Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lK8H8ExPz3hNIrJsVmUkFpMyPrw.roa
File: lK8H8ExPz3hNIrJsVmUkFpMyPrw.roa (raw, json)
Hash identifier: C7I2+NYo7Yz6UtIf6rGW5np+6lqIvlZNxZSTU1h4a5M=
Subject key identifier: 94:AF:07:F0:4C:4F:CF:78:4D:22:B2:6C:56:65:24:16:93:32:3E:BC
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29E290B7E8AF83E9132C984EE76C3C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lK8H8ExPz3hNIrJsVmUkFpMyPrw.roa
Signing time: Tue 02 Jan 2024 12:33:11 +0000
ROA not before: Tue 02 Jan 2024 12:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15428
IP address blocks: 31.148.112.0/21 maxlen: 24
146.158.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:e2:90:b7:e8:af:83:e9:13:2c:98:4e:e7:6c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94af07f04c4fcf784d22b26c5665241693323ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e1:2d:2d:aa:05:11:57:96:28:21:e4:03:5c:
86:8e:0f:0d:1b:d8:36:55:b6:bb:ba:01:e9:ff:21:
d0:67:19:c5:49:83:58:e1:2d:3b:b2:f3:ac:ab:04:
81:25:0e:e7:3e:cd:e7:1a:61:86:f5:89:75:04:28:
fd:83:c3:f9:c3:f7:27:50:8a:d2:b6:d2:10:03:d5:
49:a6:fa:c5:42:76:d1:87:f2:c9:0b:aa:7b:fa:dd:
dc:d7:1b:a2:82:8e:94:92:f6:0b:6f:95:3a:fe:1c:
37:a3:a9:4a:f6:44:5c:6e:ae:ba:da:c8:4d:fb:c9:
44:bd:5f:70:36:f4:1d:d3:1f:f0:4f:9a:80:60:05:
52:4b:36:bd:82:ab:f8:8f:38:79:d0:2e:1d:13:53:
13:d0:03:78:a7:f1:c5:db:72:d3:53:05:cd:b4:83:
1d:6f:b9:8e:8e:83:f4:1b:cf:d8:81:f4:f9:39:62:
ff:8a:1a:8b:a7:27:ca:04:1e:31:e0:37:fd:dd:1d:
49:11:67:bd:53:80:f9:4a:74:bd:6a:b9:58:c6:53:
4e:ca:25:35:e3:3d:00:e0:f5:87:c2:1f:f7:9c:de:
a6:e3:3b:df:5e:7f:81:4c:73:22:4e:c5:95:2f:58:
52:b5:d1:6c:f7:0e:67:43:52:48:c0:1c:84:0f:2c:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AF:07:F0:4C:4F:CF:78:4D:22:B2:6C:56:65:24:16:93:32:3E:BC
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lK8H8ExPz3hNIrJsVmUkFpMyPrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.112.0/21
146.158.95.0/24
Signature Algorithm: sha256WithRSAEncryption
93:bd:51:0c:64:dd:f7:8d:f1:fd:b4:e0:1c:17:5d:65:33:92:
c3:93:56:85:81:7a:fb:92:4d:42:f7:f2:ae:c2:a6:16:1c:d6:
6b:9e:ff:86:5f:8d:2c:27:36:23:72:d0:30:49:d1:ee:cb:88:
41:a7:96:57:7b:4b:aa:42:f2:6a:9b:a6:01:d8:2b:54:bc:93:
d7:3b:39:10:9d:4d:53:a9:41:a7:1e:15:6a:da:c9:47:7e:55:
95:19:3d:aa:4c:24:07:2c:28:1d:16:6f:c8:d1:06:c1:1c:fa:
19:74:61:eb:1d:7a:86:2c:ca:d6:13:c5:86:fc:03:22:ad:5b:
c1:6f:4e:25:99:36:5c:1b:f2:11:c9:b3:08:cc:89:f1:4e:76:
7f:3e:ec:28:47:e2:c4:93:13:e6:0e:ed:e9:a7:c1:be:24:b1:
88:a7:01:c9:29:77:a4:bc:25:92:5b:92:9d:a8:5d:35:e9:0e:
c1:df:f9:4f:4a:03:dd:21:7a:05:9d:5a:63:52:0e:c5:46:d6:
6e:2a:91:b5:6c:02:78:a6:53:20:66:4b:3d:02:93:3c:40:d7:
9b:c1:e6:09:5b:6f:3a:92:fa:b9:89:b6:fa:f6:9a:e9:bf:81:
a1:37:9b:b3:e2:64:82:47:d6:04:c3:ab:b5:e0:69:11:b4:88:
c5:fd:d9:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKeKQt+ivg+kTLJhO52w8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFmMDdmMDRjNGZjZjc4NGQyMmIyNmM1NjY1MjQxNjkzMzIzZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluEtLaoFEVeWKCHkA1yGjg8NG9g2
Vba7ugHp/yHQZxnFSYNY4S07svOsqwSBJQ7nPs3nGmGG9Yl1BCj9g8P5w/cnUIrS
ttIQA9VJpvrFQnbRh/LJC6p7+t3c1xuigo6UkvYLb5U6/hw3o6lK9kRcbq662shN
+8lEvV9wNvQd0x/wT5qAYAVSSza9gqv4jzh50C4dE1MT0AN4p/HF23LTUwXNtIMd
b7mOjoP0G8/YgfT5OWL/ihqLpyfKBB4x4Df93R1JEWe9U4D5SnS9arlYxlNOyiU1
4z0A4PWHwh/3nN6m4zvfXn+BTHMiTsWVL1hStdFs9w5nQ1JIwByEDyxkLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJSvB/BMT894TSKybFZlJBaTMj68MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbEs4SDhFeFB6M2hOSXJKc1ZtVWtGcE15UHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH5RwAwQA
kp5fMA0GCSqGSIb3DQEBCwUAA4IBAQCTvVEMZN33jfH9tOAcF11lM5LDk1aFgXr7
kk1C9/KuwqYWHNZrnv+GX40sJzYjctAwSdHuy4hBp5ZXe0uqQvJqm6YB2CtUvJPX
OzkQnU1TqUGnHhVq2slHflWVGT2qTCQHLCgdFm/I0QbBHPoZdGHrHXqGLMrWE8WG
/AMirVvBb04lmTZcG/IRybMIzInxTnZ/PuwoR+LEkxPmDu3pp8G+JLGIpwHJKXek
vCWSW5KdqF016Q7B3/lPSgPdIXoFnVpjUg7FRtZuKpG1bAJ4plMgZks9ApM8QNeb
weYJW286kvq5ibb69prpv4GhN5uz4mSCR9YEw6u14GkRtIjF/dlD
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:25 2025 by rpki-client