Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Or9mZ_0J7lDI8qhXEmdaujb8z0o.roa
File: Or9mZ_0J7lDI8qhXEmdaujb8z0o.roa (raw, json)
Hash identifier: BH3TNvYismJPkvAOdufSwH2U+cjMXFzZeXJFK17yn6Q=
Subject key identifier: 3A:BF:66:67:FD:09:EE:50:C8:F2:A8:57:12:67:5A:BA:36:FC:CF:4A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F880280B5BD081CFE54845C193F64
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Or9mZ_0J7lDI8qhXEmdaujb8z0o.roa
Signing time: Thu 02 Jan 2025 05:49:10 +0000
ROA not before: Thu 02 Jan 2025 05:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2864
IP address blocks: 95.46.0.0/24 maxlen: 24
95.46.140.0/23 maxlen: 24
95.47.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:88:02:80:b5:bd:08:1c:fe:54:84:5c:19:3f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3abf6667fd09ee50c8f2a85712675aba36fccf4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:e5:3d:67:fa:f1:d9:3b:2d:b7:9c:83:20:
c5:aa:eb:51:b2:e1:ec:b6:71:a7:6b:61:7f:de:74:
c5:1f:12:56:ef:65:07:80:d7:7e:3b:f0:65:da:fd:
71:c8:05:7b:93:88:9e:2a:c3:60:12:24:84:51:d9:
61:8b:70:b6:0e:8e:9b:e9:11:6d:d7:37:6f:7f:47:
57:ee:4a:f2:33:1f:d5:73:ae:84:98:4d:01:6d:80:
56:e5:54:ce:52:f5:8a:19:42:6b:bb:d3:32:d6:a1:
e0:e2:e1:6b:ae:82:64:53:82:e2:43:16:4b:01:93:
d5:22:c3:75:31:80:15:5f:62:55:06:5f:f1:97:d1:
0c:6d:db:23:8d:b6:bf:8f:a2:4e:7e:70:c7:6e:3b:
32:af:c0:05:2a:12:24:5b:01:f8:01:4e:17:c5:d8:
9a:ff:17:f9:70:6b:6a:94:5d:98:6a:71:1e:14:66:
dd:63:ee:fa:f0:62:ba:4d:d5:e9:0b:a8:80:d0:34:
7b:a8:ce:e3:51:61:6f:dc:8f:f6:70:ea:8f:e3:66:
83:a4:90:3e:a7:48:3f:fd:31:2b:4c:06:38:f8:ab:
a9:74:5a:67:3c:61:b5:ce:25:78:48:3f:60:4e:5e:
85:86:e1:8f:a9:fb:cd:72:c8:45:f0:e4:93:8c:26:
b5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BF:66:67:FD:09:EE:50:C8:F2:A8:57:12:67:5A:BA:36:FC:CF:4A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Or9mZ_0J7lDI8qhXEmdaujb8z0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.0.0/24
95.46.140.0/23
95.47.167.0/24
Signature Algorithm: sha256WithRSAEncryption
70:16:31:6e:5d:aa:00:5d:99:32:fb:87:69:a7:fb:f6:64:c3:
65:17:10:52:76:20:60:b6:bd:ad:df:bd:22:7c:d2:b5:0a:39:
f1:a3:a1:1e:21:4e:df:ea:e7:62:07:05:70:92:fc:80:28:0b:
bb:39:5c:d7:ee:2a:73:cb:cc:f9:e5:b3:00:1a:4d:24:f5:9e:
91:40:d5:73:6b:f3:24:22:57:04:17:ba:a4:38:d4:a4:3e:92:
06:f9:f1:29:db:d8:30:04:57:5a:4a:cf:9a:99:60:17:21:c1:
b4:1a:e8:23:49:27:c8:13:67:5a:40:42:f7:18:10:de:d8:01:
4a:5a:ce:ec:9b:de:72:15:f4:72:4d:96:2d:bf:75:c2:86:dd:
91:12:31:74:7d:18:9f:4a:57:2a:75:b0:5b:84:7b:c6:06:fe:
3b:b5:ef:42:03:ea:38:b0:0c:7c:0d:b4:62:e2:1d:b0:42:31:
08:ac:d6:5b:a6:55:a6:a4:8f:d0:c1:5e:b5:ea:db:97:2d:dd:
14:d4:34:9d:99:e3:bb:36:4b:57:53:71:96:dc:a1:27:b2:d8:
07:de:d3:a6:49:98:d5:75:70:0c:9d:4f:c7:e3:76:3e:10:32:
1e:7b:81:ed:a0:fd:c0:2a:0b:ce:18:63:dd:2e:7b:b5:56:15:
a9:96:17:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj4gCgLW9CBz+VIRcGT9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWJmNjY2N2ZkMDllZTUwYzhmMmE4NTcxMjY3NWFiYTM2ZmNjZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4DlPWf68dk7LbecgyDFqutRsuHs
tnGna2F/3nTFHxJW72UHgNd+O/Bl2v1xyAV7k4ieKsNgEiSEUdlhi3C2Do6b6RFt
1zdvf0dX7kryMx/Vc66EmE0BbYBW5VTOUvWKGUJru9My1qHg4uFrroJkU4LiQxZL
AZPVIsN1MYAVX2JVBl/xl9EMbdsjjba/j6JOfnDHbjsyr8AFKhIkWwH4AU4Xxdia
/xf5cGtqlF2YanEeFGbdY+768GK6TdXpC6iA0DR7qM7jUWFv3I/2cOqP42aDpJA+
p0g//TErTAY4+KupdFpnPGG1ziV4SD9gTl6FhuGPqfvNcshF8OSTjCa1SwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDq/Zmf9Ce5QyPKoVxJnWro2/M9KMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvT3I5bVpfMEo3bERJOHFoWEVtZGF1amI4ejBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXy4AAwQB
Xy6MAwQAXy+nMA0GCSqGSIb3DQEBCwUAA4IBAQBwFjFuXaoAXZky+4dpp/v2ZMNl
FxBSdiBgtr2t370ifNK1Cjnxo6EeIU7f6udiBwVwkvyAKAu7OVzX7ipzy8z55bMA
Gk0k9Z6RQNVza/MkIlcEF7qkONSkPpIG+fEp29gwBFdaSs+amWAXIcG0GugjSSfI
E2daQEL3GBDe2AFKWs7sm95yFfRyTZYtv3XCht2REjF0fRifSlcqdbBbhHvGBv47
te9CA+o4sAx8DbRi4h2wQjEIrNZbplWmpI/QwV616tuXLd0U1DSdmeO7NktXU3GW
3KEnstgH3tOmSZjVdXAMnU/H43Y+EDIee4HtoP3AKgvOGGPdLnu1VhWplhe/
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:58 2025 by rpki-client