Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/YCu9Rc0smCTK0ynVtwDuHNDgjNY.roa
File: YCu9Rc0smCTK0ynVtwDuHNDgjNY.roa (raw, json)
Hash identifier: m3t1oOjMLNoRLMT8edXCvCZa++dEm/vdN4VIMvVuJhE=
Subject key identifier: 60:2B:BD:45:CD:2C:98:24:CA:D3:29:D5:B7:00:EE:1C:D0:E0:8C:D6
Certificate issuer: /CN=a244a5c22bb0d1b72edbbedfd5a7b2607922334a
Certificate serial: 018CC7958708CBF0B0DE668FE1E3AC9CB3D5
Authority key identifier: A2:44:A5:C2:2B:B0:D1:B7:2E:DB:BE:DF:D5:A7:B2:60:79:22:33:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okSlwiuw0bcu277f1aeyYHkiM0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/YCu9Rc0smCTK0ynVtwDuHNDgjNY.roa
Signing time: Tue 02 Jan 2024 00:31:54 +0000
ROA not before: Tue 02 Jan 2024 00:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43594
IP address blocks: 95.215.124.0/24 maxlen: 24
95.215.125.0/24 maxlen: 24
95.215.124.0/22 maxlen: 22
95.215.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:87:08:cb:f0:b0:de:66:8f:e1:e3:ac:9c:b3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a244a5c22bb0d1b72edbbedfd5a7b2607922334a
Validity
Not Before: Jan 2 00:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=602bbd45cd2c9824cad329d5b700ee1cd0e08cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:95:71:51:db:0f:dc:da:33:de:8b:b8:8e:79:
68:b2:47:33:f5:cc:0a:a3:af:58:05:09:07:84:7e:
5f:5c:cd:d5:6c:eb:89:a8:0c:09:dc:5b:0e:c0:f5:
fd:18:eb:f6:b0:4e:f3:57:5e:c9:2a:4a:94:8d:13:
4e:ff:1a:7a:16:15:de:da:76:4f:c5:c9:ff:cc:fd:
4a:a2:82:d8:2e:c2:32:00:18:07:02:b2:c8:2d:3f:
06:d7:95:e1:d8:6c:fd:45:8c:51:3a:10:c6:99:de:
3d:8e:2b:7b:f1:e4:ca:90:ac:cf:c0:4d:e2:d8:c5:
77:b9:e4:14:07:bf:57:09:4c:5a:92:82:25:80:2a:
62:af:fc:59:e1:30:9f:b8:68:5c:25:d4:b6:b2:aa:
8d:a3:df:ea:d6:24:4a:0b:8b:26:3f:19:06:4d:94:
7b:6e:cb:71:3b:b0:9f:91:b7:cb:8b:32:6c:9b:77:
61:12:ae:f3:a6:dc:d1:33:49:86:c7:e2:5f:78:7a:
15:65:b4:f5:03:0a:0f:10:7a:aa:d0:87:3c:83:2b:
b9:e3:0b:3f:b9:57:d4:88:aa:64:88:c5:b7:28:13:
09:b1:99:95:12:6f:ef:6d:a4:5e:91:a8:d7:b3:10:
ca:4b:21:ed:60:97:fd:d4:ab:2e:13:1c:35:32:b8:
75:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2B:BD:45:CD:2C:98:24:CA:D3:29:D5:B7:00:EE:1C:D0:E0:8C:D6
X509v3 Authority Key Identifier:
keyid:A2:44:A5:C2:2B:B0:D1:B7:2E:DB:BE:DF:D5:A7:B2:60:79:22:33:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okSlwiuw0bcu277f1aeyYHkiM0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/YCu9Rc0smCTK0ynVtwDuHNDgjNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c45e69-fd97-4c4f-b663-84146079d0b9/1/okSlwiuw0bcu277f1aeyYHkiM0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
