Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BO7XVQq_zLkewmC1qhQpWy6GO1k.roa
File: BO7XVQq_zLkewmC1qhQpWy6GO1k.roa (raw, json)
Hash identifier: 9f+2vg6pFqbggVt7WrM1PjGQRaiED0Y4gYnS4jTzg8M=
Subject key identifier: 04:EE:D7:55:0A:BF:CC:B9:1E:C2:60:B5:AA:14:29:5B:2E:86:3B:59
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F8AB0D72110CE9B61A637FAE2FB95
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BO7XVQq_zLkewmC1qhQpWy6GO1k.roa
Signing time: Thu 02 Jan 2025 05:49:11 +0000
ROA not before: Thu 02 Jan 2025 05:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12389
IP address blocks: 95.47.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8a:b0:d7:21:10:ce:9b:61:a6:37:fa:e2:fb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04eed7550abfccb91ec260b5aa14295b2e863b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:f5:f7:0d:86:d2:39:0d:5e:00:99:35:cf:
8e:69:af:52:23:a4:5d:0d:64:e2:4d:bc:76:49:d1:
0d:33:1e:66:13:d3:8e:43:64:71:51:44:b7:6b:47:
2a:70:af:05:9c:ac:02:0c:26:2c:fe:9a:30:d8:71:
fb:39:18:f5:e5:4e:22:a3:46:b7:e9:3a:66:d7:f6:
9d:cc:74:f8:b6:0f:be:cc:ad:f5:6a:b3:d9:da:de:
f9:93:99:66:60:81:cb:8a:f8:24:e8:7e:05:65:40:
81:f3:dc:15:d7:63:fe:c1:fc:35:09:cf:0a:92:1f:
73:cc:7e:d0:ca:53:02:6f:00:fe:c8:31:cb:55:63:
48:a4:f3:c0:3f:2a:c1:2c:50:23:9c:2d:f4:77:ea:
fe:cf:da:01:26:cd:ba:38:29:f6:4a:0c:0c:e4:d2:
83:3d:74:00:5b:c5:95:f4:19:6b:9b:de:d4:81:af:
14:58:57:28:dd:ff:f6:a9:ef:b5:c3:29:c2:63:2e:
52:59:fc:49:e9:d3:4f:98:31:e9:ad:62:6c:5b:34:
a8:ae:38:76:a0:a5:f1:8e:25:fa:33:88:65:e7:ba:
df:8e:a7:67:6c:d1:bb:e2:bc:4d:ab:e1:d6:e5:27:
e9:10:78:5a:ec:88:31:8e:cb:ce:d5:57:2a:96:53:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EE:D7:55:0A:BF:CC:B9:1E:C2:60:B5:AA:14:29:5B:2E:86:3B:59
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BO7XVQq_zLkewmC1qhQpWy6GO1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.152.0/24
Signature Algorithm: sha256WithRSAEncryption
91:b9:a3:35:db:49:ff:82:4a:21:ac:65:aa:06:e6:8e:b1:4c:
13:14:2e:8d:f9:eb:6b:5f:29:95:2d:fd:40:8e:0e:84:cc:71:
df:7d:65:5e:cb:5f:ee:20:2a:98:39:3f:ac:a7:b2:01:b0:8e:
f1:57:9e:49:d1:b7:c2:82:7a:f7:a6:30:4d:76:5a:75:03:d4:
ff:c4:71:16:de:b0:70:1c:e7:b9:5e:bb:98:47:30:d9:1e:54:
eb:8e:37:de:86:36:f7:e5:2e:7a:f3:9f:ec:ff:97:aa:6f:f9:
00:6a:ed:c4:c0:db:5d:2a:99:3d:a1:5d:8f:26:e3:aa:9a:dc:
03:37:71:05:04:aa:d2:01:6c:20:05:97:8a:9a:1a:cf:d6:cf:
5f:8e:7e:04:9a:e9:34:56:5d:dc:aa:59:2b:85:17:60:4d:bc:
a3:0c:cb:a1:39:4c:96:63:59:8e:db:02:51:64:57:a6:dc:ca:
8a:39:65:27:d8:50:e9:e9:42:c2:98:19:f8:7a:44:f7:d1:0d:
b9:88:3e:b7:3f:93:8d:b2:8c:84:3c:51:2d:66:f5:99:a9:52:
a3:15:ab:6b:76:29:ac:d7:d5:6f:e8:41:a6:ff:9e:a6:9a:50:
c7:34:33:79:76:91:42:92:2d:40:2a:42:4b:88:9b:86:e0:93:
91:6e:57:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj4qw1yEQzpthpjf64vuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVlZDc1NTBhYmZjY2I5MWVjMjYwYjVhYTE0Mjk1YjJlODYzYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ/19w2G0jkNXgCZNc+Oaa9SI6Rd
DWTiTbx2SdENMx5mE9OOQ2RxUUS3a0cqcK8FnKwCDCYs/pow2HH7ORj15U4io0a3
6Tpm1/adzHT4tg++zK31arPZ2t75k5lmYIHLivgk6H4FZUCB89wV12P+wfw1Cc8K
kh9zzH7QylMCbwD+yDHLVWNIpPPAPyrBLFAjnC30d+r+z9oBJs26OCn2SgwM5NKD
PXQAW8WV9Blrm97Uga8UWFco3f/2qe+1wynCYy5SWfxJ6dNPmDHprWJsWzSorjh2
oKXxjiX6M4hl57rfjqdnbNG74rxNq+HW5SfpEHha7IgxjsvO1VcqllOqbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATu11UKv8y5HsJgtaoUKVsuhjtZMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQk83WFZRcV96TGtld21DMXFoUXBXeTZHTzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy+YMA0G
CSqGSIb3DQEBCwUAA4IBAQCRuaM120n/gkohrGWqBuaOsUwTFC6N+etrXymVLf1A
jg6EzHHffWVey1/uICqYOT+sp7IBsI7xV55J0bfCgnr3pjBNdlp1A9T/xHEW3rBw
HOe5XruYRzDZHlTrjjfehjb35S5685/s/5eqb/kAau3EwNtdKpk9oV2PJuOqmtwD
N3EFBKrSAWwgBZeKmhrP1s9fjn4Emuk0Vl3cqlkrhRdgTbyjDMuhOUyWY1mO2wJR
ZFem3MqKOWUn2FDp6ULCmBn4ekT30Q25iD63P5ONsoyEPFEtZvWZqVKjFatrdims
19Vv6EGm/56mmlDHNDN5dpFCki1AKkJLiJuG4JORbld0
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:28:38 2025 by rpki-client