:9c:99:e0:98:2c:84:f7:9e:
f9:dc:45:cc:0a:4a:f7:1c:fc:70:e2:67:48:bd:3c:
4c:33:f9:1f:55:24:de:5d:c2:28:6c:c4:ba:a4:13:
41:55:5a:f0:3d:0a:39:71:f3:6c:fe:c1:c2:cc:6a:
24:80:04:be:8d:2b:a1:70:f9:a0:cb:7a:9d:f6:ed:
4a:fc:99:59:c6:0e:10:65:d2:72:aa:9c:58:02:40:
6d:24:65:61:55:91:c2:47:3d:40:17:be:91:3e:fb:
8e:34:13:78:4b:63:94:59:b3:c0:3c:e9:30:b0:03:
9f:00:5f:bc:d8:2a:c4:bc:fa:47:90:60:7f:5a:3f:
98:ad:34:17:3e:ee:41:7b:cc:24:20:1e:eb:23:ce:
06:fd:fd:2f:26:da:7b:57:00:01:df:a4:9d:69:c0:
1e:aa:dd:c0:b0:a1:48:98:05:4d:93:a9:6c:02:89:
e5:d3:eb:22:89:ee:0b:cc:31:b9:1b:29:dc:b7:ca:
4a:f3:6e:c2:16:05:c4:bd:75:7d:18:53:cc:a6:cd:
90:f3:03:5e:76:bc:fd:f8:5b:fe:a4:68:8a:e9:48:
b4:a2:5f:4a:77:b4:40:5a:bd:25:85:82:9e:49:56:
4a:07:f6:64:a7:d2:37:9e:3c:05:ad:d5:7e:60:b8:
49:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0E:7F:56:1D:AD:F3:DF:97:2E:95:BF:D8:DD:C5:3E:4B:61:95:A3
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8w5_Vh2t89-XLpW_2N3FPkthlaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.12.0/22
95.47.180.0/22
Signature Algorithm: sha256WithRSAEncryption
49:e8:b7:31:19:4c:ad:f1:ed:d7:42:09:75:f7:73:0d:5f:38:
8d:70:1b:59:ea:74:8d:f3:81:8c:c9:a8:b4:dc:c9:9f:ec:6a:
84:f8:93:9c:88:86:61:ce:c5:09:7c:08:1b:01:8e:79:b6:9e:
51:0c:bf:ef:27:58:e9:31:4b:7f:bd:53:d9:f0:ac:1e:44:7f:
34:3e:de:62:5b:33:ff:47:00:cd:ab:74:a5:8a:05:9d:9a:fa:
9d:04:10:5d:8e:67:02:b9:87:1f:0b:6b:fa:f7:c4:ba:ff:ac:
38:a3:02:c7:2f:2f:02:d9:a2:98:fe:59:ff:5c:a0:0d:93:0a:
f8:7f:97:55:dd:4e:3b:6b:7c:1d:87:b0:3e:29:72:a6:d7:3c:
22:57:37:e4:34:6f:39:9d:23:e7:49:25:67:75:b1:d2:cd:4b:
6b:0b:90:55:ec:19:6e:59:0b:0d:c9:43:cb:02:14:9d:2a:07:
92:83:ce:d9:aa:24:29:ad:33:0a:cc:a7:b6:3c:25:88:75:63:
40:17:fa:e9:bf:95:37:9b:d3:da:e6:6e:7a:5b:6d:21:ac:50:
29:be:d3:f0:f0:ff:91:ea:b2:30:47:c2:0d:d6:e9:17:98:ca:
12:d1:b8:1c:0c:ea:85:ca:e7:db:d6:73:b2:c3:a4:1b:ab:e4:
3a:46:a8:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlXgPeqZ6KrReu2xJWx3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBlN2Y1NjFkYWRmM2RmOTcyZTk1YmZkOGRkYzUzZTRiNjE5NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbreRAS6nJngmCyE95753EXMCkr3
HPxw4mdIvTxMM/kfVSTeXcIobMS6pBNBVVrwPQo5cfNs/sHCzGokgAS+jSuhcPmg
y3qd9u1K/JlZxg4QZdJyqpxYAkBtJGVhVZHCRz1AF76RPvuONBN4S2OUWbPAPOkw
sAOfAF+82CrEvPpHkGB/Wj+YrTQXPu5Be8wkIB7rI84G/f0vJtp7VwAB36SdacAe
qt3AsKFImAVNk6lsAonl0+siie4LzDG5Gynct8pK827CFgXEvXV9GFPMps2Q8wNe
drz9+Fv+pGiK6Ui0ol9Kd7RAWr0lhYKeSVZKB/Zkp9I3njwFrdV+YLhJGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPMOf1YdrfPfly6Vv9jdxT5LYZWjMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvOHc1X1ZoMnQ4OS1YTHBXXzJOM0ZQa3RobGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH5QMAwQC
Xy+0MA0GCSqGSIb3DQEBCwUAA4IBAQBJ6LcxGUyt8e3XQgl193MNXziNcBtZ6nSN
84GMyai03Mmf7GqE+JOciIZhzsUJfAgbAY55tp5RDL/vJ1jpMUt/vVPZ8KweRH80
Pt5iWzP/RwDNq3SligWdmvqdBBBdjmcCuYcfC2v698S6/6w4owLHLy8C2aKY/ln/
XKANkwr4f5dV3U47a3wdh7A+KXKm1zwiVzfkNG85nSPnSSVndbHSzUtrC5BV7Blu
WQsNyUPLAhSdKgeSg87ZqiQprTMKzKe2PCWIdWNAF/rpv5U3m9Pa5m56W20hrFAp
vtPw8P+R6rIwR8IN1ukXmMoS0bgcDOqFyufb1nOyw6Qbq+Q6RqiF
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:12:57 2025 by rpki-client