Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ItMcRmdZKkaVheko6pRBbvppgus.roa
File: ItMcRmdZKkaVheko6pRBbvppgus.roa (raw, json)
Hash identifier: fLvI3fI1K2wE6IArolXmGdr3AqRdkd0tArgkT8+xnJw=
Subject key identifier: 22:D3:1C:46:67:59:2A:46:95:85:E9:28:EA:94:41:6E:FA:69:82:EB
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018AFB8566FFFE6B542012504CA2F8F3537D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ItMcRmdZKkaVheko6pRBbvppgus.roa
Signing time: Wed 04 Oct 2023 16:28:58 +0000
ROA not before: Wed 04 Oct 2023 16:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35004
IP address blocks: 93.170.116.0/22 maxlen: 24
93.170.118.0/24 maxlen: 24
31.148.149.0/24 maxlen: 24
95.47.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:85:66:ff:fe:6b:54:20:12:50:4c:a2:f8:f3:53:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 4 16:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22d31c4667592a469585e928ea94416efa6982eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:f5:a4:0a:ff:2e:22:72:c0:b1:53:b5:41:
82:1f:11:47:19:50:9d:26:c6:36:7c:3c:16:a2:b0:
e4:94:7f:7f:fa:d4:62:a3:7f:6d:be:03:cb:64:1f:
3a:d9:86:4f:13:3a:da:35:c5:cf:8b:8e:d3:fd:de:
1d:e4:7b:a7:10:95:ff:7f:59:a2:30:94:22:d2:41:
b8:5b:8e:33:26:78:18:b6:5b:5d:fe:e2:bd:df:d9:
31:d6:c1:79:e7:48:9d:da:84:1d:3d:47:b6:85:61:
3b:13:15:7d:74:7f:4a:c2:de:96:ab:f6:a5:98:bf:
d5:27:ad:05:34:1a:52:f8:79:eb:a5:76:88:f5:e9:
57:56:13:44:8a:8b:02:e8:ac:2a:c0:72:e1:c1:48:
13:59:6f:06:29:b4:b9:4b:f0:7a:b5:26:e2:34:87:
4f:81:79:37:75:bd:74:e2:d4:96:5a:2b:ab:1e:06:
b7:19:c4:22:c2:e7:5c:2f:68:6c:23:9b:91:77:92:
b2:d3:78:33:07:73:8b:fb:2c:85:7f:58:9e:67:37:
6a:62:ac:a3:3a:7f:84:65:18:ef:e4:53:76:76:c8:
75:ba:0f:cf:03:6b:a7:4b:fd:17:41:0b:26:a2:02:
98:60:0a:5b:2d:36:70:53:65:84:f4:40:ff:92:40:
22:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D3:1C:46:67:59:2A:46:95:85:E9:28:EA:94:41:6E:FA:69:82:EB
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ItMcRmdZKkaVheko6pRBbvppgus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.149.0/24
93.170.116.0/22
95.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b5:79:f5:4c:29:e3:db:52:37:08:2b:99:36:58:79:ad:5d:
b7:a0:96:d1:1a:16:e7:fe:41:27:38:0b:27:00:b1:1a:89:81:
51:2d:01:f5:98:cc:53:90:4c:16:9b:56:b4:23:a1:34:ba:ca:
c2:83:cb:ca:78:05:60:84:f6:4a:56:f5:14:47:f2:d8:bd:23:
77:a3:9c:f6:67:10:d9:33:68:55:52:81:2e:ed:d0:ba:90:36:
e9:74:0b:48:f4:81:fd:40:95:f6:80:63:fd:fe:a3:4b:99:8f:
d0:a3:d2:4c:02:77:fb:22:ef:42:64:83:74:93:fc:24:0f:76:
22:c2:74:55:8b:55:ff:43:7f:3a:a5:86:54:d7:d2:74:e6:b3:
8c:d6:b5:2e:81:96:8a:b0:b7:a0:dd:56:12:ee:06:d0:21:e4:
41:30:f7:07:5a:6d:d4:c4:ff:c8:13:c8:8f:7f:58:a9:ed:0a:
35:b4:1e:8e:6c:a1:2d:42:9b:28:eb:48:7f:ec:c7:df:36:35:
54:1f:56:bb:61:93:cb:a3:18:5b:15:98:da:9c:2f:3f:4c:37:
5a:4e:ce:3a:83:c6:01:10:8a:bd:f6:82:92:98:2b:7a:e5:95:
48:7c:56:b3:66:9e:98:d3:73:d1:5e:80:2a:83:a6:4f:9f:25:
8c:71:8f:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr7hWb//mtUIBJQTKL481N9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMDA0MTYyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQzMWM0NjY3NTkyYTQ2OTU4NWU5MjhlYTk0NDE2ZWZhNjk4MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJD1pAr/LiJywLFTtUGCHxFHGVCd
JsY2fDwWorDklH9/+tRio39tvgPLZB862YZPEzraNcXPi47T/d4d5HunEJX/f1mi
MJQi0kG4W44zJngYtltd/uK939kx1sF550id2oQdPUe2hWE7ExV9dH9Kwt6Wq/al
mL/VJ60FNBpS+HnrpXaI9elXVhNEiosC6KwqwHLhwUgTWW8GKbS5S/B6tSbiNIdP
gXk3db104tSWWiurHga3GcQiwudcL2hsI5uRd5Ky03gzB3OL+yyFf1ieZzdqYqyj
On+EZRjv5FN2dsh1ug/PA2unS/0XQQsmogKYYApbLTZwU2WE9ED/kkAi2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCLTHEZnWSpGlYXpKOqUQW76aYLrMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSXRNY1JtZFpLa2FWaGVrbzZwUkJidnBwZ3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5SVAwQC
Xap0AwQAXy87MA0GCSqGSIb3DQEBCwUAA4IBAQBdtXn1TCnj21I3CCuZNlh5rV23
oJbRGhbn/kEnOAsnALEaiYFRLQH1mMxTkEwWm1a0I6E0usrCg8vKeAVghPZKVvUU
R/LYvSN3o5z2ZxDZM2hVUoEu7dC6kDbpdAtI9IH9QJX2gGP9/qNLmY/Qo9JMAnf7
Iu9CZIN0k/wkD3YiwnRVi1X/Q386pYZU19J05rOM1rUugZaKsLeg3VYS7gbQIeRB
MPcHWm3UxP/IE8iPf1ip7Qo1tB6ObKEtQpso60h/7MffNjVUH1a7YZPLoxhbFZja
nC8/TDdaTs46g8YBEIq99oKSmCt65ZVIfFazZp6Y03PRXoAqg6ZPnyWMcY+A
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:05 2025 by rpki-client