Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dxTZ0fLnSjgIxiITBIlV8mZPY2U.roa
File: dxTZ0fLnSjgIxiITBIlV8mZPY2U.roa (raw, json)
Hash identifier: dtXuhR1xn/3TAY9ac5JIGSjniYElQIUCFL/kQL2PNiI=
Subject key identifier: 77:14:D9:D1:F2:E7:4A:38:08:C6:22:13:04:89:55:F2:66:4F:63:65
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0195F70143BCA79746F00FEAB47317742C22
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dxTZ0fLnSjgIxiITBIlV8mZPY2U.roa
Signing time: Wed 02 Apr 2025 14:56:49 +0000
ROA not before: Wed 02 Apr 2025 14:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3205
IP address blocks: 31.148.26.0/23 maxlen: 24
92.38.0.0/23 maxlen: 24
95.46.112.0/23 maxlen: 24
2a02:128:13::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:01:43:bc:a7:97:46:f0:0f:ea:b4:73:17:74:2c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 2 14:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7714d9d1f2e74a3808c62213048955f2664f6365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:66:a8:a3:4a:7e:6d:35:2f:71:22:87:07:fb:
40:cd:10:07:14:27:2f:93:79:7d:65:04:73:14:1f:
ef:c3:cc:58:7b:1a:14:30:c6:3a:1c:b3:ae:f3:39:
46:f9:c7:69:20:78:cc:b8:a7:a7:49:b2:4d:ff:3b:
e4:14:dd:2d:19:98:9f:9e:7b:99:79:40:bb:b1:fc:
03:b5:11:7f:67:fa:13:ab:a2:86:96:43:7c:c1:b1:
62:b5:69:86:02:aa:c8:f4:0a:c5:d7:fa:70:01:c6:
e8:b1:f0:85:a3:fb:d1:b7:68:b4:7e:b5:30:b7:f7:
bd:0a:fa:75:17:ac:f5:3d:7d:4d:63:f5:ac:59:46:
0f:d5:a0:1a:d9:0a:6c:ba:cd:54:c4:73:92:a8:f5:
22:29:3b:80:bf:bc:d9:e7:44:81:28:5b:24:e1:0d:
47:a2:67:b8:e1:5b:6e:aa:47:52:32:e6:34:ef:24:
c0:59:e9:3e:f1:43:5b:5d:0b:ac:75:da:be:91:b7:
0b:be:b7:4a:0e:b0:4e:90:90:9b:45:cb:9a:5e:66:
bb:d0:c2:0e:ac:f0:77:13:ca:dd:f8:2f:fc:22:4d:
9a:ee:c4:98:5e:2f:6d:6e:0a:0c:32:19:0b:c8:81:
a0:3f:52:eb:3b:09:da:a3:85:c7:2e:0e:db:c7:82:
3a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:14:D9:D1:F2:E7:4A:38:08:C6:22:13:04:89:55:F2:66:4F:63:65
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dxTZ0fLnSjgIxiITBIlV8mZPY2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.26.0/23
92.38.0.0/23
95.46.112.0/23
IPv6:
2a02:128:13::/48
Signature Algorithm: sha256WithRSAEncryption
1e:23:9e:94:1c:7c:af:c9:20:1d:46:c4:b1:5e:2a:05:7f:7a:
46:fd:0d:ae:e0:80:9c:eb:64:f0:61:79:04:62:17:30:0a:b5:
83:be:7e:ab:6f:53:c7:9f:7c:7c:17:99:2d:4d:ce:5e:67:1a:
50:8d:39:18:08:16:3e:bc:9c:5e:4c:54:9c:7b:5c:32:3d:a4:
16:fe:bd:73:16:80:ea:68:ac:f1:34:b2:34:be:3d:c7:3f:da:
00:8e:5f:51:b1:cc:32:c0:d8:b5:51:ab:23:94:9f:9b:da:7c:
af:17:48:06:10:64:8a:f6:60:68:f7:3e:c3:f3:ab:1a:1e:35:
be:e0:39:b9:88:c4:a3:21:41:a9:50:b1:69:f7:f3:0e:1c:c7:
06:73:77:73:d4:51:44:c1:2a:ec:9c:eb:2d:0d:d9:f1:c0:80:
6d:e5:55:fa:95:7f:e8:65:d4:27:f9:1e:12:82:36:94:35:59:
59:6e:30:54:a3:32:1a:3c:b9:48:63:cf:88:f7:02:d4:e6:e8:
4b:36:c6:03:28:a2:d7:a5:b7:c3:6d:6e:cb:8f:41:55:bb:08:
1f:7e:df:8f:6a:bc:f6:8f:7f:9c:02:d9:2e:9b:07:50:21:5c:
ac:aa:42:68:1e:d9:d2:5e:42:85:7c:b1:a8:14:a4:b2:69:83:
69:eb:ef:41
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZX3AUO8p5dG8A/qtHMXdCwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwNDAyMTQ1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE0ZDlkMWYyZTc0YTM4MDhjNjIyMTMwNDg5NTVmMjY2NGY2MzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmaoo0p+bTUvcSKHB/tAzRAHFCcv
k3l9ZQRzFB/vw8xYexoUMMY6HLOu8zlG+cdpIHjMuKenSbJN/zvkFN0tGZifnnuZ
eUC7sfwDtRF/Z/oTq6KGlkN8wbFitWmGAqrI9ArF1/pwAcbosfCFo/vRt2i0frUw
t/e9Cvp1F6z1PX1NY/WsWUYP1aAa2Qpsus1UxHOSqPUiKTuAv7zZ50SBKFsk4Q1H
ome44VtuqkdSMuY07yTAWek+8UNbXQusddq+kbcLvrdKDrBOkJCbRcuaXma70MIO
rPB3E8rd+C/8Ik2a7sSYXi9tbgoMMhkLyIGgP1LrOwnao4XHLg7bx4I6TwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHcU2dHy50o4CMYiEwSJVfJmT2NlMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZHhUWjBmTG5TamdJeGlJVEJJbFY4bVpQWTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBH5QaAwQB
XCYAAwQBXy5wMA8EAgACMAkDBwAqAgEoABMwDQYJKoZIhvcNAQELBQADggEBAB4j
npQcfK/JIB1GxLFeKgV/ekb9Da7ggJzrZPBheQRiFzAKtYO+fqtvU8effHwXmS1N
zl5nGlCNORgIFj68nF5MVJx7XDI9pBb+vXMWgOporPE0sjS+Pcc/2gCOX1GxzDLA
2LVRqyOUn5vafK8XSAYQZIr2YGj3PsPzqxoeNb7gObmIxKMhQalQsWn38w4cxwZz
d3PUUUTBKuyc6y0N2fHAgG3lVfqVf+hl1Cf5HhKCNpQ1WVluMFSjMho8uUhjz4j3
AtTm6Es2xgMootelt8NtbsuPQVW7CB9+349qvPaPf5wC2S6bB1AhXKyqQmge2dJe
QoV8sagUpLJpg2nr70E=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:26 2025 by rpki-client on console.sobornost.net