Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/a07523-8392-47f5-82b3-30c430a398e6/1/4zuoqc0Glu6ApY4rQHmNAlxxavo.roa
File: 4zuoqc0Glu6ApY4rQHmNAlxxavo.roa (raw, json)
Hash identifier: qDD4JCBpI34S2Q624/ndlMxJa6qHAv5moxaFgFJvL3I=
Subject key identifier: E3:3B:A8:A9:CD:06:96:EE:80:A5:8E:2B:40:79:8D:02:5C:71:6A:FA
Certificate issuer: /CN=4e72ac71eb4507ac0a652a54598dae451fe33f47
Certificate serial: 019421B1ACB5926FF1337E2778D6D371E95E
Authority key identifier: 4E:72:AC:71:EB:45:07:AC:0A:65:2A:54:59:8D:AE:45:1F:E3:3F:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnKscetFB6wKZSpUWY2uRR_jP0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/a07523-8392-47f5-82b3-30c430a398e6/1/4zuoqc0Glu6ApY4rQHmNAlxxavo.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48431
IP address blocks: 95.80.128.0/18 maxlen: 18
95.80.128.0/20 maxlen: 20
95.80.144.0/20 maxlen: 20
95.80.190.0/24 maxlen: 24
185.57.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ac:b5:92:6f:f1:33:7e:27:78:d6:d3:71:e9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e72ac71eb4507ac0a652a54598dae451fe33f47
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e33ba8a9cd0696ee80a58e2b40798d025c716afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5a:e0:ce:4d:91:62:73:2f:28:53:53:36:4f:
8b:b3:44:b1:00:eb:7c:71:10:99:b6:f6:d1:33:fd:
df:2e:23:cc:e7:15:53:8c:d8:55:51:e8:fb:8c:d5:
d2:fb:df:a9:c6:2f:da:a8:5b:ac:1e:ee:62:ab:00:
6b:e9:df:a5:8b:da:7f:9b:7a:57:2c:ec:02:34:5b:
96:86:4a:7d:21:c6:f3:15:5f:37:55:42:04:79:b6:
3f:f7:51:0f:3b:7f:50:22:c7:7c:5c:89:8f:89:5d:
19:10:c9:46:f1:df:ac:86:48:ac:fd:19:cb:b5:51:
59:37:26:54:fb:fc:68:e8:49:71:60:a4:88:34:79:
46:1b:dc:f0:84:5a:17:8b:31:91:8d:9d:9d:42:86:
d6:1a:7f:1f:2b:0c:37:32:2d:3a:3b:59:c4:a9:34:
9c:99:35:0d:21:7c:95:b9:e4:78:6c:e5:76:d4:da:
fb:41:93:16:15:6c:52:97:1d:d8:c6:fb:ff:93:80:
62:84:0d:4f:d9:5e:a3:be:d3:24:b4:6a:1c:3a:2c:
1c:48:bd:03:6a:63:b4:63:fc:42:d9:2f:ec:a8:39:
fb:12:de:3b:97:41:bd:4f:6a:36:09:2a:56:80:7c:
08:9e:2d:ec:f7:e3:0b:9a:84:68:57:52:47:1e:46:
c2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3B:A8:A9:CD:06:96:EE:80:A5:8E:2B:40:79:8D:02:5C:71:6A:FA
X509v3 Authority Key Identifier:
keyid:4E:72:AC:71:EB:45:07:AC:0A:65:2A:54:59:8D:AE:45:1F:E3:3F:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnKscetFB6wKZSpUWY2uRR_jP0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a07523-8392-47f5-82b3-30c430a398e6/1/4zuoqc0Glu6ApY4rQHmNAlxxavo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/a07523-8392-47f5-82b3-30c430a398e6/1/TnKscetFB6wKZSpUWY2uRR_jP0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.80.128.0/18
