Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aNJNVNxgENYnFokfDZyAQNIw_rY.roa
File: aNJNVNxgENYnFokfDZyAQNIw_rY.roa (raw, json)
Hash identifier: FY7R1KlQBiFAqMhb1F0RBtUorN6pbDhGFFvcBOwP8dg=
Subject key identifier: 68:D2:4D:54:DC:60:10:D6:27:16:89:1F:0D:9C:80:40:D2:30:FE:B6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01887C88B05D7F0609653D07288605334E1A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aNJNVNxgENYnFokfDZyAQNIw_rY.roa
Signing time: Fri 02 Jun 2023 14:35:12 +0000
ROA not before: Fri 02 Jun 2023 14:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59392
IP address blocks: 95.47.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:88:b0:5d:7f:06:09:65:3d:07:28:86:05:33:4e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jun 2 14:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68d24d54dc6010d62716891f0d9c8040d230feb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f8:91:3a:85:32:e2:96:d1:f7:20:6f:5a:60:
d5:34:02:a6:25:3b:7f:d7:10:58:d7:74:74:e0:41:
06:67:79:48:24:a7:ea:8c:20:c1:f8:92:a7:c4:c7:
5e:f2:bc:b1:b0:4e:04:3a:2b:1e:91:24:89:fe:a5:
e5:bc:e4:8f:ac:88:83:96:b2:5d:49:8d:75:db:1f:
5f:ce:89:58:9f:6a:c0:16:5b:c5:68:07:1b:fd:74:
c5:f2:3f:db:d0:9d:ed:82:5a:83:60:40:bf:a4:f5:
79:31:55:85:35:46:38:ad:8a:5b:3e:18:78:92:30:
1d:5c:83:25:ce:ca:a1:a6:3b:6d:49:d7:fd:59:4b:
c6:32:d2:ca:9b:2e:ac:36:09:bb:b8:53:97:ea:13:
46:5b:c3:7f:59:25:64:ac:fb:ae:0c:05:e4:05:66:
2a:d5:54:52:c7:94:b4:53:6b:65:74:b7:85:7e:7d:
a3:c9:f3:98:13:08:50:fa:92:98:23:36:a1:a8:83:
30:31:9d:36:96:09:99:2d:11:dd:29:9c:98:97:34:
43:fd:00:54:19:9d:0a:af:48:1d:48:e9:b5:86:63:
4d:20:b1:43:eb:e4:99:76:e9:a4:2e:b5:ac:91:cb:
ca:c9:95:55:b8:b8:19:3c:12:69:ae:61:ef:21:8b:
b8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D2:4D:54:DC:60:10:D6:27:16:89:1F:0D:9C:80:40:D2:30:FE:B6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aNJNVNxgENYnFokfDZyAQNIw_rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.204.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:a6:6a:1d:29:ec:71:05:17:2a:cb:fa:b3:02:99:83:2a:8f:
a5:64:ea:ec:f4:1f:3a:3d:c0:68:e1:ee:76:a3:c7:eb:b5:57:
b4:a4:70:c0:b8:09:7a:db:6f:02:82:5d:ca:fb:47:11:bf:21:
a2:2f:b2:a1:c2:e7:2a:08:81:06:84:a8:95:7d:e0:01:6a:91:
08:29:da:25:22:b9:ec:67:00:45:fb:be:99:e4:42:d3:28:ef:
da:52:fa:1d:42:52:f1:8d:e8:f1:f8:86:ce:ea:ee:a3:b2:dd:
73:73:29:17:f2:71:15:65:d9:57:3d:6e:52:fc:fc:b1:c9:0f:
95:3b:4c:cb:4b:26:22:cc:5b:0b:33:ec:85:2d:f0:83:a5:05:
be:6d:2f:05:c9:61:dc:6e:b7:8e:96:c0:f9:64:4b:84:3c:98:
b6:7c:fa:89:78:09:b7:ec:e7:eb:26:a0:6b:cc:b5:b9:1d:b5:
40:47:83:49:fd:f3:84:98:ec:a4:98:cc:ed:28:35:a2:ae:ea:
4c:80:1f:a1:1f:83:66:f8:14:64:b2:f1:eb:05:bb:b2:24:de:
ad:1d:2a:48:db:95:08:83:ee:88:e4:76:bc:da:c9:ea:15:63:
b1:61:30:b2:71:3b:5d:5f:7a:f2:5a:43:b8:e4:2e:97:bf:4f:
47:07:77:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh8iLBdfwYJZT0HKIYFM04aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNjAyMTQzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQyNGQ1NGRjNjAxMGQ2MjcxNjg5MWYwZDljODA0MGQyMzBmZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifiROoUy4pbR9yBvWmDVNAKmJTt/
1xBY13R04EEGZ3lIJKfqjCDB+JKnxMde8ryxsE4EOisekSSJ/qXlvOSPrIiDlrJd
SY112x9fzolYn2rAFlvFaAcb/XTF8j/b0J3tglqDYEC/pPV5MVWFNUY4rYpbPhh4
kjAdXIMlzsqhpjttSdf9WUvGMtLKmy6sNgm7uFOX6hNGW8N/WSVkrPuuDAXkBWYq
1VRSx5S0U2tldLeFfn2jyfOYEwhQ+pKYIzahqIMwMZ02lgmZLRHdKZyYlzRD/QBU
GZ0Kr0gdSOm1hmNNILFD6+SZdumkLrWskcvKyZVVuLgZPBJprmHvIYu4lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjSTVTcYBDWJxaJHw2cgEDSMP62MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYU5KTlZOeGdFTlluRm9rZkRaeUFRTkl3X3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy/MMA0G
CSqGSIb3DQEBCwUAA4IBAQCppmodKexxBRcqy/qzApmDKo+lZOrs9B86PcBo4e52
o8frtVe0pHDAuAl6228Cgl3K+0cRvyGiL7KhwucqCIEGhKiVfeABapEIKdolIrns
ZwBF+76Z5ELTKO/aUvodQlLxjejx+IbO6u6jst1zcykX8nEVZdlXPW5S/PyxyQ+V
O0zLSyYizFsLM+yFLfCDpQW+bS8FyWHcbreOlsD5ZEuEPJi2fPqJeAm37OfrJqBr
zLW5HbVAR4NJ/fOEmOykmMztKDWirupMgB+hH4Nm+BRksvHrBbuyJN6tHSpI25UI
g+6I5Ha82snqFWOxYTCycTtdX3ryWkO45C6Xv09HB3cz
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:13 2025 by rpki-client