Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iiZLzWXl1zPsGmw-jnypM-xqZ80.roa
File: iiZLzWXl1zPsGmw-jnypM-xqZ80.roa (raw, json)
Hash identifier: hpaEp1gxhZHrIo2Sv7Q0k9MeU29UImvlq0/1JZ4W4ho=
Subject key identifier: 8A:26:4B:CD:65:E5:D7:33:EC:1A:6C:3E:8E:7C:A9:33:EC:6A:67:CD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FE32BF2611CF3290D79BFC7CD2211
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iiZLzWXl1zPsGmw-jnypM-xqZ80.roa
Signing time: Thu 02 Jan 2025 05:49:34 +0000
ROA not before: Thu 02 Jan 2025 05:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64423
IP address blocks: 95.46.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:e3:2b:f2:61:1c:f3:29:0d:79:bf:c7:cd:22:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a264bcd65e5d733ec1a6c3e8e7ca933ec6a67cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fd:e7:32:81:47:d7:28:d4:9e:7c:e6:a4:0f:
cc:20:63:58:c7:7f:3e:d4:d2:4c:36:41:c4:16:d0:
64:e2:d3:ef:35:a8:05:5f:5a:48:89:a1:b8:4b:3b:
a1:cc:f5:d5:8c:30:b3:5a:2a:6f:c5:03:ea:9a:dd:
56:c7:2b:b9:d1:d7:16:91:fc:5a:e6:0e:01:bb:30:
5d:c9:fc:da:c2:2a:c4:bd:c2:e7:74:32:21:79:f0:
fc:97:c5:e7:18:1f:49:5e:41:94:9c:45:86:d0:07:
61:65:c9:a4:9e:99:62:ab:9c:75:14:a6:a1:99:85:
69:3d:44:eb:77:f1:91:04:91:e5:e4:59:40:9f:dc:
27:8f:fd:1d:9c:e1:eb:7f:7f:fa:c7:9c:5b:2f:c7:
44:2d:81:e5:3c:3f:e2:bb:17:92:f9:ef:9f:bb:8d:
f0:c5:66:6e:f5:ed:ac:be:bf:f5:13:4f:5c:df:6b:
a9:bf:0b:41:04:0d:8c:30:dd:b4:62:64:2e:e4:8f:
95:f7:8a:4f:61:5d:27:01:31:ea:57:93:4c:06:1d:
10:79:2b:ac:5c:56:39:f5:8e:e1:f4:7f:5b:7f:e1:
12:2c:70:7a:2d:26:8a:94:ac:e9:6a:07:93:3c:98:
3a:3e:91:da:c9:3a:cd:94:30:1c:25:a8:87:4b:dd:
81:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:26:4B:CD:65:E5:D7:33:EC:1A:6C:3E:8E:7C:A9:33:EC:6A:67:CD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iiZLzWXl1zPsGmw-jnypM-xqZ80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.40.0/22
Signature Algorithm: sha256WithRSAEncryption
92:75:d7:e1:38:12:a8:da:8a:cc:76:b8:80:6e:d3:14:86:06:
9b:3e:af:1d:14:ff:3f:a4:80:94:65:2f:9a:81:de:aa:75:2b:
b3:bb:6a:47:3b:0f:3f:c0:57:f7:7d:01:f0:b8:a2:59:45:b7:
bf:99:6f:78:aa:34:a6:6e:1e:00:5c:0a:c2:63:c0:10:2c:96:
b3:ab:6e:dd:58:8c:0f:f5:75:4b:d5:92:6b:5e:8b:4a:d1:37:
89:e5:53:82:88:34:1c:d8:3a:13:58:a8:a3:c6:a0:20:a4:69:
aa:d3:b0:8f:04:ee:75:b3:2c:43:66:ba:8c:e3:7b:8d:55:f8:
37:92:81:d4:db:f3:5e:e7:4f:df:dd:17:f8:eb:4f:af:6a:9a:
bd:f2:06:e6:99:ae:47:38:e2:c3:0c:d4:0a:de:55:e0:b4:1f:
aa:e6:4c:df:0c:98:47:dd:79:f8:a0:c9:e9:a7:5d:e8:35:95:
b7:45:4c:4e:ec:18:6e:06:71:cf:0b:15:e7:3a:84:86:50:1d:
d3:1d:a0:80:86:34:3b:d9:2f:df:03:1b:c5:ea:48:89:61:94:
b3:86:c3:8d:eb:6a:83:da:64:61:32:53:f1:6e:ce:2a:d3:67:
b8:d8:9a:2e:d2:6c:f1:94:46:09:31:13:eb:b9:b9:33:fb:43:
2b:04:22:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj+Mr8mEc8ykNeb/HzSIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI2NGJjZDY1ZTVkNzMzZWMxYTZjM2U4ZTdjYTkzM2VjNmE2N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/3nMoFH1yjUnnzmpA/MIGNYx38+
1NJMNkHEFtBk4tPvNagFX1pIiaG4SzuhzPXVjDCzWipvxQPqmt1Wxyu50dcWkfxa
5g4BuzBdyfzawirEvcLndDIhefD8l8XnGB9JXkGUnEWG0AdhZcmknpliq5x1FKah
mYVpPUTrd/GRBJHl5FlAn9wnj/0dnOHrf3/6x5xbL8dELYHlPD/iuxeS+e+fu43w
xWZu9e2svr/1E09c32upvwtBBA2MMN20YmQu5I+V94pPYV0nATHqV5NMBh0QeSus
XFY59Y7h9H9bf+ESLHB6LSaKlKzpageTPJg6PpHayTrNlDAcJaiHS92BOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIomS81l5dcz7BpsPo58qTPsamfNMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaWlaTHpXWGwxelBzR213LWpueXBNLXhxWjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXy4oMA0G
CSqGSIb3DQEBCwUAA4IBAQCSddfhOBKo2orMdriAbtMUhgabPq8dFP8/pICUZS+a
gd6qdSuzu2pHOw8/wFf3fQHwuKJZRbe/mW94qjSmbh4AXArCY8AQLJazq27dWIwP
9XVL1ZJrXotK0TeJ5VOCiDQc2DoTWKijxqAgpGmq07CPBO51syxDZrqM43uNVfg3
koHU2/Ne50/f3Rf460+vapq98gbmma5HOOLDDNQK3lXgtB+q5kzfDJhH3Xn4oMnp
p13oNZW3RUxO7BhuBnHPCxXnOoSGUB3THaCAhjQ72S/fAxvF6kiJYZSzhsON62qD
2mRhMlPxbs4q02e42Jou0mzxlEYJMRPrubkz+0MrBCLZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:28 2025 by rpki-client