Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CjzpjTISXwMJc7w0mOqrAcA_R9U.roa
File: CjzpjTISXwMJc7w0mOqrAcA_R9U.roa (raw, json)
Hash identifier: 5grC08sI5CjrJizfwUOyZnBGqIBgJSeDizWX2pdGXno=
Subject key identifier: 0A:3C:E9:8D:32:12:5F:03:09:73:BC:34:98:EA:AB:01:C0:3F:47:D5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570951D94BE68CF37AD1F8E82FBA49254
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CjzpjTISXwMJc7w0mOqrAcA_R9U.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41967
IP address blocks: 95.47.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1d:94:be:68:cf:37:ad:1f:8e:82:fb:a4:92:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a3ce98d32125f030973bc3498eaab01c03f47d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e5:58:0b:11:71:1a:58:ae:a2:88:39:7a:cf:
16:72:55:85:23:23:0b:4c:82:18:f5:71:fe:56:ad:
55:88:dc:08:dd:36:52:78:a9:c1:f8:fa:e7:7c:54:
27:83:3f:fc:6a:e5:ed:c3:73:b8:8e:d8:96:fb:b1:
6b:19:29:8a:42:09:6f:6d:b9:48:b5:80:1d:a8:6c:
dd:52:a5:7f:ea:1f:55:5c:a4:f5:3f:c5:e6:e7:98:
b2:55:af:8b:9b:84:51:b3:6e:0f:9c:c6:c6:a8:62:
41:f8:76:3e:d3:14:4c:1c:1a:c0:27:63:fb:7c:4f:
42:a0:97:5e:a8:18:96:8e:02:f6:38:9a:80:e2:69:
b0:04:06:8b:ba:b4:ed:66:65:bc:76:a5:29:fc:aa:
6c:47:6c:ba:2a:be:9e:3a:db:60:c1:1e:61:ee:94:
4e:08:fe:a2:60:1b:18:c7:83:97:2a:c8:14:05:3b:
17:61:c8:76:ba:ae:e4:77:d5:7f:83:79:77:3e:9c:
b1:b8:0d:c6:b2:5a:8a:11:e6:12:50:33:06:fa:22:
c2:97:4f:32:b6:09:9d:e2:e7:07:66:e2:d4:0c:77:
42:59:96:e7:4d:94:50:3a:cb:7b:b0:02:ea:16:e8:
dc:6a:24:2b:61:04:c5:0a:c3:7f:88:9c:d2:f2:c9:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3C:E9:8D:32:12:5F:03:09:73:BC:34:98:EA:AB:01:C0:3F:47:D5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CjzpjTISXwMJc7w0mOqrAcA_R9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.148.0/22
Signature Algorithm: sha256WithRSAEncryption
29:06:1c:65:4b:30:f0:72:d0:25:eb:bb:7d:6b:c2:6f:cb:eb:
e0:4c:49:5c:bd:92:07:8e:51:db:e9:b1:be:93:e4:10:2f:d9:
c6:cb:e8:21:81:2d:a5:42:42:41:fe:c2:ef:ff:82:91:3b:d5:
b3:d4:19:ec:6b:09:f8:b4:ba:5b:a6:f0:a4:2e:ed:9b:03:2e:
38:a9:f5:58:f2:3c:d2:3b:58:80:3b:11:a9:5a:09:f7:95:02:
9b:7e:e3:a0:f0:48:d4:00:0a:26:1e:c4:10:08:ab:04:82:57:
7a:85:35:4d:94:37:51:5f:b2:b3:df:21:ea:00:14:0e:fe:cf:
17:47:76:21:81:50:83:a6:37:0f:e4:a8:83:4d:5f:0f:c0:25:
3d:ce:34:65:f4:25:ea:1a:28:e9:63:89:7d:7e:82:c2:87:1a:
48:b1:50:2e:5f:d3:c2:40:42:d9:ee:b9:e2:34:16:f3:7c:0e:
e1:98:bb:ef:5f:eb:15:78:72:31:d7:6e:e5:41:f1:d7:31:1b:
f4:db:31:4a:ed:a5:0d:3f:dd:d2:b7:0d:de:d4:89:77:78:19:
27:8c:da:d3:ab:03:91:57:20:b2:b9:5f:d6:e1:76:30:e8:62:
83:34:7d:1b:92:8e:96:57:4d:ff:84:2c:bb:ee:69:7a:7a:22:
a9:3c:a4:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlR2UvmjPN60fjoL7pJJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTNjZTk4ZDMyMTI1ZjAzMDk3M2JjMzQ5OGVhYWIwMWMwM2Y0N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneVYCxFxGliuoog5es8WclWFIyML
TIIY9XH+Vq1ViNwI3TZSeKnB+PrnfFQngz/8auXtw3O4jtiW+7FrGSmKQglvbblI
tYAdqGzdUqV/6h9VXKT1P8Xm55iyVa+Lm4RRs24PnMbGqGJB+HY+0xRMHBrAJ2P7
fE9CoJdeqBiWjgL2OJqA4mmwBAaLurTtZmW8dqUp/KpsR2y6Kr6eOttgwR5h7pRO
CP6iYBsYx4OXKsgUBTsXYch2uq7kd9V/g3l3PpyxuA3GslqKEeYSUDMG+iLCl08y
tgmd4ucHZuLUDHdCWZbnTZRQOst7sALqFujcaiQrYQTFCsN/iJzS8skHowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAo86Y0yEl8DCXO8NJjqqwHAP0fVMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQ2p6cGpUSVNYd01KYzd3MG1PcXJBY0FfUjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy+UMA0G
CSqGSIb3DQEBCwUAA4IBAQApBhxlSzDwctAl67t9a8Jvy+vgTElcvZIHjlHb6bG+
k+QQL9nGy+ghgS2lQkJB/sLv/4KRO9Wz1Bnsawn4tLpbpvCkLu2bAy44qfVY8jzS
O1iAOxGpWgn3lQKbfuOg8EjUAAomHsQQCKsEgld6hTVNlDdRX7Kz3yHqABQO/s8X
R3YhgVCDpjcP5KiDTV8PwCU9zjRl9CXqGijpY4l9foLChxpIsVAuX9PCQELZ7rni
NBbzfA7hmLvvX+sVeHIx127lQfHXMRv02zFK7aUNP93Stw3e1Il3eBknjNrTqwOR
VyCyuV/W4XYw6GKDNH0bko6WV03/hCy77ml6eiKpPKQO
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:09 2025 by rpki-client