Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uRDbwjYhfVJwXCuXU_rt9_oENl8.roa
File: uRDbwjYhfVJwXCuXU_rt9_oENl8.roa (raw, json)
Hash identifier: cl8BzD8vrzG4PSxFKkLsyAPlnnq67fUSWXSrsccZ+fc=
Subject key identifier: B9:10:DB:C2:36:21:7D:52:70:5C:2B:97:53:FA:ED:F7:FA:04:36:5F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709507C8DD05D12FF93D320E3A1CA5EA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uRDbwjYhfVJwXCuXU_rt9_oENl8.roa
Signing time: Mon 02 Jan 2023 03:44:53 +0000
ROA not before: Mon 02 Jan 2023 03:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12389
IP address blocks: 95.47.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:07:c8:dd:05:d1:2f:f9:3d:32:0e:3a:1c:a5:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b910dbc236217d52705c2b9753faedf7fa04365f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cc:c9:38:12:9f:e9:8d:a0:91:d9:f8:68:e0:
0f:1a:7a:1c:6a:98:8a:c5:7f:4d:d4:72:c5:49:bc:
49:d1:d1:db:69:37:9a:a4:ae:b1:f2:50:e5:0e:af:
02:9c:25:9e:65:45:82:78:34:24:76:87:16:d3:cd:
46:06:d4:08:9e:43:85:40:cb:bf:91:11:56:da:53:
e2:ac:ed:42:4f:24:e1:2a:47:11:15:62:be:b7:84:
e9:67:21:e0:f9:db:9b:e6:89:44:47:15:e1:fe:82:
f9:11:21:6c:87:7b:bb:41:ec:5b:db:ed:b0:c9:84:
b3:5d:43:9c:86:e2:71:f1:ca:9c:d8:06:f2:16:c8:
97:f8:70:cf:5d:06:6b:f0:dd:00:7e:81:29:30:1d:
96:19:c3:c6:53:4d:7a:e1:cb:7b:c8:9c:17:dd:61:
da:ff:3f:cf:29:0c:b3:e9:fd:1d:46:50:33:6a:6c:
87:af:1f:33:98:09:62:57:ec:49:27:82:20:c5:60:
da:ab:ec:cf:f3:08:77:10:9a:3c:68:2c:2a:91:11:
d3:9a:1d:0d:74:de:35:61:3f:46:ba:3a:d3:ea:2a:
1b:91:7d:1f:4c:96:f4:21:c6:34:12:90:28:eb:12:
99:8a:b4:ca:2d:d9:b5:f7:7c:8b:a5:7d:58:3c:4f:
a9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:10:DB:C2:36:21:7D:52:70:5C:2B:97:53:FA:ED:F7:FA:04:36:5F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uRDbwjYhfVJwXCuXU_rt9_oENl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.152.0/24
Signature Algorithm: sha256WithRSAEncryption
51:62:1f:20:99:02:e6:41:46:8a:e7:ea:36:53:d6:0c:9e:49:
7f:96:1d:c5:aa:10:1a:5e:a3:eb:2e:58:53:c3:d3:77:03:ca:
63:97:ca:1a:f3:a2:22:ec:eb:e5:24:c3:e8:c0:43:b0:6a:7f:
8f:05:ec:5c:65:c0:93:2e:cc:76:9c:e9:77:a1:48:ba:fa:6b:
08:4e:5b:5e:b8:70:d6:9f:39:60:c7:a9:bf:cc:cb:6f:ee:8a:
7f:ab:76:b0:6c:a1:c0:e5:2a:34:d6:a5:e2:8a:cb:cc:3a:e2:
5f:db:f6:de:13:14:d1:6f:59:06:55:99:e0:43:ce:30:bd:19:
89:42:66:09:e3:7f:00:7f:93:aa:b7:1e:9a:9d:5f:f7:7c:e8:
ae:87:48:87:eb:d1:7f:32:a9:64:9a:de:b1:ac:c4:5b:f0:48:
6a:7d:63:2b:b7:d5:25:64:99:1a:07:af:b8:b1:c4:cd:11:02:
1a:25:29:4c:ce:58:fc:3f:e2:d6:08:aa:e5:ed:da:3b:44:f6:
9d:e8:b0:fa:00:2d:f9:13:67:4e:59:4c:a6:dd:25:94:66:ef:
ae:bb:2e:0c:8c:4b:f2:78:cf:d4:5a:1f:5c:dd:be:10:bb:9e:
06:07:f7:c2:47:6a:c6:98:02:1a:9b:84:84:c2:d1:22:d3:bf:
d6:89:3c:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlQfI3QXRL/k9Mg46HKXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTEwZGJjMjM2MjE3ZDUyNzA1YzJiOTc1M2ZhZWRmN2ZhMDQzNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjszJOBKf6Y2gkdn4aOAPGnocapiK
xX9N1HLFSbxJ0dHbaTeapK6x8lDlDq8CnCWeZUWCeDQkdocW081GBtQInkOFQMu/
kRFW2lPirO1CTyThKkcRFWK+t4TpZyHg+dub5olERxXh/oL5ESFsh3u7Qexb2+2w
yYSzXUOchuJx8cqc2AbyFsiX+HDPXQZr8N0AfoEpMB2WGcPGU0164ct7yJwX3WHa
/z/PKQyz6f0dRlAzamyHrx8zmAliV+xJJ4IgxWDaq+zP8wh3EJo8aCwqkRHTmh0N
dN41YT9GujrT6iobkX0fTJb0IcY0EpAo6xKZirTKLdm193yLpX1YPE+pAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkQ28I2IX1ScFwrl1P67ff6BDZfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdVJEYndqWWhmVkp3WEN1WFVfcnQ5X29FTmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXy+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBRYh8gmQLmQUaK5+o2U9YMnkl/lh3FqhAaXqPrLlhT
w9N3A8pjl8oa86Ii7OvlJMPowEOwan+PBexcZcCTLsx2nOl3oUi6+msITlteuHDW
nzlgx6m/zMtv7op/q3awbKHA5So01qXiisvMOuJf2/beExTRb1kGVZngQ84wvRmJ
QmYJ438Af5Oqtx6anV/3fOiuh0iH69F/Mqlkmt6xrMRb8EhqfWMrt9UlZJkaB6+4
scTNEQIaJSlMzlj8P+LWCKrl7do7RPad6LD6AC35E2dOWUym3SWUZu+uuy4MjEvy
eM/UWh9c3b4Qu54GB/fCR2rGmAIam4SEwtEi07/WiTx0
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:55:56 2025 by rpki-client