Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/rjKJjt3lm9mC7rPRWSGGkdVl_ns.roa
File: rjKJjt3lm9mC7rPRWSGGkdVl_ns.roa (raw, json)
Hash identifier: cW4gC/PO65G2w86+DzYXc9jvp7m23ygOo+L4RZjQhd4=
Subject key identifier: AE:32:89:8E:DD:E5:9B:D9:82:EE:B3:D1:59:21:86:91:D5:65:FE:7B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FF15F05D0CEFD5074B44FC6F07F4B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/rjKJjt3lm9mC7rPRWSGGkdVl_ns.roa
Signing time: Thu 02 Jan 2025 05:49:37 +0000
ROA not before: Thu 02 Jan 2025 05:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204485
IP address blocks: 95.47.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:f1:5f:05:d0:ce:fd:50:74:b4:4f:c6:f0:7f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae32898edde59bd982eeb3d159218691d565fe7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8f:50:57:d5:9e:38:6d:a5:a3:90:a7:04:0b:
c7:08:3e:73:13:8c:b8:b2:1c:33:93:5f:ce:94:63:
e2:41:b5:f8:51:01:c1:31:5a:8e:28:b3:82:60:09:
da:ac:1e:36:16:73:f8:d5:6e:14:58:e3:6e:e1:ae:
cf:c8:0a:8b:9e:25:10:2d:d3:c6:b0:65:2b:17:57:
34:9c:ea:1e:4b:ba:70:fd:8e:d0:2d:6e:20:8a:30:
39:98:37:b8:21:07:54:2e:b0:6d:26:d8:b5:d7:df:
95:eb:29:54:55:87:45:01:60:fa:bb:d2:6c:c0:de:
30:83:e6:e4:f4:77:4a:82:2f:c7:03:10:8a:d6:27:
cc:ff:be:e4:22:09:5b:61:d9:f0:b5:c9:5f:7c:1d:
f4:8d:1f:88:a9:ab:34:56:54:95:6a:1a:7c:0d:a9:
8f:7c:bd:15:e1:58:56:80:bf:59:36:a9:b6:bb:de:
41:a6:81:3c:21:35:49:f4:de:e1:11:62:05:aa:8f:
3e:8a:2c:9b:b7:57:ce:72:fd:ce:23:20:5b:0c:fc:
85:1f:e4:0a:28:63:f4:b5:52:19:be:58:49:d9:05:
0a:6b:45:65:8c:3e:0f:5b:44:25:23:95:8a:b3:9d:
6f:fe:f3:05:f7:6b:86:75:ae:5b:fe:72:2b:4f:e9:
b4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:32:89:8E:DD:E5:9B:D9:82:EE:B3:D1:59:21:86:91:D5:65:FE:7B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/rjKJjt3lm9mC7rPRWSGGkdVl_ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.172.0/24
Signature Algorithm: sha256WithRSAEncryption
62:70:45:ed:fa:53:78:1a:c4:6e:c4:64:88:50:56:ba:e8:16:
92:cc:23:5f:44:79:91:28:90:bc:5e:85:62:59:7a:15:df:a2:
65:65:3f:c3:75:2c:f0:b7:46:2e:8d:ae:b6:2f:86:a4:a6:26:
62:d4:e7:ce:3d:49:06:dd:de:91:b7:78:54:c6:65:3b:48:71:
36:68:e9:7f:8e:23:21:e7:37:b6:33:3e:b9:7c:81:2a:7e:3f:
c8:4c:7b:49:7a:73:3e:da:1f:41:e0:a0:fa:5f:ee:9c:dd:6b:
6a:e0:9f:8e:73:c5:ae:47:f8:5b:a6:6c:ec:9c:30:0b:c2:44:
70:2b:8d:b2:03:54:d6:89:16:4e:f2:e8:3e:5c:f7:fb:0e:00:
04:fa:5e:c1:99:3d:b1:da:85:92:3c:8b:d0:0b:dc:14:ce:27:
85:14:0e:58:cc:5c:00:a4:92:ae:35:d5:79:f3:20:49:b1:49:
fe:12:a7:21:32:7d:f4:08:2c:1f:0e:db:f7:ae:7d:f5:b0:4b:
7d:bf:7f:ec:5a:3e:c7:4e:b5:ab:41:17:a1:ff:cf:e9:be:c1:
f1:71:2b:3c:ca:84:9b:66:e0:be:cd:21:69:42:e8:da:55:86:
21:77:ac:e8:de:0b:d7:ea:ea:d3:a3:94:f5:73:3d:22:69:11:
2f:e3:74:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj/FfBdDO/VB0tE/G8H9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMyODk4ZWRkZTU5YmQ5ODJlZWIzZDE1OTIxODY5MWQ1NjVmZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY9QV9WeOG2lo5CnBAvHCD5zE4y4
shwzk1/OlGPiQbX4UQHBMVqOKLOCYAnarB42FnP41W4UWONu4a7PyAqLniUQLdPG
sGUrF1c0nOoeS7pw/Y7QLW4gijA5mDe4IQdULrBtJti119+V6ylUVYdFAWD6u9Js
wN4wg+bk9HdKgi/HAxCK1ifM/77kIglbYdnwtclffB30jR+Iqas0VlSVahp8DamP
fL0V4VhWgL9ZNqm2u95BpoE8ITVJ9N7hEWIFqo8+iiybt1fOcv3OIyBbDPyFH+QK
KGP0tVIZvlhJ2QUKa0VljD4PW0QlI5WKs51v/vMF92uGda5b/nIrT+m0gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4yiY7d5ZvZgu6z0VkhhpHVZf57MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcmpLSmp0M2xtOW1DN3JQUldTR0drZFZsX25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy+sMA0G
CSqGSIb3DQEBCwUAA4IBAQBicEXt+lN4GsRuxGSIUFa66BaSzCNfRHmRKJC8XoVi
WXoV36JlZT/DdSzwt0Yuja62L4akpiZi1OfOPUkG3d6Rt3hUxmU7SHE2aOl/jiMh
5ze2Mz65fIEqfj/ITHtJenM+2h9B4KD6X+6c3Wtq4J+Oc8WuR/hbpmzsnDALwkRw
K42yA1TWiRZO8ug+XPf7DgAE+l7BmT2x2oWSPIvQC9wUzieFFA5YzFwApJKuNdV5
8yBJsUn+EqchMn30CCwfDtv3rn31sEt9v3/sWj7HTrWrQReh/8/pvsHxcSs8yoSb
ZuC+zSFpQujaVYYhd6zo3gvX6urTo5T1cz0iaREv43RA
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:14 2025 by rpki-client