Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c2QsViMN7gl9E7DG46uWvPRcgd4.roa
File: c2QsViMN7gl9E7DG46uWvPRcgd4.roa (raw, json)
Hash identifier: d6t6pX7BwUpzehrHKFoUVhCuYcvSAwtAuHjFKVkVogY=
Subject key identifier: 73:64:2C:56:23:0D:EE:09:7D:13:B0:C6:E3:AB:96:BC:F4:5C:81:DE
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018824D75630E9CB7C69776E00AECC98568C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c2QsViMN7gl9E7DG46uWvPRcgd4.roa
Signing time: Tue 16 May 2023 13:54:32 +0000
ROA not before: Tue 16 May 2023 13:54:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204532
IP address blocks: 146.120.206.0/24 maxlen: 24
95.47.168.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:d7:56:30:e9:cb:7c:69:77:6e:00:ae:cc:98:56:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 16 13:54:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73642c56230dee097d13b0c6e3ab96bcf45c81de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c7:08:9d:53:54:30:f3:a3:35:c3:32:35:ee:
66:ab:9c:9c:0d:67:d0:ce:59:48:14:f4:b1:b4:6b:
94:48:b4:76:65:f1:96:0f:51:b6:f1:db:b7:85:72:
fd:7f:03:24:51:5d:92:00:25:a6:2f:6b:f3:c1:a2:
c1:0a:63:73:92:8c:9f:9f:b3:db:bf:f1:d1:a0:f8:
ac:97:b2:b2:40:f6:89:cb:22:2e:4a:83:5c:58:51:
99:dd:c7:c1:cb:f5:00:88:63:c1:22:65:17:f8:b2:
74:f0:bd:1a:db:0e:35:88:91:27:15:c9:07:70:8c:
e8:17:ab:3b:4b:e2:39:5d:89:60:ab:46:96:14:29:
3e:31:b1:67:c7:9d:d5:d1:30:6b:c8:ae:cd:66:f1:
01:50:aa:d9:40:d9:e8:82:8b:cd:f2:71:03:c7:65:
8b:e2:4c:c5:58:f4:b0:c9:7c:98:08:25:bc:32:fd:
95:4d:e3:ee:a7:43:82:f6:b3:c7:2d:0f:9f:de:d8:
c2:ee:b1:b2:f3:b3:50:cb:aa:e1:a5:09:f6:ec:e1:
ca:9b:b3:42:1a:54:d4:b9:b5:a9:fc:16:ec:93:f1:
bf:9a:25:d5:98:0c:ee:6c:2e:d3:75:15:2b:e4:0c:
cb:39:4e:26:5a:02:fa:da:80:92:9b:20:c0:55:46:
46:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:64:2C:56:23:0D:EE:09:7D:13:B0:C6:E3:AB:96:BC:F4:5C:81:DE
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/c2QsViMN7gl9E7DG46uWvPRcgd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.168.0/23
146.120.206.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ef:da:e9:a2:71:06:dc:bc:6b:38:dd:0a:33:b0:66:65:27:
88:19:ad:c9:6c:04:50:2e:b3:5d:91:33:ab:b2:a0:82:20:80:
48:3f:9a:61:bd:8f:88:c2:b8:bc:94:d8:7b:bf:60:9b:60:07:
2d:5d:c8:fa:75:8c:e3:2c:89:c1:1b:1e:cc:ae:db:93:ed:ee:
82:f3:ab:1b:31:7d:c8:55:b1:6c:1b:69:b3:02:78:ca:ea:9c:
25:70:2e:1a:f3:ab:c7:e3:07:23:8f:21:49:5c:4d:d2:69:fc:
b6:99:26:6b:3b:43:89:e2:d5:1f:bd:d5:8c:74:a3:87:cd:aa:
92:0d:88:f2:39:25:e2:4a:93:ed:fa:c0:27:9d:88:d0:af:ef:
ce:a3:df:e9:f6:3c:32:fc:e5:e3:da:ca:f8:91:bf:cb:e9:94:
cb:f9:9e:4f:40:b3:fb:08:61:47:ab:e8:e2:ea:ae:9e:30:6f:
79:7e:1b:91:59:d0:96:23:c2:4b:c6:b6:da:7f:41:6e:00:74:
fb:23:f6:be:97:15:fd:62:60:6c:fb:6b:2c:51:14:d3:d7:e9:
f0:45:40:29:47:c9:fc:2c:fe:c0:5b:a4:9b:81:18:8e:7f:8a:
91:30:12:3c:eb:87:59:71:0f:2e:ac:d3:e1:08:a6:06:c9:41:
72:09:54:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgk11Yw6ct8aXduAK7MmFaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNTE2MTM1NDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY0MmM1NjIzMGRlZTA5N2QxM2IwYzZlM2FiOTZiY2Y0NWM4MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMcInVNUMPOjNcMyNe5mq5ycDWfQ
zllIFPSxtGuUSLR2ZfGWD1G28du3hXL9fwMkUV2SACWmL2vzwaLBCmNzkoyfn7Pb
v/HRoPisl7KyQPaJyyIuSoNcWFGZ3cfBy/UAiGPBImUX+LJ08L0a2w41iJEnFckH
cIzoF6s7S+I5XYlgq0aWFCk+MbFnx53V0TBryK7NZvEBUKrZQNnogovN8nEDx2WL
4kzFWPSwyXyYCCW8Mv2VTePup0OC9rPHLQ+f3tjC7rGy87NQy6rhpQn27OHKm7NC
GlTUubWp/Bbsk/G/miXVmAzubC7TdRUr5AzLOU4mWgL62oCSmyDAVUZGKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHNkLFYjDe4JfROwxuOrlrz0XIHeMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYzJRc1ZpTU43Z2w5RTdERzQ2dVd2UFJjZ2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXy+oAwQA
knjOMA0GCSqGSIb3DQEBCwUAA4IBAQCD79rponEG3LxrON0KM7BmZSeIGa3JbARQ
LrNdkTOrsqCCIIBIP5phvY+Iwri8lNh7v2CbYActXcj6dYzjLInBGx7MrtuT7e6C
86sbMX3IVbFsG2mzAnjK6pwlcC4a86vH4wcjjyFJXE3Safy2mSZrO0OJ4tUfvdWM
dKOHzaqSDYjyOSXiSpPt+sAnnYjQr+/Oo9/p9jwy/OXj2sr4kb/L6ZTL+Z5PQLP7
CGFHq+ji6q6eMG95fhuRWdCWI8JLxrbaf0FuAHT7I/a+lxX9YmBs+2ssURTT1+nw
RUApR8n8LP7AW6SbgRiOf4qRMBI864dZcQ8urNPhCKYGyUFyCVQ3
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:08 2025 by rpki-client