185.57.132.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:36:12:a2:ea:34:c7:b4:80:3b:d1:63:d5:d1:8e:ca:f2:31:
c6:d7:08:3e:d1:a1:10:0d:af:d2:37:ee:50:ff:2f:ef:7d:e8:
35:39:71:4f:41:b5:34:ce:43:4a:fc:64:60:4f:d9:96:32:c0:
b3:f0:13:97:10:22:4e:b7:ca:7e:bc:22:ee:d1:18:a2:13:6e:
15:9b:07:b6:b5:37:31:6a:d9:63:17:a2:ff:ca:54:21:f5:87:
d4:ab:d8:bf:68:0f:0d:1d:ad:0e:06:ff:dd:be:e7:c5:f6:5a:
5b:44:39:28:d8:36:8f:bc:4a:cc:78:ec:a7:dd:dd:6b:21:fd:
04:b5:8b:af:bf:a0:c4:fc:a6:c8:86:4d:e1:e1:27:c2:c6:17:
32:fe:71:0f:36:52:02:9e:1f:6c:d6:a6:90:da:f4:e0:ac:3c:
b9:83:43:bf:21:1c:99:f9:a6:14:b7:dd:90:3d:53:93:5a:8d:
ab:0e:24:4d:b5:7d:c1:8c:fc:be:b0:05:da:75:d9:99:4c:d0:
98:ee:ba:87:94:da:ef:b1:5f:a3:83:05:03:01:15:95:c7:4d:
17:04:a4:d2:38:44:77:bd:c3:db:3e:43:23:a0:d2:6d:d6:7f:
9e:35:82:eb:d9:d9:fc:01:1a:fa:40:94:d5:f1:fc:ba:c1:27:
f2:f4:f3:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsay1km/xM34neNbTceleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNzJhYzcxZWI0NTA3YWMwYTY1MmE1NDU5OGRhZTQ1MWZl
MzNmNDcwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzNiYThhOWNkMDY5NmVlODBhNThlMmI0MDc5OGQwMjVjNzE2YWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVrgzk2RYnMvKFNTNk+Ls0SxAOt8
cRCZtvbRM/3fLiPM5xVTjNhVUej7jNXS+9+pxi/aqFusHu5iqwBr6d+li9p/m3pX
LOwCNFuWhkp9IcbzFV83VUIEebY/91EPO39QIsd8XImPiV0ZEMlG8d+shkis/RnL
tVFZNyZU+/xo6ElxYKSINHlGG9zwhFoXizGRjZ2dQobWGn8fKww3Mi06O1nEqTSc
mTUNIXyVueR4bOV21Nr7QZMWFWxSlx3Yxvv/k4BihA1P2V6jvtMktGocOiwcSL0D
amO0Y/xC2S/sqDn7Et47l0G9T2o2CSpWgHwIni3s9+MLmoRoV1JHHkbCrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOM7qKnNBpbugKWOK0B5jQJccWr6MB8GA1UdIwQY
MBaAFE5yrHHrRQesCmUqVFmNrkUf4z9HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG5Lc2NldEZCNndLWlNwVVdZMnVSUl9qUDBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hMDc1MjMtODM5Mi00N2Y1LTgyYjMt
MzBjNDMwYTM5OGU2LzEvNHp1b3FjMEdsdTZBcFk0clFIbU5BbHh4YXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hMDc1MjMtODM5Mi00N2Y1LTgyYjMtMzBjNDMwYTM5OGU2
LzEvVG5Lc2NldEZCNndLWlNwVVdZMnVSUl9qUDBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGX1CAAwQC
uTmEMA0GCSqGSIb3DQEBCwUAA4IBAQAPNhKi6jTHtIA70WPV0Y7K8jHG1wg+0aEQ
Da/SN+5Q/y/vfeg1OXFPQbU0zkNK/GRgT9mWMsCz8BOXECJOt8p+vCLu0RiiE24V
mwe2tTcxatljF6L/ylQh9YfUq9i/aA8NHa0OBv/dvufF9lpbRDko2DaPvErMeOyn
3d1rIf0EtYuvv6DE/KbIhk3h4SfCxhcy/nEPNlICnh9s1qaQ2vTgrDy5g0O/IRyZ
+aYUt92QPVOTWo2rDiRNtX3BjPy+sAXaddmZTNCY7rqHlNrvsV+jgwUDARWVx00X
BKTSOER3vcPbPkMjoNJt1n+eNYLr2dn8ARr6QJTV8fy6wSfy9PM6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:30 2025 by rpki-client