Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OvfXaBx6Dwjpy7zK88l4ExnFZNs.roa
File: OvfXaBx6Dwjpy7zK88l4ExnFZNs.roa (raw, json)
Hash identifier: ZE2lmfIttkB1Cygn2aWQzHe/oneo0+vbD5naxqDb12A=
Subject key identifier: 3A:F7:D7:68:1C:7A:0F:08:E9:CB:BC:CA:F3:C9:78:13:19:C5:64:DB
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27FD2B14
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OvfXaBx6Dwjpy7zK88l4ExnFZNs.roa
Signing time: Sat 01 Jan 2022 16:09:18 +0000
ROA not before: Sat 01 Jan 2022 16:09:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61240
IP address blocks: 95.47.255.0/24 maxlen: 24
93.170.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 670903060 (0x27fd2b14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3af7d7681c7a0f08e9cbbccaf3c9781319c564db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:95:15:f3:43:16:0a:56:c0:3f:e6:d5:42:8b:
15:09:e4:68:d0:de:84:73:80:ce:e5:ed:ba:ac:f3:
14:05:8d:2e:1d:8d:1a:d9:2a:47:91:5e:4f:72:57:
5a:67:f1:e6:ee:71:bb:b8:60:e3:96:0a:1d:14:5b:
38:ff:5e:4c:82:d1:c4:30:6c:15:16:3c:6c:60:34:
fc:f2:bf:e4:0e:a6:0d:0e:6a:71:42:be:70:5d:d3:
3e:30:57:b5:9e:da:65:fb:26:fd:76:1c:a3:58:87:
bc:e1:fb:fe:65:10:0e:a7:cb:94:08:5d:20:3d:d1:
02:40:bb:d7:3e:1a:92:27:67:5e:b4:03:42:95:94:
6d:1e:9c:cd:4b:09:a3:78:6d:de:a8:82:97:d3:2c:
f3:0d:17:b6:c2:86:fa:a2:da:20:aa:f6:bd:ea:df:
f6:db:3d:31:af:ac:f8:c3:cb:79:1d:6d:3b:a1:27:
4d:9f:44:ec:09:8c:6d:e2:b1:72:74:f8:c4:17:40:
48:c1:e0:5c:51:96:c4:b8:a8:f1:9d:fd:6f:b1:5a:
9d:a5:08:97:ed:b8:59:96:13:a6:30:55:3a:4a:92:
90:e7:c9:be:ab:14:64:cc:0a:9a:ec:db:35:bb:7d:
b0:9f:94:67:c3:ab:c2:f5:e1:bf:7a:d4:b1:fb:d7:
1d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F7:D7:68:1C:7A:0F:08:E9:CB:BC:CA:F3:C9:78:13:19:C5:64:DB
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/OvfXaBx6Dwjpy7zK88l4ExnFZNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.140.0/24
95.47.255.0/24
Signature Algorithm: sha256WithRSAEncryption
24:97:4c:55:4a:f8:80:72:42:50:1b:94:3e:71:f8:c3:50:7f:
22:9e:1c:93:e3:6d:fc:ff:10:c7:93:d7:7a:3f:52:59:8e:14:
ae:ed:87:10:1a:42:6a:93:eb:a7:ac:e9:d9:41:a9:3a:25:13:
21:6c:b2:2d:af:09:d1:71:27:a7:42:66:a1:4a:5d:60:44:8b:
d0:dd:ba:54:43:81:c7:99:e0:24:98:4b:f6:2d:47:a5:13:ce:
df:4b:04:fe:5d:e2:85:b2:bf:d6:c9:12:b4:de:97:2b:bc:38:
e8:d6:23:be:cf:80:df:c7:a5:46:9f:a4:2d:2a:7a:ae:fe:fd:
47:b1:92:db:e8:2f:76:2b:ad:d9:f9:b1:67:c5:07:5b:d6:ff:
7d:33:2a:9a:80:56:c8:77:1b:6b:b8:c4:1f:01:c7:ac:20:dc:
e2:5e:96:94:d8:7b:c3:c2:b3:a7:23:b0:b2:ab:d2:a3:20:d9:
9c:f2:da:2f:cb:9a:cf:50:fb:ec:7e:ee:79:c9:a6:3a:2c:da:
a6:8e:38:1a:23:bb:1d:c7:77:c9:04:ac:ed:be:97:ec:76:e0:
c6:6b:c9:ba:e1:00:ad:ce:96:20:1c:d8:08:a4:df:ee:3c:24:
ba:96:b8:bb:a0:06:3c:e2:25:de:45:2e:d4:0a:58:3a:93:28:
35:a1:ce:44
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEJ/0rFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FmN2Q3NjgxYzdh
MGYwOGU5Y2JiY2NhZjNjOTc4MTMxOWM1NjRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuVFfNDFgpWwD/m1UKLFQnkaNDehHOAzuXtuqzzFAWNLh2N
GtkqR5FeT3JXWmfx5u5xu7hg45YKHRRbOP9eTILRxDBsFRY8bGA0/PK/5A6mDQ5q
cUK+cF3TPjBXtZ7aZfsm/XYco1iHvOH7/mUQDqfLlAhdID3RAkC71z4akidnXrQD
QpWUbR6czUsJo3ht3qiCl9Ms8w0XtsKG+qLaIKr2verf9ts9Ma+s+MPLeR1tO6En
TZ9E7AmMbeKxcnT4xBdASMHgXFGWxLio8Z39b7FanaUIl+24WZYTpjBVOkqSkOfJ
vqsUZMwKmuzbNbt9sJ+UZ8OrwvXhv3rUsfvXHZECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ699doHHoPCOnLvMrzyXgTGcVk2zAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L092ZlhhQng2RHdqcHk3eks4OGw0RXhuRlpOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF2qjAMEAF8v/zANBgkqhkiG9w0B
AQsFAAOCAQEAJJdMVUr4gHJCUBuUPnH4w1B/Ip4ck+Nt/P8Qx5PXej9SWY4Uru2H
EBpCapPrp6zp2UGpOiUTIWyyLa8J0XEnp0JmoUpdYESL0N26VEOBx5ngJJhL9i1H
pRPO30sE/l3ihbK/1skStN6XK7w46NYjvs+A38elRp+kLSp6rv79R7GS2+gvdiut
2fmxZ8UHW9b/fTMqmoBWyHcba7jEHwHHrCDc4l6WlNh7w8KzpyOwsqvSoyDZnPLa
L8uaz1D77H7uecmmOizapo44GiO7Hcd3yQSs7b6X7HbgxmvJuuEArc6WIBzYCKTf
7jwkupa4u6AGPOIl3kUu1ApYOpMoNaHORA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:21 2025 by rpki-client