Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yVbR0rx1csed57WVd7XCwtjxM3k.roa
File: yVbR0rx1csed57WVd7XCwtjxM3k.roa (raw, json)
Hash identifier: TUT1cuFN6OdGzfF/r7o/IDNixjAjyCur/e2ONCZTZb0=
Subject key identifier: C9:56:D1:D2:BC:75:72:C7:9D:E7:B5:95:77:B5:C2:C2:D8:F1:33:79
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747F71F4F5154DADD6ACBB194F27DA6
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yVbR0rx1csed57WVd7XCwtjxM3k.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197236
IP address blocks: 95.43.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f7:1f:4f:51:54:da:dd:6a:cb:b1:94:f2:7d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c956d1d2bc7572c79de7b59577b5c2c2d8f13379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:39:6f:78:55:22:13:64:64:8a:e2:7e:cc:
22:6e:e7:84:bb:0a:49:05:8b:ff:e4:44:6c:a5:bb:
4e:d5:ab:cc:26:83:17:8f:66:46:22:d3:5c:a4:f8:
38:a8:94:62:be:a6:89:d9:5f:f1:6f:bd:7e:40:1a:
99:23:f4:32:05:66:a5:03:99:aa:3c:c9:f5:fd:d3:
f2:4b:74:b4:e4:ca:59:de:e2:d6:7c:99:0b:6b:b3:
d8:e5:a3:58:b9:78:d6:9f:6e:25:0e:f8:f7:d9:c3:
20:82:00:36:da:20:23:64:09:f3:ac:6a:a8:98:4b:
f6:54:7e:cf:ca:3d:85:4f:2a:c7:a7:74:8a:6d:34:
b8:ab:5a:b0:d7:a9:aa:25:49:97:58:d3:2c:74:1d:
9c:75:93:06:56:08:e1:a4:55:8c:64:39:32:5c:e0:
95:7c:60:96:fb:ac:9f:f0:82:9e:63:56:7c:1d:5f:
ea:cb:6d:76:f0:e2:b5:58:b7:cd:aa:f3:d9:d3:d3:
87:9f:d1:da:15:8a:67:b6:64:88:f8:4e:bd:bd:e0:
81:77:b9:59:84:67:2d:2e:0a:04:cf:41:db:9d:50:
56:8c:71:8d:b8:91:e6:fd:46:fc:b8:b5:a8:01:db:
17:6b:6a:94:cd:71:ae:eb:f9:4d:c6:d8:37:4b:e0:
03:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:56:D1:D2:BC:75:72:C7:9D:E7:B5:95:77:B5:C2:C2:D8:F1:33:79
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/yVbR0rx1csed57WVd7XCwtjxM3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.229.0/24
Signature Algorithm: sha256WithRSAEncryption
89:aa:0a:55:91:f1:48:3e:d8:f0:1e:9f:a7:ff:ee:b6:39:9b:
3a:8c:ed:0e:d0:ac:f2:bc:4b:e4:b2:d5:6a:67:1c:c1:e0:6f:
ad:10:dc:3f:0c:46:c7:ec:ba:5a:0b:bd:31:93:eb:55:cb:f4:
30:b3:20:de:9c:8b:50:51:4d:29:6d:9c:ed:62:43:27:1c:3a:
7f:37:cf:50:03:7c:0b:93:34:1a:e5:e6:29:2f:2e:f1:05:0b:
9e:69:c3:e5:ef:13:73:8e:f2:85:a4:35:84:c1:a9:23:2d:51:
8c:99:60:b8:b7:5a:a9:24:f7:2f:6c:8d:36:02:08:fa:3b:4a:
73:bc:86:b7:77:92:17:f0:4c:a6:42:73:94:38:4d:9b:09:25:
ba:54:65:bc:96:62:07:2c:5b:d8:36:7d:2c:9a:8d:78:77:db:
04:ed:39:51:bf:aa:1d:5d:2d:9e:58:6a:a7:cb:a1:a1:2f:f0:
04:93:df:9e:8a:9d:90:24:1e:61:ae:50:99:54:7c:0f:f6:f6:
d3:5d:3d:bb:4b:7d:22:da:02:7f:d7:27:5e:9e:4b:c8:6c:82:
69:97:79:f5:01:6d:c1:79:b7:1e:3f:4a:a1:9f:ee:f6:39:3a:
c3:87:c2:94:f1:f6:d2:f9:cb:37:2f:25:82:10:f5:8f:54:44:
e6:39:f3:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/cfT1FU2t1qy7GU8n2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTU2ZDFkMmJjNzU3MmM3OWRlN2I1OTU3N2I1YzJjMmQ4ZjEzMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+Q5b3hVIhNkZIrifswibueEuwpJ
BYv/5ERspbtO1avMJoMXj2ZGItNcpPg4qJRivqaJ2V/xb71+QBqZI/QyBWalA5mq
PMn1/dPyS3S05MpZ3uLWfJkLa7PY5aNYuXjWn24lDvj32cMgggA22iAjZAnzrGqo
mEv2VH7Pyj2FTyrHp3SKbTS4q1qw16mqJUmXWNMsdB2cdZMGVgjhpFWMZDkyXOCV
fGCW+6yf8IKeY1Z8HV/qy2128OK1WLfNqvPZ09OHn9HaFYpntmSI+E69veCBd7lZ
hGctLgoEz0HbnVBWjHGNuJHm/Ub8uLWoAdsXa2qUzXGu6/lNxtg3S+ADowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlW0dK8dXLHnee1lXe1wsLY8TN5MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEveVZiUjByeDFjc2VkNTdXVmQ3WEN3dGp4TTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXyvlMA0G
CSqGSIb3DQEBCwUAA4IBAQCJqgpVkfFIPtjwHp+n/+62OZs6jO0O0KzyvEvkstVq
ZxzB4G+tENw/DEbH7LpaC70xk+tVy/QwsyDenItQUU0pbZztYkMnHDp/N89QA3wL
kzQa5eYpLy7xBQueacPl7xNzjvKFpDWEwakjLVGMmWC4t1qpJPcvbI02Agj6O0pz
vIa3d5IX8EymQnOUOE2bCSW6VGW8lmIHLFvYNn0smo14d9sE7TlRv6odXS2eWGqn
y6GhL/AEk9+eip2QJB5hrlCZVHwP9vbTXT27S30i2gJ/1ydenkvIbIJpl3n1AW3B
ebceP0qhn+72OTrDh8KU8fbS+cs3LyWCEPWPVETmOfPH
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:51:27 2025 by rpki-client