Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CxKY4M8GT-VQq9plGBnB3a6zpoo.roa
File: CxKY4M8GT-VQq9plGBnB3a6zpoo.roa (raw, json)
Hash identifier: MJQ7+3trl1zUZuJ6+m5wEG2UMoLB/8skqLQi7DyVyAo=
Subject key identifier: 0B:12:98:E0:CF:06:4F:E5:50:AB:DA:65:18:19:C1:DD:AE:B3:A6:8A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE283B395EF34830EA2C12D289066
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CxKY4M8GT-VQq9plGBnB3a6zpoo.roa
Signing time: Thu 02 Jan 2025 05:49:34 +0000
ROA not before: Thu 02 Jan 2025 05:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62366
IP address blocks: 93.171.135.0/24 maxlen: 24
95.46.1.0/24 maxlen: 24
146.158.76.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e2:83:b3:95:ef:34:83:0e:a2:c1:2d:28:90:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b1298e0cf064fe550abda651819c1ddaeb3a68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:24:0b:c4:45:a3:27:73:65:ab:76:62:64:
fd:4e:7d:79:f1:b0:e7:77:e4:6e:15:b0:a9:b8:be:
ae:b8:58:64:2d:6f:42:91:5c:44:cd:22:52:79:64:
3d:03:c9:f3:37:b3:f8:0f:6f:7e:e2:4f:08:a3:69:
ba:e8:24:94:ec:91:09:af:09:8d:4a:73:ba:81:f4:
9e:99:18:9c:df:7b:8d:9b:5e:ae:ac:ed:76:99:88:
c3:3d:34:53:7f:6b:5a:12:ad:c7:f2:8b:1d:40:8f:
f7:80:7f:1d:2d:2a:2a:8f:e2:b8:4e:2c:42:41:d0:
fa:25:45:98:86:59:93:7f:7b:07:67:81:97:1e:df:
e0:85:d1:dc:b0:56:c5:39:af:7d:c7:29:0c:52:9f:
22:10:d4:fe:24:9d:fb:ea:8c:9f:c6:55:49:1c:23:
ed:7b:27:99:83:d0:62:6e:1a:41:5d:3a:ed:c2:e9:
40:f3:c7:53:fe:86:c5:17:9f:c8:74:e0:05:c9:be:
35:bb:51:be:b4:3f:0d:dc:10:17:f0:b8:df:ad:4a:
27:2b:ce:f0:5f:19:0a:e0:49:89:29:ff:76:e7:65:
c4:ab:cf:5b:aa:e3:11:67:ca:ca:b0:25:e3:96:13:
3f:24:73:26:9d:6b:14:95:40:b7:e6:fa:02:7a:49:
04:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:12:98:E0:CF:06:4F:E5:50:AB:DA:65:18:19:C1:DD:AE:B3:A6:8A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CxKY4M8GT-VQq9plGBnB3a6zpoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.135.0/24
95.46.1.0/24
146.158.76.0/23
Signature Algorithm: sha256WithRSAEncryption
16:74:cd:9d:60:e9:f6:93:dd:f9:74:0b:96:9f:f9:ac:b5:07:
1e:e8:e3:84:37:ce:01:2a:53:0f:f6:4f:56:a4:36:68:8e:59:
4d:f0:4f:1a:7a:97:de:70:bf:62:ff:15:a5:4e:7a:fe:e6:6e:
7b:e0:98:b0:04:d8:92:54:62:5e:27:46:ac:a9:b1:c7:7c:e2:
03:80:d4:5e:30:c5:52:19:a5:05:2c:0b:ad:90:75:96:f0:38:
63:49:91:aa:41:d6:6e:3f:7a:e6:ed:58:a1:fc:72:14:28:db:
ef:9a:12:4d:ec:49:65:0d:e8:2d:a8:2a:7c:01:ee:49:c6:b4:
2b:fe:46:03:c1:d8:44:2c:f8:22:83:08:cd:b5:56:06:2d:5e:
70:ca:e8:87:b0:a4:bc:80:f0:e5:77:c8:4d:4d:a4:35:62:80:
73:8c:f2:b7:ac:c2:b7:a6:df:e7:51:fb:0d:65:54:62:db:d3:
1a:4f:ee:1a:9f:da:94:b4:9e:dd:a3:54:f0:68:a0:c0:44:b1:
f2:43:9c:c7:d3:30:d1:b3:47:64:c8:6e:37:f2:2b:c5:aa:f9:
37:59:e7:09:f1:0c:12:db:27:4c:26:d7:f3:74:d8:58:7d:d9:
69:ca:ec:67:10:84:2b:0c:51:05:3e:b4:ff:70:c8:ba:51:d9:
ad:8a:c7:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj+KDs5XvNIMOosEtKJBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjEyOThlMGNmMDY0ZmU1NTBhYmRhNjUxODE5YzFkZGFlYjNhNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMkkC8RFoydzZat2YmT9Tn158bDn
d+RuFbCpuL6uuFhkLW9CkVxEzSJSeWQ9A8nzN7P4D29+4k8Io2m66CSU7JEJrwmN
SnO6gfSemRic33uNm16urO12mYjDPTRTf2taEq3H8osdQI/3gH8dLSoqj+K4TixC
QdD6JUWYhlmTf3sHZ4GXHt/ghdHcsFbFOa99xykMUp8iENT+JJ376oyfxlVJHCPt
eyeZg9BibhpBXTrtwulA88dT/obFF5/IdOAFyb41u1G+tD8N3BAX8LjfrUonK87w
XxkK4EmJKf9252XEq89bquMRZ8rKsCXjlhM/JHMmnWsUlUC35voCekkEKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAsSmODPBk/lUKvaZRgZwd2us6aKMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQ3hLWTRNOEdULVZRcTlwbEdCbkIzYTZ6cG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXauHAwQA
Xy4BAwQBkp5MMA0GCSqGSIb3DQEBCwUAA4IBAQAWdM2dYOn2k935dAuWn/mstQce
6OOEN84BKlMP9k9WpDZojllN8E8aepfecL9i/xWlTnr+5m574JiwBNiSVGJeJ0as
qbHHfOIDgNReMMVSGaUFLAutkHWW8DhjSZGqQdZuP3rm7Vih/HIUKNvvmhJN7Ell
DegtqCp8Ae5JxrQr/kYDwdhELPgigwjNtVYGLV5wyuiHsKS8gPDld8hNTaQ1YoBz
jPK3rMK3pt/nUfsNZVRi29MaT+4an9qUtJ7do1TwaKDARLHyQ5zH0zDRs0dkyG43
8ivFqvk3WecJ8QwS2ydMJtfzdNhYfdlpyuxnEIQrDFEFPrT/cMi6Udmtiser
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:17:19 2025 by rpki-client