Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pUYm3ruA4GiFVOIDSb9blH7sC1g.roa
File: pUYm3ruA4GiFVOIDSb9blH7sC1g.roa (raw, json)
Hash identifier: njj9mQQynDYrYZFOoGbDTPQucevF1IgBtAuYpC6xDnc=
Subject key identifier: A5:46:26:DE:BB:80:E0:68:85:54:E2:03:49:BF:5B:94:7E:EC:0B:58
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095976EB3A2EBF62E5D86097DEB056F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pUYm3ruA4GiFVOIDSb9blH7sC1g.roa
Signing time: Mon 02 Jan 2023 03:45:29 +0000
ROA not before: Mon 02 Jan 2023 03:45:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204485
IP address blocks: 95.47.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:97:6e:b3:a2:eb:f6:2e:5d:86:09:7d:eb:05:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a54626debb80e0688554e20349bf5b947eec0b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5c:fa:0c:bb:fb:51:25:c1:aa:a4:88:67:ae:
4e:85:db:39:dd:44:0f:9e:b0:77:cd:03:5f:d5:85:
c8:40:1f:36:c3:8a:05:ba:07:3c:01:44:30:81:67:
bf:5a:59:49:4c:3d:37:31:b7:2f:2c:f7:25:1f:8c:
59:15:20:60:de:0e:1d:a6:e9:63:10:70:59:53:74:
51:e5:bd:1b:41:f8:03:56:63:a9:00:c2:62:02:48:
0c:a1:34:ab:76:fc:83:ba:1e:ae:37:89:05:2c:d3:
30:30:a8:07:3a:36:5f:19:9a:9c:c7:92:29:5f:0b:
20:a0:b9:81:ac:7d:b9:07:2b:3f:97:5e:a3:c8:5b:
d3:69:c3:50:57:47:b5:16:f8:55:36:c3:1e:db:ee:
4b:7c:67:15:fa:46:29:20:67:9f:81:0d:82:df:06:
e2:2d:6d:9e:76:f6:f1:3b:a8:c1:3b:f7:8c:21:aa:
df:3d:6d:a9:7f:5c:25:b7:ec:b9:ad:71:37:11:ee:
d5:1c:77:c3:78:c9:9c:60:b2:0a:da:93:42:7a:65:
b9:58:de:c5:81:67:91:05:a7:21:1f:f6:08:27:8a:
61:77:14:5c:80:e8:c9:97:3e:3a:19:99:dc:09:0a:
a8:11:0d:81:79:b1:0e:1a:c4:0b:2e:31:e8:10:f7:
67:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:46:26:DE:BB:80:E0:68:85:54:E2:03:49:BF:5B:94:7E:EC:0B:58
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/pUYm3ruA4GiFVOIDSb9blH7sC1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.172.0/24
Signature Algorithm: sha256WithRSAEncryption
28:19:15:e9:5e:24:23:57:cb:b3:4e:af:57:16:21:7f:6d:f9:
cb:aa:0d:2f:a3:b9:82:98:b6:e0:41:90:00:f7:b0:c8:a7:32:
00:ea:a9:d0:b4:14:ff:b9:49:94:e4:20:0b:8f:c5:fb:6c:f9:
53:0a:85:b7:f5:ae:c2:00:31:86:9e:b5:77:d1:e0:36:ca:cd:
d4:51:8c:bb:bf:f6:86:48:da:29:b2:c0:ab:d4:3b:33:75:13:
0b:46:97:a1:3b:64:56:d6:04:9f:ea:a1:50:fa:26:75:e3:c4:
09:bb:76:be:34:10:d8:c7:0e:5a:bc:77:10:71:05:85:04:e8:
54:50:b9:50:30:da:e0:a4:8c:f9:d2:ac:8d:c8:ef:51:cf:02:
5b:0f:a5:d3:f9:d9:ed:be:35:6a:11:de:40:d5:be:ed:9d:82:
80:92:90:30:d6:93:d4:e7:bd:44:4b:a6:2a:68:07:8a:1f:3c:
38:78:65:cc:13:0f:a4:fd:1f:b5:69:2d:46:32:ad:b6:37:c0:
bf:a9:5a:ed:a0:c5:6d:ab:9f:85:6b:db:94:4c:ee:0a:3a:ee:
17:75:72:66:44:19:6a:e4:c6:9c:f1:9a:6f:5c:69:34:db:3f:
0a:36:7c:84:80:cb:92:05:f0:be:0c:93:6d:fa:d7:fb:3f:f0:
88:5d:e2:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlZdus6Lr9i5dhgl96wVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQ2MjZkZWJiODBlMDY4ODU1NGUyMDM0OWJmNWI5NDdlZWMwYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1z6DLv7USXBqqSIZ65Ohds53UQP
nrB3zQNf1YXIQB82w4oFugc8AUQwgWe/WllJTD03MbcvLPclH4xZFSBg3g4dpulj
EHBZU3RR5b0bQfgDVmOpAMJiAkgMoTSrdvyDuh6uN4kFLNMwMKgHOjZfGZqcx5Ip
XwsgoLmBrH25Bys/l16jyFvTacNQV0e1FvhVNsMe2+5LfGcV+kYpIGefgQ2C3wbi
LW2edvbxO6jBO/eMIarfPW2pf1wlt+y5rXE3Ee7VHHfDeMmcYLIK2pNCemW5WN7F
gWeRBachH/YIJ4phdxRcgOjJlz46GZncCQqoEQ2BebEOGsQLLjHoEPdntwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVGJt67gOBohVTiA0m/W5R+7AtYMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcFVZbTNydUE0R2lGVk9JRFNiOWJsSDdzQzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy+sMA0G
CSqGSIb3DQEBCwUAA4IBAQAoGRXpXiQjV8uzTq9XFiF/bfnLqg0vo7mCmLbgQZAA
97DIpzIA6qnQtBT/uUmU5CALj8X7bPlTCoW39a7CADGGnrV30eA2ys3UUYy7v/aG
SNopssCr1DszdRMLRpehO2RW1gSf6qFQ+iZ148QJu3a+NBDYxw5avHcQcQWFBOhU
ULlQMNrgpIz50qyNyO9RzwJbD6XT+dntvjVqEd5A1b7tnYKAkpAw1pPU571ES6Yq
aAeKHzw4eGXMEw+k/R+1aS1GMq22N8C/qVrtoMVtq5+Fa9uUTO4KOu4XdXJmRBlq
5Mac8ZpvXGk02z8KNnyEgMuSBfC+DJNt+tf7P/CIXeJ0
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:34 2025 by rpki-client