Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N3OUPvzeC4SVv2PMkpuAWdHit5k.roa
File: N3OUPvzeC4SVv2PMkpuAWdHit5k.roa (raw, json)
Hash identifier: YgDkLDPv6UYAqIBI2RVKH232upkEQiT2zphUgjkE1d8=
Subject key identifier: 37:73:94:3E:FC:DE:0B:84:95:BF:63:CC:92:9B:80:59:D1:E2:B7:99
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 28A73AB7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N3OUPvzeC4SVv2PMkpuAWdHit5k.roa
Signing time: Mon 24 Jan 2022 09:59:19 +0000
ROA not before: Mon 24 Jan 2022 09:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41575
IP address blocks: 95.46.144.0/24 maxlen: 24
95.46.34.0/23 maxlen: 24
31.148.224.0/20 maxlen: 24
93.171.48.0/20 maxlen: 24
31.148.32.0/21 maxlen: 24
93.171.80.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 682048183 (0x28a73ab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 24 09:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3773943efcde0b8495bf63cc929b8059d1e2b799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:14:25:80:90:7c:c9:63:46:4a:9c:f3:39:0d:
8a:d2:2c:61:b3:05:24:4a:11:91:1c:10:15:60:9a:
92:bd:4a:0e:c1:fb:90:bd:7e:db:d8:fe:fc:75:73:
93:cd:de:aa:b3:83:a5:5d:88:90:5d:58:d8:ee:16:
25:ae:5e:cb:4a:be:ac:13:91:21:6d:3e:83:a7:c1:
f9:6a:b0:fe:58:63:85:fb:ec:d5:c2:b9:c6:f0:42:
e6:e2:18:ed:53:38:b2:e6:18:ee:0f:43:f5:d4:21:
6a:44:56:25:fe:eb:a4:6f:07:0f:18:e7:3d:cb:a1:
6f:02:32:1f:dd:98:d1:23:48:63:be:b8:45:61:3e:
36:ae:aa:98:a9:cb:7b:ce:a9:4c:64:1e:d3:bf:4e:
d4:09:32:ef:d8:a1:7d:6e:f9:af:cc:09:7f:6a:7a:
1b:d6:fa:44:b2:2f:79:ac:5e:50:da:f3:8e:85:55:
40:24:15:73:0a:9e:9c:b2:f0:e3:f7:3c:e4:b8:a4:
d7:b5:65:4b:63:bc:b3:6e:4b:f4:e0:5d:50:3e:64:
bc:6d:21:7c:37:e6:71:1f:41:50:cb:a9:a4:8e:5f:
18:c7:d5:4c:ff:a0:71:a1:3c:d3:ed:51:72:e8:00:
3a:0d:72:f3:23:da:bc:8a:0e:e5:7e:3f:65:cb:50:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:73:94:3E:FC:DE:0B:84:95:BF:63:CC:92:9B:80:59:D1:E2:B7:99
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/N3OUPvzeC4SVv2PMkpuAWdHit5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.32.0/21
31.148.224.0/20
93.171.48.0/20
93.171.80.0/20
95.46.34.0/23
95.46.144.0/24
Signature Algorithm: sha256WithRSAEncryption
31:af:be:2d:34:d8:da:85:39:71:f6:5f:cf:64:7c:49:4b:bd:
66:aa:83:b5:e1:49:84:ca:aa:3f:59:f2:35:01:5e:c9:e7:20:
af:c9:52:78:19:65:15:fd:59:fe:3c:95:0d:dd:08:82:83:8a:
6d:05:27:e6:e5:f7:60:5d:e9:8c:6d:36:ad:fa:6b:ca:a8:de:
99:2b:c4:aa:80:f6:5c:f3:fe:00:c8:c9:e3:0c:29:9a:fe:e6:
f4:50:00:10:b2:99:f2:5d:46:c7:73:0f:ae:af:38:c7:2f:d8:
7e:81:44:db:b6:62:2d:92:78:3a:b0:aa:47:0c:14:ca:68:a8:
4c:2b:bd:2c:69:f1:ce:1f:e2:89:d6:01:fd:d6:e4:c0:f3:a3:
db:fd:28:0e:55:8e:e5:5e:c3:ad:31:33:95:6e:cd:48:dd:98:
3a:dc:f9:7c:2f:a4:30:80:4f:39:3d:4f:d4:51:3a:b7:26:e1:
db:77:27:b1:8e:02:22:a1:60:58:ec:ed:9e:97:a8:69:17:c6:
0d:74:20:c2:89:85:1c:fb:26:38:77:98:2d:09:60:9c:b3:32:
1c:41:eb:43:38:c6:46:7b:ca:ca:e3:e1:34:16:bf:a0:91:05:
24:6f:5e:9c:45:1d:85:4f:87:0c:7a:2e:59:e8:9e:e1:a9:75:
79:37:52:ae
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEKKc6tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEy
NDA5NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc3Mzk0M2VmY2Rl
MGI4NDk1YmY2M2NjOTI5YjgwNTlkMWUyYjc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYUJYCQfMljRkqc8zkNitIsYbMFJEoRkRwQFWCakr1KDsH7
kL1+29j+/HVzk83eqrODpV2IkF1Y2O4WJa5ey0q+rBORIW0+g6fB+Wqw/lhjhfvs
1cK5xvBC5uIY7VM4suYY7g9D9dQhakRWJf7rpG8HDxjnPcuhbwIyH92Y0SNIY764
RWE+Nq6qmKnLe86pTGQe079O1Aky79ihfW75r8wJf2p6G9b6RLIveaxeUNrzjoVV
QCQVcwqenLLw4/c85Lik17VlS2O8s25L9OBdUD5kvG0hfDfmcR9BUMuppI5fGMfV
TP+gcaE80+1RcugAOg1y8yPavIoO5X4/ZctQKWECAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ3c5Q+/N4LhJW/Y8ySm4BZ0eK3mTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L04zT1VQdnplQzRTVnYyUE1rcHVBV2RIaXQ1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAx+UIAMEBB+U4AMEBF2rMAMEBF2r
UAMEAV8uIgMEAF8ukDANBgkqhkiG9w0BAQsFAAOCAQEAMa++LTTY2oU5cfZfz2R8
SUu9ZqqDteFJhMqqP1nyNQFeyecgr8lSeBllFf1Z/jyVDd0IgoOKbQUn5uX3YF3p
jG02rfpryqjemSvEqoD2XPP+AMjJ4wwpmv7m9FAAELKZ8l1Gx3MPrq84xy/YfoFE
27ZiLZJ4OrCqRwwUymioTCu9LGnxzh/iidYB/dbkwPOj2/0oDlWO5V7DrTEzlW7N
SN2YOtz5fC+kMIBPOT1P1FE6tybh23cnsY4CIqFgWOztnpeoaRfGDXQgwomFHPsm
OHeYLQlgnLMyHEHrQzjGRnvKyuPhNBa/oJEFJG9enEUdhU+HDHouWeie4al1eTdS
rg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:28 2025 by rpki-client