Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QXby0u49CpxNIEhU5n9A4y7Q3I4.roa
File: QXby0u49CpxNIEhU5n9A4y7Q3I4.roa (raw, json)
Hash identifier: KA83RepLAqamfmhg/0aI7BYat+7ixk5ioz+8JTl5ihE=
Subject key identifier: 41:76:F2:D2:EE:3D:0A:9C:4D:20:48:54:E6:7F:40:E3:2E:D0:DC:8E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F98EBD4F1D533E057B2C98496B1AA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QXby0u49CpxNIEhU5n9A4y7Q3I4.roa
Signing time: Thu 02 Jan 2025 05:49:15 +0000
ROA not before: Thu 02 Jan 2025 05:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41967
IP address blocks: 95.47.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:98:eb:d4:f1:d5:33:e0:57:b2:c9:84:96:b1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4176f2d2ee3d0a9c4d204854e67f40e32ed0dc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:69:b3:57:d8:02:8b:3f:1a:22:b5:c0:89:
76:2a:d6:55:55:83:15:de:3d:34:64:58:4d:af:03:
91:09:b6:b6:1b:76:34:01:9f:ac:df:21:7b:69:bc:
e8:c1:86:be:16:12:87:ed:8b:31:5c:33:02:a8:2d:
c6:b4:3d:67:6b:d0:e8:2b:c3:2d:df:9e:e9:5e:55:
1b:be:0b:aa:0d:4c:dd:7f:4b:ed:e3:a3:64:d9:0f:
3c:e4:a1:53:a3:40:c8:72:e3:c7:97:b2:46:4e:fd:
0e:38:7e:18:ae:68:1c:b7:ad:c9:69:26:5d:32:e5:
23:4f:ba:9d:49:76:7e:df:ac:71:55:f0:14:e7:ae:
c8:36:17:bd:94:d2:86:45:8a:d4:d3:73:44:52:f5:
06:5f:83:51:e6:d7:88:c7:51:e6:06:34:38:6b:42:
fc:d5:9d:46:da:1c:41:21:df:9e:b7:56:1e:6c:f4:
cd:ec:ef:72:46:27:00:8e:9e:23:36:ea:86:60:c8:
c8:9c:6b:6f:aa:13:e4:9b:73:d6:69:ba:54:6b:47:
16:be:a9:e4:b7:9d:b1:0c:2c:c6:27:d6:a5:13:25:
82:64:d8:09:fb:bd:1e:52:cb:d2:35:1e:37:bc:26:
b9:52:e8:81:34:a0:07:e0:22:e7:29:a7:b5:7e:f8:
b9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:76:F2:D2:EE:3D:0A:9C:4D:20:48:54:E6:7F:40:E3:2E:D0:DC:8E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/QXby0u49CpxNIEhU5n9A4y7Q3I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.148.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:f6:aa:f6:1a:b8:45:d6:bd:7f:ad:ba:b3:c9:f2:16:1b:ac:
93:35:66:60:5e:b9:d1:1d:03:4f:ca:57:42:e3:11:2a:02:39:
2a:2c:29:a0:d1:8f:42:0f:66:52:ef:31:32:5d:a2:aa:0b:f3:
13:da:7d:8c:07:7c:8b:b7:b1:9d:55:fe:3a:31:e4:32:2f:97:
3b:53:99:6c:81:29:db:89:45:f5:cf:1e:8e:1a:24:15:e8:71:
4a:97:bd:56:ee:19:da:e3:42:34:79:b7:90:31:d6:34:8f:a6:
3a:0b:7c:d3:13:73:61:2e:ea:d3:b6:57:0b:d1:7d:d8:47:84:
c3:ea:77:57:cb:c5:d0:63:d7:f5:b3:59:50:3c:fd:31:59:01:
1a:96:fd:f4:09:c4:a0:34:89:76:cc:e1:2d:ea:06:5f:65:f0:
47:5c:26:79:f4:21:87:de:7b:54:46:e0:57:a7:4b:b5:2d:e7:
6e:b7:1b:1b:ec:1c:1f:7d:d3:42:ca:c7:7d:c1:45:19:c5:c1:
8c:8d:24:96:15:8e:c3:a3:3a:19:1d:56:85:fc:bc:bd:09:4d:
d7:d0:45:21:29:c6:86:ff:69:e5:49:71:25:15:52:0c:3b:3f:
d2:86:ee:37:8a:0d:c7:27:46:74:3b:dd:90:d0:e5:f6:d3:4f:
f2:a0:27:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5jr1PHVM+BXssmElrGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc2ZjJkMmVlM2QwYTljNGQyMDQ4NTRlNjdmNDBlMzJlZDBkYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg1ps1fYAos/GiK1wIl2KtZVVYMV
3j00ZFhNrwORCba2G3Y0AZ+s3yF7abzowYa+FhKH7YsxXDMCqC3GtD1na9DoK8Mt
357pXlUbvguqDUzdf0vt46Nk2Q885KFTo0DIcuPHl7JGTv0OOH4Yrmgct63JaSZd
MuUjT7qdSXZ+36xxVfAU567INhe9lNKGRYrU03NEUvUGX4NR5teIx1HmBjQ4a0L8
1Z1G2hxBId+et1YebPTN7O9yRicAjp4jNuqGYMjInGtvqhPkm3PWabpUa0cWvqnk
t52xDCzGJ9alEyWCZNgJ+70eUsvSNR43vCa5UuiBNKAH4CLnKae1fvi5awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEF28tLuPQqcTSBIVOZ/QOMu0NyOMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUVhieTB1NDlDcHhOSUVoVTVuOUE0eTdRM0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy+UMA0G
CSqGSIb3DQEBCwUAA4IBAQA99qr2GrhF1r1/rbqzyfIWG6yTNWZgXrnRHQNPyldC
4xEqAjkqLCmg0Y9CD2ZS7zEyXaKqC/MT2n2MB3yLt7GdVf46MeQyL5c7U5lsgSnb
iUX1zx6OGiQV6HFKl71W7hna40I0ebeQMdY0j6Y6C3zTE3NhLurTtlcL0X3YR4TD
6ndXy8XQY9f1s1lQPP0xWQEalv30CcSgNIl2zOEt6gZfZfBHXCZ59CGH3ntURuBX
p0u1Ledutxsb7BwffdNCysd9wUUZxcGMjSSWFY7DozoZHVaF/Ly9CU3X0EUhKcaG
/2nlSXElFVIMOz/Shu43ig3HJ0Z0O92Q0OX200/yoCdf
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:07 2025 by rpki-client