Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uof5DLfmfdzCWk4wivWhrqI213Q.roa
File: uof5DLfmfdzCWk4wivWhrqI213Q.roa (raw, json)
Hash identifier: 6BN/yyUZkbgpQcsDZO0hY7EEu7KQxNLqtyO2SaYVLws=
Subject key identifier: BA:87:F9:0C:B7:E6:7D:DC:C2:5A:4E:30:8A:F5:A1:AE:A2:36:D7:74
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857398A74E82249E8EA9B34B6C33949DAC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uof5DLfmfdzCWk4wivWhrqI213Q.roa
Signing time: Mon 02 Jan 2023 17:47:42 +0000
ROA not before: Mon 02 Jan 2023 17:47:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56361
IP address blocks: 95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
31.148.192.0/22 maxlen: 24
31.148.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:98:a7:4e:82:24:9e:8e:a9:b3:4b:6c:33:94:9d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 17:47:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba87f90cb7e67ddcc25a4e308af5a1aea236d774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6b:13:0b:30:79:0f:99:83:5e:ae:c2:b7:78:
47:f7:6e:e6:e7:61:95:82:d2:0e:c2:bf:f9:6a:df:
af:64:58:6f:7f:ab:bd:63:ca:af:39:4d:a5:ed:16:
14:93:23:08:b8:3e:4b:2c:d6:74:a3:03:42:34:55:
fb:2a:95:4c:26:3c:5d:31:06:db:61:c7:ef:a8:72:
2b:73:92:4e:f0:84:3e:eb:06:ed:d2:02:7f:2b:45:
c2:9e:7c:1a:89:c9:33:cf:74:60:90:46:6e:d9:86:
6f:57:44:9c:a7:75:0f:f7:f8:07:4c:d9:a4:f2:18:
b6:4a:61:83:92:16:bf:2c:3c:80:17:fd:b7:46:3a:
53:53:77:6c:44:3d:ff:01:e7:30:2d:ee:cf:22:38:
de:23:d9:c7:7f:ae:a6:ee:70:12:ea:13:93:e8:72:
6e:d8:6c:4e:9b:05:4a:45:0d:12:3b:d0:a1:86:75:
0c:b7:2b:5b:a7:46:e2:d5:71:60:58:12:1c:4b:d5:
5e:34:3a:cc:e7:ef:61:fd:72:c8:8f:d4:a0:69:b7:
b8:b1:fb:11:c1:df:d1:5a:49:86:ce:53:38:92:42:
34:d2:01:96:8a:63:2c:d5:e6:b6:be:b2:57:97:b2:
1a:d0:6c:7d:dd:a5:3c:4a:ef:7a:a7:83:a2:83:66:
a8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:87:F9:0C:B7:E6:7D:DC:C2:5A:4E:30:8A:F5:A1:AE:A2:36:D7:74
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/uof5DLfmfdzCWk4wivWhrqI213Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.104.0/21
31.148.192.0/22
95.46.166.0-95.46.171.255
Signature Algorithm: sha256WithRSAEncryption
4d:36:0b:21:dd:89:1b:9c:e8:a9:f9:30:d7:d8:80:74:65:b3:
20:36:a2:c6:ec:b2:1b:65:99:9e:aa:f6:f0:c1:10:61:15:d9:
07:c8:29:96:f8:32:d8:f2:79:00:7a:2c:f3:34:9c:a8:21:56:
7b:1e:f9:a6:96:f1:d7:6d:05:50:fd:4f:a8:e8:e4:6e:6b:58:
7e:73:a0:0a:c0:0c:4f:95:25:1c:9f:c4:e9:8b:53:80:71:ea:
d6:d8:27:bb:e9:5c:79:72:f1:ed:97:df:32:74:c9:ed:c0:34:
b7:71:a6:ca:4d:8e:a8:50:d7:9e:12:6a:51:47:98:a0:8a:30:
3a:0c:3d:56:25:68:e6:7f:32:00:2f:5a:4b:28:55:89:6c:47:
c5:1f:78:48:cb:29:a8:5c:dd:60:4d:33:f9:1e:5a:a0:85:98:
04:45:f7:db:ba:bc:d6:1d:eb:58:68:7c:89:7b:ab:e1:7f:f4:
54:02:90:51:88:46:4f:29:81:ba:90:87:49:74:a3:2c:ff:0f:
72:ed:f3:db:5b:a9:d0:1b:e1:12:1e:4b:d3:af:3d:20:bd:1f:
37:79:d8:4c:34:6d:c4:82:05:7b:32:78:62:03:24:cd:fc:a9:
de:78:f5:b1:9b:73:98:c9:cf:16:a9:b7:08:1c:02:a4:26:22:
73:9c:f8:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVzmKdOgiSejqmzS2wzlJ2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMTc0NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg3ZjkwY2I3ZTY3ZGRjYzI1YTRlMzA4YWY1YTFhZWEyMzZkNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWsTCzB5D5mDXq7Ct3hH927m52GV
gtIOwr/5at+vZFhvf6u9Y8qvOU2l7RYUkyMIuD5LLNZ0owNCNFX7KpVMJjxdMQbb
YcfvqHIrc5JO8IQ+6wbt0gJ/K0XCnnwaickzz3RgkEZu2YZvV0Scp3UP9/gHTNmk
8hi2SmGDkha/LDyAF/23RjpTU3dsRD3/AecwLe7PIjjeI9nHf66m7nAS6hOT6HJu
2GxOmwVKRQ0SO9ChhnUMtytbp0bi1XFgWBIcS9VeNDrM5+9h/XLIj9Sgabe4sfsR
wd/RWkmGzlM4kkI00gGWimMs1ea2vrJXl7Ia0Gx93aU8Su96p4Oig2aozwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLqH+Qy35n3cwlpOMIr1oa6iNtd0MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdW9mNURMZm1mZHpDV2s0d2l2V2hycUkyMTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDH5RoAwQC
H5TAMAwDBAFfLqYDBAJfLqgwDQYJKoZIhvcNAQELBQADggEBAE02CyHdiRuc6Kn5
MNfYgHRlsyA2osbsshtlmZ6q9vDBEGEV2QfIKZb4MtjyeQB6LPM0nKghVnse+aaW
8ddtBVD9T6jo5G5rWH5zoArADE+VJRyfxOmLU4Bx6tbYJ7vpXHly8e2X3zJ0ye3A
NLdxpspNjqhQ154SalFHmKCKMDoMPVYlaOZ/MgAvWksoVYlsR8UfeEjLKahc3WBN
M/keWqCFmARF99u6vNYd61hofIl7q+F/9FQCkFGIRk8pgbqQh0l0oyz/D3Lt89tb
qdAb4RIeS9OvPSC9Hzd52Ew0bcSCBXsyeGIDJM38qd549bGbc5jJzxaptwgcAqQm
InOc+N4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:49 2025 by rpki-client