Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hOHlVUakFE1UnjfnoqSgXRH6cXg.roa
File: hOHlVUakFE1UnjfnoqSgXRH6cXg.roa (raw, json)
Hash identifier: njLPR/Y0dQuffhAwXa1w+akuCI8qNROZC7VEzEYSOow=
Subject key identifier: 84:E1:E5:55:46:A4:14:4D:54:9E:37:E7:A2:A4:A0:5D:11:FA:71:78
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0184CD5F41D7A27B7B5EA284F95D740E0EA6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hOHlVUakFE1UnjfnoqSgXRH6cXg.roa
Signing time: Thu 01 Dec 2022 11:08:02 +0000
ROA not before: Thu 01 Dec 2022 11:08:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51803
IP address blocks: 95.46.32.0/24 maxlen: 24
2a02:128:21::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:5f:41:d7:a2:7b:7b:5e:a2:84:f9:5d:74:0e:0e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 1 11:08:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84e1e55546a4144d549e37e7a2a4a05d11fa7178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e5:26:4b:ae:cf:19:0f:72:b1:76:fc:e6:c9:
99:58:6d:a7:3c:21:d0:1d:1c:2f:0b:50:7a:1b:ce:
84:a3:bf:c0:4a:f3:a5:c0:d6:88:1b:21:2b:01:89:
9e:41:5f:d3:e0:a6:0c:1b:77:82:0a:43:cc:df:5d:
1c:73:b4:63:28:7a:8e:8c:5d:61:31:1a:84:36:0e:
90:48:26:f4:7c:93:04:9f:d2:87:a9:d1:b8:16:41:
71:1e:3f:09:c9:40:83:e0:c5:3c:2a:33:cb:26:cb:
80:6b:83:bf:ae:1d:be:94:fd:66:d3:e2:04:b5:a6:
87:5d:44:93:ec:a8:84:2c:ef:8b:db:ec:c0:cc:dc:
41:3d:ff:b1:cf:8a:81:0c:6e:e5:44:f4:bf:71:8d:
42:2b:e3:22:80:e1:44:6d:d0:6a:a1:48:2b:88:c7:
26:64:12:02:71:3f:b2:7c:cd:26:09:47:fc:e5:9e:
f4:70:ed:b9:b5:6d:bf:41:e5:72:00:ad:d9:2c:56:
93:b9:e5:43:74:ea:3a:7b:53:a9:15:6a:a8:41:38:
23:23:81:5a:42:73:c7:8b:e1:42:7b:1a:37:79:57:
ad:98:da:98:95:f0:16:de:d5:1b:e6:27:d8:b2:42:
69:3a:f0:2e:47:ae:1a:92:8a:d0:91:19:1a:a0:63:
78:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E1:E5:55:46:A4:14:4D:54:9E:37:E7:A2:A4:A0:5D:11:FA:71:78
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/hOHlVUakFE1UnjfnoqSgXRH6cXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.32.0/24
IPv6:
2a02:128:21::/48
Signature Algorithm: sha256WithRSAEncryption
72:86:e7:13:f9:8f:9e:0f:c7:d9:8c:7a:f4:32:36:94:a4:44:
5a:a5:84:da:1e:c7:5a:fa:f0:b0:ce:4c:84:c5:81:3d:4e:86:
1e:14:4f:86:08:2f:5f:49:4f:40:49:cc:6e:5f:8f:77:3b:94:
8d:60:aa:7e:e9:f0:c6:14:e7:8c:ef:89:ca:0d:9f:8a:cb:91:
3e:b2:89:02:c5:1b:ce:7b:92:af:93:e3:76:fd:07:ad:34:2c:
ca:d4:79:06:d8:35:7c:cc:88:0d:14:b9:a6:53:11:1e:74:16:
e0:f5:64:a2:a1:a7:99:52:d9:cb:74:13:04:88:93:25:53:84:
80:dd:85:0a:16:52:35:64:1e:58:02:3c:c3:84:8b:90:64:76:
7b:4e:1b:0c:92:06:59:1e:1c:c2:91:a0:92:ff:c8:4a:de:bc:
06:27:00:45:d0:1b:82:29:61:64:79:83:1a:03:43:fb:d6:ca:
f2:7a:d0:ff:7d:23:dc:22:2a:76:07:39:d9:09:12:ce:0c:19:
cc:67:27:27:ff:8c:75:74:45:4a:05:11:cd:e5:4c:ac:fe:34:
20:1e:64:d3:6d:5c:ad:1a:1b:de:94:0f:c0:77:78:48:f5:4c:
ca:d4:ad:0b:26:56:a0:05:9c:86:dc:5a:da:c5:d0:2e:69:bc:
4d:87:14:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTNX0HXont7XqKE+V10Dg6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIxMjAxMTEwODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUxZTU1NTQ2YTQxNDRkNTQ5ZTM3ZTdhMmE0YTA1ZDExZmE3MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuUmS67PGQ9ysXb85smZWG2nPCHQ
HRwvC1B6G86Eo7/ASvOlwNaIGyErAYmeQV/T4KYMG3eCCkPM310cc7RjKHqOjF1h
MRqENg6QSCb0fJMEn9KHqdG4FkFxHj8JyUCD4MU8KjPLJsuAa4O/rh2+lP1m0+IE
taaHXUST7KiELO+L2+zAzNxBPf+xz4qBDG7lRPS/cY1CK+MigOFEbdBqoUgriMcm
ZBICcT+yfM0mCUf85Z70cO25tW2/QeVyAK3ZLFaTueVDdOo6e1OpFWqoQTgjI4Fa
QnPHi+FCexo3eVetmNqYlfAW3tUb5ifYskJpOvAuR64akorQkRkaoGN4uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITh5VVGpBRNVJ4356KkoF0R+nF4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaE9IbFZVYWtGRTFVbmpmbm9xU2dYUkg2Y1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXy4gMA8E
AgACMAkDBwAqAgEoACEwDQYJKoZIhvcNAQELBQADggEBAHKG5xP5j54Px9mMevQy
NpSkRFqlhNoex1r68LDOTITFgT1Ohh4UT4YIL19JT0BJzG5fj3c7lI1gqn7p8MYU
54zvicoNn4rLkT6yiQLFG857kq+T43b9B600LMrUeQbYNXzMiA0UuaZTER50FuD1
ZKKhp5lS2ct0EwSIkyVThIDdhQoWUjVkHlgCPMOEi5BkdntOGwySBlkeHMKRoJL/
yErevAYnAEXQG4IpYWR5gxoDQ/vWyvJ60P99I9wiKnYHOdkJEs4MGcxnJyf/jHV0
RUoFEc3lTKz+NCAeZNNtXK0aG96UD8B3eEj1TMrUrQsmVqAFnIbcWtrF0C5pvE2H
FCQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:14 2025 by rpki-client