10:e2:33:35:d6:15:1a:04:c5:ac:78:da:f9:78:cb:80:22:42:
9e:bc:02:60:fb:16:10:9f:d0:75:31:c3:c6:b6:36:19:3e:d7:
fb:ea:e3:43:d4:00:95:ee:39:c8:bb:bb:a4:01:47:31:63:66:
7a:36:87:ac:80:fb:1f:a3:50:48:b4:ca:c9:f8:a3:a5:9f:fe:
99:28:1f:df:b9:d1:cc:47:f2:79:c3:2a:d2:68:df:e5:d8:68:
0a:4d:19:3f:8a:fc:34:42:68:ea:d3:2e:48:d6:6a:2e:6b:42:
66:1b:f1:c1:7f:9f:84:a6:9e:a7:32:bf:27:36:21:92:41:72:
6e:53:0a:d7:01:46:6a:d9:fd:d6:6a:11:a6:ed:a2:01:47:de:
59:6f:c1:ee:4d:f0:71:2a:46:21:94:7d:99:7c:35:43:80:81:
73:ca:7a:73:96:25:ef:86:24:be:a9:e2:56:a4:75:85:44:4d:
86:e7:e3:f9:5a:7d:33:e8:fa:e4:dc:41:c6:de:73:88:e6:4d:
57:14:89:1f:2e:1f:88:46:16:29:d8:4e:9a:00:c2:21:28:05:
fc:ac:fc:f7:91:1d:b9:a1:95:d3:05:a6:5c:0b:bd:59:8c:2c:
1f:ac:ee:ef:93:5f:06:45:96:65:5c:b1:85:0a:7c:88:13:45:
b5:d9:1b:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlYcIy/Cw3maP4eOsnLPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDRhNWMyMmJiMGQxYjcyZWRiYmVkZmQ1YTdiMjYwNzky
MjMzNGEwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJiYmQ0NWNkMmM5ODI0Y2FkMzI5ZDViNzAwZWUxY2QwZTA4Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJVxUdsP3Noz3ou4jnloskcz9cwK
o69YBQkHhH5fXM3VbOuJqAwJ3FsOwPX9GOv2sE7zV17JKkqUjRNO/xp6FhXe2nZP
xcn/zP1KooLYLsIyABgHArLILT8G15Xh2Gz9RYxROhDGmd49jit78eTKkKzPwE3i
2MV3ueQUB79XCUxakoIlgCpir/xZ4TCfuGhcJdS2sqqNo9/q1iRKC4smPxkGTZR7
bstxO7CfkbfLizJsm3dhEq7zptzRM0mGx+JfeHoVZbT1AwoPEHqq0Ic8gyu54ws/
uVfUiKpkiMW3KBMJsZmVEm/vbaRekajXsxDKSyHtYJf91KsuExw1Mrh1zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGArvUXNLJgkytMp1bcA7hzQ4IzWMB8GA1UdIwQY
MBaAFKJEpcIrsNG3Ltu+39WnsmB5IjNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tTbHdpdXcwYmN1Mjc3ZjFhZXlZSGtpTTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jNDVlNjktZmQ5Ny00YzRmLWI2NjMt
ODQxNDYwNzlkMGI5LzEvWUN1OVJjMHNtQ1RLMHluVnR3RHVITkRnak5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jNDVlNjktZmQ5Ny00YzRmLWI2NjMtODQxNDYwNzlkMGI5
LzEvb2tTbHdpdXcwYmN1Mjc3ZjFhZXlZSGtpTTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9d8MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ4jM11hUaBMWseNr5eMuAIkKevAJg+xYQn9B1McPG
tjYZPtf76uND1ACV7jnIu7ukAUcxY2Z6NoesgPsfo1BItMrJ+KOln/6ZKB/fudHM
R/J5wyrSaN/l2GgKTRk/ivw0Qmjq0y5I1moua0JmG/HBf5+Epp6nMr8nNiGSQXJu
UwrXAUZq2f3WahGm7aIBR95Zb8HuTfBxKkYhlH2ZfDVDgIFzynpzliXvhiS+qeJW
pHWFRE2G5+P5Wn0z6Prk3EHG3nOI5k1XFIkfLh+IRhYp2E6aAMIhKAX8rPz3kR25
oZXTBaZcC71ZjCwfrO7vk18GRZZlXLGFCnyIE0W12Rvu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:46 2025 by rpki-client