Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GCA_xWplHa941zqSZe7DwhnxmZw.roa
File: GCA_xWplHa941zqSZe7DwhnxmZw.roa (raw, json)
Hash identifier: 4VVrzvuxQnHE0mPZ4pwOWNPstiqOmqS2fmAdR/8Ska4=
Subject key identifier: 18:20:3F:C5:6A:65:1D:AF:78:D7:3A:92:65:EE:C3:C2:19:F1:99:9C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095C35BEEA00ACB44E38AB51BF61C31
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GCA_xWplHa941zqSZe7DwhnxmZw.roa
Signing time: Mon 02 Jan 2023 03:45:41 +0000
ROA not before: Mon 02 Jan 2023 03:45:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213029
IP address blocks: 95.47.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:c3:5b:ee:a0:0a:cb:44:e3:8a:b5:1b:f6:1c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=18203fc56a651daf78d73a9265eec3c219f1999c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:05:48:c6:de:fb:04:1d:0a:f1:f2:23:9d:dd:
b7:cf:32:be:88:4f:8c:97:17:1b:45:3c:82:d7:ce:
3f:41:3d:c2:48:0d:8c:b6:b0:5c:4a:eb:f1:7b:12:
39:50:72:af:99:dd:0f:2e:fa:06:c8:0a:61:1b:e9:
94:72:98:20:eb:4a:e4:6b:e5:db:b2:b3:06:3b:62:
5e:46:92:9f:09:30:24:01:6c:22:32:69:ac:df:a4:
48:e4:2d:07:69:2d:08:6e:b7:8a:47:4d:01:da:35:
65:aa:18:00:43:95:39:82:02:95:e8:97:12:4d:57:
d7:b8:e0:31:c8:d3:bd:4c:5c:87:ad:e0:cd:a0:8f:
45:d9:f5:dd:2c:36:e5:c4:d3:4d:0d:8c:41:0c:2f:
3b:66:f6:76:31:99:11:73:30:8a:ad:78:43:85:2c:
dd:d4:fe:3b:27:10:bc:3d:ff:13:7e:9b:fa:b3:99:
e0:04:28:5d:fc:38:d2:32:d9:4a:87:c5:39:44:69:
ff:69:e7:d8:dd:b2:68:f3:10:63:54:4d:ee:35:b1:
6f:29:58:a7:6f:53:fc:42:4b:81:5a:bc:98:c7:18:
60:43:8e:62:38:64:fe:d2:f7:42:aa:89:8d:02:03:
c4:71:98:6d:fd:71:0b:0a:b7:2a:03:bb:b1:e1:89:
3b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:20:3F:C5:6A:65:1D:AF:78:D7:3A:92:65:EE:C3:C2:19:F1:99:9C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GCA_xWplHa941zqSZe7DwhnxmZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.127.0/24
Signature Algorithm: sha256WithRSAEncryption
44:5c:10:38:40:41:53:10:a2:0c:b9:41:4d:1a:05:eb:e3:5e:
b6:86:4d:e8:37:d9:cc:e2:e6:ea:9d:53:a9:59:fb:f1:bb:74:
bc:89:71:df:41:0d:f9:60:f3:84:ed:93:00:71:53:36:00:15:
ac:4f:06:f1:3a:c2:17:36:b9:b9:e8:58:bf:54:c8:7f:1f:e6:
bb:4e:6a:ba:96:fb:d8:2f:64:18:b1:ff:c9:ca:f5:92:0e:a2:
1f:26:f5:d5:3b:41:71:d3:94:cb:77:20:1a:54:86:f0:4d:f6:
53:f8:75:eb:12:14:9d:c1:67:8e:3a:8f:86:3e:a9:5b:de:81:
b5:c8:2b:7a:8b:d9:d3:8a:37:f1:3c:1a:d8:d1:ff:f3:48:7a:
e5:7b:d9:80:cc:59:4b:94:f1:19:cc:08:e9:44:56:06:cd:2c:
f3:86:de:60:ca:af:c6:2e:27:4e:ea:67:33:fa:43:3c:94:05:
2a:8a:bf:39:6f:16:fa:73:22:24:d0:3c:fc:c8:a4:44:8f:d8:
e2:49:59:d9:63:6c:2c:6f:83:14:46:5d:ad:08:e7:b1:8e:71:
72:c2:50:b4:4d:19:c2:e7:c3:c0:2a:66:29:bb:1b:17:d5:b7:
ef:e9:c3:53:f5:52:c3:46:3b:89:60:39:73:71:d4:8f:aa:ba:
a6:f1:c5:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlcNb7qAKy0TjirUb9hwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIwM2ZjNTZhNjUxZGFmNzhkNzNhOTI2NWVlYzNjMjE5ZjE5OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgVIxt77BB0K8fIjnd23zzK+iE+M
lxcbRTyC184/QT3CSA2MtrBcSuvxexI5UHKvmd0PLvoGyAphG+mUcpgg60rka+Xb
srMGO2JeRpKfCTAkAWwiMmms36RI5C0HaS0IbreKR00B2jVlqhgAQ5U5ggKV6JcS
TVfXuOAxyNO9TFyHreDNoI9F2fXdLDblxNNNDYxBDC87ZvZ2MZkRczCKrXhDhSzd
1P47JxC8Pf8Tfpv6s5ngBChd/DjSMtlKh8U5RGn/aefY3bJo8xBjVE3uNbFvKVin
b1P8QkuBWryYxxhgQ45iOGT+0vdCqomNAgPEcZht/XELCrcqA7ux4Yk7ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBggP8VqZR2veNc6kmXuw8IZ8ZmcMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvR0NBX3hXcGxIYTk0MXpxU1plN0R3aG54bVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy9/MA0G
CSqGSIb3DQEBCwUAA4IBAQBEXBA4QEFTEKIMuUFNGgXr4162hk3oN9nM4ubqnVOp
Wfvxu3S8iXHfQQ35YPOE7ZMAcVM2ABWsTwbxOsIXNrm56Fi/VMh/H+a7Tmq6lvvY
L2QYsf/JyvWSDqIfJvXVO0Fx05TLdyAaVIbwTfZT+HXrEhSdwWeOOo+GPqlb3oG1
yCt6i9nTijfxPBrY0f/zSHrle9mAzFlLlPEZzAjpRFYGzSzzht5gyq/GLidO6mcz
+kM8lAUqir85bxb6cyIk0Dz8yKREj9jiSVnZY2wsb4MURl2tCOexjnFywlC0TRnC
58PAKmYpuxsX1bfv6cNT9VLDRjuJYDlzcdSPqrqm8cVr
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:21 2025 by rpki-client