Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H3Aj-Xb8xQDR1YYE1SoKYNNVVos.roa
File: H3Aj-Xb8xQDR1YYE1SoKYNNVVos.roa (raw, json)
Hash identifier: +KIyIttA77G31ULyQ4BReQp1EBuS8nEtch3mjYn08K4=
Subject key identifier: 1F:70:23:F9:76:FC:C5:00:D1:D5:86:04:D5:2A:0A:60:D3:55:56:8B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194259007D63125AAABDC1E0C3702BEE4BF
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H3Aj-Xb8xQDR1YYE1SoKYNNVVos.roa
Signing time: Thu 02 Jan 2025 05:49:43 +0000
ROA not before: Thu 02 Jan 2025 05:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210442
IP address blocks: 95.46.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:90:07:d6:31:25:aa:ab:dc:1e:0c:37:02:be:e4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f7023f976fcc500d1d58604d52a0a60d355568b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:4b:62:b0:dd:f2:7e:33:9d:73:ab:29:bb:
93:7f:9f:95:c5:2c:e3:20:93:b0:cc:26:9a:cf:e6:
eb:d7:c3:e5:0b:f3:66:f1:05:b7:4a:82:0f:7f:d3:
d7:cc:e1:b4:01:fc:74:04:f4:2a:b3:ec:89:e8:b6:
02:c9:0b:54:0d:52:d0:c7:33:a4:65:48:7c:a9:4c:
50:51:e3:f2:16:bc:85:04:23:59:cf:6f:d3:1b:4b:
28:a7:8c:e9:50:e3:fb:e2:1e:65:eb:50:d5:a7:07:
f7:16:82:0c:f2:ff:12:cc:f1:92:76:83:f9:68:88:
20:af:39:8e:d1:e8:5a:70:c2:f5:6f:5a:49:54:a5:
53:18:88:0a:2c:8a:7c:84:08:85:9b:91:91:a2:f2:
1f:6c:44:7b:e0:86:55:9d:e9:32:0a:1d:5a:26:7e:
f9:0b:83:80:89:28:d9:a9:a2:ce:f5:8f:53:c0:ad:
fc:95:c3:6b:88:c9:06:05:1a:26:01:77:13:b9:85:
82:5b:cf:f0:7e:ed:3e:49:95:34:8d:ca:a2:cf:b2:
f8:6a:da:f6:f9:26:0a:59:fd:65:76:4f:24:ca:77:
17:37:f9:2c:f2:f2:70:93:fd:1f:d8:6b:b4:39:34:
b3:40:42:93:5f:33:53:61:bc:c7:bc:f5:4e:57:22:
37:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:70:23:F9:76:FC:C5:00:D1:D5:86:04:D5:2A:0A:60:D3:55:56:8B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H3Aj-Xb8xQDR1YYE1SoKYNNVVos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.72.0/24
Signature Algorithm: sha256WithRSAEncryption
29:7e:c4:cc:25:be:29:9b:ff:0e:7a:95:14:74:23:61:bc:86:
71:3e:15:33:79:2f:8a:2d:c7:46:70:2b:00:04:ea:73:8d:c5:
06:95:75:fd:22:82:e3:93:ac:18:f4:fa:60:24:18:8f:31:24:
2c:f0:6f:a0:12:8e:79:0e:e9:17:b0:4f:9f:58:75:90:f0:f5:
f2:73:2c:c7:bf:63:cd:36:40:2c:0c:4d:30:75:fa:3a:64:ef:
f8:ac:c7:d8:a9:2d:af:61:2d:d2:8f:36:21:c5:3a:fa:f8:45:
24:73:a9:30:d3:81:97:5a:90:a1:ae:54:39:11:05:2e:07:c1:
fa:18:43:5a:2f:4d:60:df:59:ef:b6:aa:d2:f9:de:97:68:15:
e7:6b:89:01:79:b6:fa:98:17:ed:ee:0c:c2:4f:c5:f7:f3:f2:
5a:20:08:cc:46:d6:9c:2c:27:d2:e7:2c:e5:ca:d1:63:36:f2:
49:cf:b5:f2:1c:a5:46:da:23:15:ae:f3:96:bf:9e:44:64:64:
ae:8c:d3:8b:07:22:ac:97:79:ca:d3:9f:05:6f:07:22:f3:b0:
87:c9:09:74:51:5e:93:3b:6a:a2:15:b1:1a:78:3f:32:31:ab:
78:28:06:ca:72:03:fa:d3:a1:8e:7f:9a:35:41:42:01:95:56:
96:22:47:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlkAfWMSWqq9weDDcCvuS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjcwMjNmOTc2ZmNjNTAwZDFkNTg2MDRkNTJhMGE2MGQzNTU1NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4ZLYrDd8n4znXOrKbuTf5+VxSzj
IJOwzCaaz+br18PlC/Nm8QW3SoIPf9PXzOG0Afx0BPQqs+yJ6LYCyQtUDVLQxzOk
ZUh8qUxQUePyFryFBCNZz2/TG0sop4zpUOP74h5l61DVpwf3FoIM8v8SzPGSdoP5
aIggrzmO0ehacML1b1pJVKVTGIgKLIp8hAiFm5GRovIfbER74IZVnekyCh1aJn75
C4OAiSjZqaLO9Y9TwK38lcNriMkGBRomAXcTuYWCW8/wfu0+SZU0jcqiz7L4atr2
+SYKWf1ldk8kyncXN/ks8vJwk/0f2Gu0OTSzQEKTXzNTYbzHvPVOVyI3qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9wI/l2/MUA0dWGBNUqCmDTVVaLMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSDNBai1YYjh4UURSMVlZRTFTb0tZTk5WVm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy5IMA0G
CSqGSIb3DQEBCwUAA4IBAQApfsTMJb4pm/8OepUUdCNhvIZxPhUzeS+KLcdGcCsA
BOpzjcUGlXX9IoLjk6wY9PpgJBiPMSQs8G+gEo55DukXsE+fWHWQ8PXycyzHv2PN
NkAsDE0wdfo6ZO/4rMfYqS2vYS3SjzYhxTr6+EUkc6kw04GXWpChrlQ5EQUuB8H6
GENaL01g31nvtqrS+d6XaBXna4kBebb6mBft7gzCT8X38/JaIAjMRtacLCfS5yzl
ytFjNvJJz7XyHKVG2iMVrvOWv55EZGSujNOLByKsl3nK058Fbwci87CHyQl0UV6T
O2qiFbEaeD8yMat4KAbKcgP606GOf5o1QUIBlVaWIkc5
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:16:40 2025 by rpki-client