Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/FHZi8KQ5GSq31YGBc-L_C4ChJqk.roa
File: FHZi8KQ5GSq31YGBc-L_C4ChJqk.roa (raw, json)
Hash identifier: QbcfpzUhaxZiWCM7ODIotfaWhXiUNcb1NO+t8WhrOrk=
Subject key identifier: 14:76:62:F0:A4:39:19:2A:B7:D5:81:81:73:E2:FF:0B:80:A1:26:A9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709532B8898F66C6992B8364062EB2CD
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/FHZi8KQ5GSq31YGBc-L_C4ChJqk.roa
Signing time: Mon 02 Jan 2023 03:45:04 +0000
ROA not before: Mon 02 Jan 2023 03:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45001
IP address blocks: 95.46.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:32:b8:89:8f:66:c6:99:2b:83:64:06:2e:b2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=147662f0a439192ab7d5818173e2ff0b80a126a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:90:55:a1:6c:2c:99:f3:63:53:91:05:9e:26:
68:ae:cb:6a:8b:1f:ec:99:d7:df:df:fe:ab:27:79:
49:62:b1:8a:85:bd:6f:38:cb:ed:9d:78:99:a6:17:
1f:55:84:dc:0b:31:88:17:aa:b5:97:97:da:5b:68:
05:4e:26:f3:9a:96:52:90:3a:b3:90:88:72:f1:68:
62:cc:db:f6:ac:20:94:59:19:c5:a1:96:c0:dd:6f:
bf:7a:7f:0e:be:44:dc:42:b0:78:a8:c3:d1:27:f5:
33:de:10:a3:4c:bc:d6:eb:b3:01:dd:ab:b2:99:78:
3f:b7:05:14:19:3a:26:a5:9d:11:77:2e:75:b7:27:
88:b4:45:d8:78:65:68:80:7c:b0:60:c0:f5:2e:cb:
9e:db:ba:61:2c:f2:41:03:f3:13:a6:f4:d6:5b:a6:
d3:23:f8:3e:f9:8b:34:0d:d3:dd:22:ef:1b:11:86:
12:ef:d4:dd:70:40:7e:ff:c8:71:90:4f:2f:09:0f:
02:68:8b:80:ee:0d:f8:de:3c:1e:8b:ec:dc:ad:e0:
00:f0:98:57:a0:cf:ea:c5:ba:6d:77:17:e6:3f:68:
b9:57:00:66:f0:ed:2b:2c:77:e3:d7:a5:5e:cd:03:
fb:6c:d3:a9:18:eb:c0:f6:ff:55:42:25:99:a6:f0:
2f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:76:62:F0:A4:39:19:2A:B7:D5:81:81:73:E2:FF:0B:80:A1:26:A9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/FHZi8KQ5GSq31YGBc-L_C4ChJqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.154.0/24
Signature Algorithm: sha256WithRSAEncryption
91:76:3f:32:b8:2a:20:de:3d:ab:df:3f:95:d4:f6:c3:9d:bf:
50:86:b0:8c:a0:92:b4:12:6c:5a:e3:0b:63:35:df:a6:60:78:
25:da:22:8d:f5:85:37:ca:66:18:12:d9:36:8d:8d:33:c0:cd:
fd:90:39:e9:00:ed:bc:cb:28:c9:1d:d1:5f:32:a8:8f:c2:49:
c7:d4:17:bc:c9:c8:44:42:6c:7b:28:60:28:dc:6e:68:a5:78:
28:9c:b2:af:0b:fb:83:1f:5b:82:25:fa:04:28:58:b7:b4:70:
a5:d0:50:c1:bc:8f:9a:c4:3b:df:6f:c5:3e:b4:d8:9a:12:cc:
13:75:9f:8c:0a:f9:a6:71:a7:41:e8:d0:0c:ce:5c:b5:03:3d:
27:76:e1:b6:66:eb:63:83:5e:f2:41:24:ce:55:f9:f1:98:a1:
af:94:1a:25:63:21:96:fa:ee:f7:89:e8:3b:be:ed:3a:34:3f:
a5:09:36:ad:0b:f1:c7:c5:f4:10:77:d5:17:d5:13:91:dd:4a:
3f:bd:a5:74:8d:db:50:2a:f2:a4:db:8c:0b:52:c0:3a:2a:fb:
42:28:ce:1a:90:f8:20:8d:79:97:ff:94:6a:96:52:4d:81:ab:
7e:16:45:a6:8c:e1:07:95:61:97:fc:15:53:57:9a:41:0e:1b:
ab:a8:40:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTK4iY9mxpkrg2QGLrLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDc2NjJmMGE0MzkxOTJhYjdkNTgxODE3M2UyZmYwYjgwYTEyNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JBVoWwsmfNjU5EFniZorstqix/s
mdff3/6rJ3lJYrGKhb1vOMvtnXiZphcfVYTcCzGIF6q1l5faW2gFTibzmpZSkDqz
kIhy8WhizNv2rCCUWRnFoZbA3W+/en8OvkTcQrB4qMPRJ/Uz3hCjTLzW67MB3auy
mXg/twUUGTompZ0Rdy51tyeItEXYeGVogHywYMD1Lsue27phLPJBA/MTpvTWW6bT
I/g++Ys0DdPdIu8bEYYS79TdcEB+/8hxkE8vCQ8CaIuA7g343jwei+zcreAA8JhX
oM/qxbptdxfmP2i5VwBm8O0rLHfj16VezQP7bNOpGOvA9v9VQiWZpvAvfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBR2YvCkORkqt9WBgXPi/wuAoSapMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvRkhaaThLUTVHU3EzMVlHQmMtTF9DNENoSnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy6aMA0G
CSqGSIb3DQEBCwUAA4IBAQCRdj8yuCog3j2r3z+V1PbDnb9QhrCMoJK0Emxa4wtj
Nd+mYHgl2iKN9YU3ymYYEtk2jY0zwM39kDnpAO28yyjJHdFfMqiPwknH1Be8ychE
Qmx7KGAo3G5opXgonLKvC/uDH1uCJfoEKFi3tHCl0FDBvI+axDvfb8U+tNiaEswT
dZ+MCvmmcadB6NAMzly1Az0nduG2Zutjg17yQSTOVfnxmKGvlBolYyGW+u73ieg7
vu06ND+lCTatC/HHxfQQd9UX1ROR3Uo/vaV0jdtQKvKk24wLUsA6KvtCKM4akPgg
jXmX/5RqllJNgat+FkWmjOEHlWGX/BVTV5pBDhurqEA1
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:33 2025 by rpki-client