Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/3R0nQ4cheiHTEFltB92BU1OiX7U.roa
File: 3R0nQ4cheiHTEFltB92BU1OiX7U.roa (raw, json)
Hash identifier: P78Er0+6bSBNdgJwf6KQcQdsBmyF0Es42m8qKzMTLKo=
Subject key identifier: DD:1D:27:43:87:21:7A:21:D3:10:59:6D:07:DD:81:53:53:A2:5F:B5
Certificate issuer: /CN=703d48653b42b74647268926b3c4a497f9ef79bd
Certificate serial: 01857082AA78103AC46D177B56BD1F439A0B
Authority key identifier: 70:3D:48:65:3B:42:B7:46:47:26:89:26:B3:C4:A4:97:F9:EF:79:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cD1IZTtCt0ZHJokms8Skl_nveb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/3R0nQ4cheiHTEFltB92BU1OiX7U.roa
Signing time: Mon 02 Jan 2023 03:24:49 +0000
ROA not before: Mon 02 Jan 2023 03:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 91.242.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:aa:78:10:3a:c4:6d:17:7b:56:bd:1f:43:9a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=703d48653b42b74647268926b3c4a497f9ef79bd
Validity
Not Before: Jan 2 03:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1d274387217a21d310596d07dd815353a25fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8e:f4:2f:20:da:07:37:96:a2:84:de:6c:51:
51:73:8f:94:1b:3e:96:2c:2e:69:e2:e6:09:93:77:
04:3e:7b:95:b4:82:08:8e:cb:63:09:e4:0c:35:87:
b1:f3:2d:15:1d:cd:e1:08:c8:2b:a8:d9:b2:39:e4:
8e:e8:ba:fc:52:38:c2:d6:d8:d3:bd:26:60:40:14:
c3:ff:ce:87:83:86:bf:85:74:00:37:d7:38:b7:7b:
50:87:15:43:9c:fa:de:66:b9:82:0d:62:e7:53:8e:
22:8b:52:e5:fc:cd:ec:4c:e1:62:88:9f:fd:5d:99:
ab:04:8c:cd:77:2d:a1:ff:8f:c8:95:4f:b7:d6:15:
ef:48:da:9d:c9:ec:38:59:1f:ab:6e:33:d3:cc:3d:
c8:8a:87:1e:d1:48:02:16:c3:d1:fb:24:b2:05:03:
76:f6:7d:e5:42:02:a4:2e:ad:95:9f:c6:f1:0b:d0:
84:32:60:24:2f:a8:47:a1:23:6a:73:26:3d:68:1d:
c7:3c:ad:36:ea:66:34:29:29:64:9d:04:68:82:35:
39:12:05:f5:24:8d:a2:2f:f8:49:b5:25:e4:25:ad:
ea:6e:ca:ef:53:86:3b:d1:61:a4:57:d8:37:3c:f7:
55:88:4a:d7:99:af:2b:5c:45:f0:c4:19:ea:3d:ed:
0a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1D:27:43:87:21:7A:21:D3:10:59:6D:07:DD:81:53:53:A2:5F:B5
X509v3 Authority Key Identifier:
keyid:70:3D:48:65:3B:42:B7:46:47:26:89:26:B3:C4:A4:97:F9:EF:79:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cD1IZTtCt0ZHJokms8Skl_nveb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/3R0nQ4cheiHTEFltB92BU1OiX7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7a4094-5e3e-404a-9906-e70ea6332365/1/cD1IZTtCt0ZHJokms8Skl_nveb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.254.0/24
Signature Algorithm: sha256WithRSAEncryption
16:14:47:64:8c:66:67:54:35:43:0d:97:ef:08:8b:97:f4:81:
f4:ed:9f:d3:b4:09:b3:b9:1e:f7:81:d3:f7:8e:a7:b1:26:a5:
97:a2:4d:67:1b:75:97:94:b0:a2:f9:cd:7d:8d:78:b5:56:a6:
f4:30:14:48:d1:84:ab:0c:cf:04:39:df:59:fe:5e:28:29:71:
0b:f2:1b:3a:c1:57:6e:9c:99:76:ea:6c:95:c9:bd:23:da:76:
29:0a:f5:19:4b:20:63:89:b2:97:57:c1:96:35:74:b0:2c:8d:
d5:44:a2:ab:92:9e:70:8c:33:84:cc:ae:f2:10:74:fc:41:da:
65:18:1b:00:cf:65:8d:00:9d:d5:8b:b8:82:66:e6:ef:e4:cb:
a7:77:28:a8:8d:ce:25:31:de:34:ad:f8:e5:e8:b8:19:e2:d6:
58:fc:ca:b3:d0:6b:29:f7:f9:02:e3:66:02:05:90:71:d5:fb:
05:26:ed:c8:52:c4:28:cb:c2:05:51:da:6c:18:73:94:f2:8f:
d1:38:b5:2e:d5:3d:ba:b7:bd:fa:ef:41:11:8e:11:52:f9:3b:
ea:ab:cb:c3:fd:ec:1e:6d:a9:e9:3c:c0:c7:fa:29:b3:ec:eb:
7d:12:c2:16:90:f1:79:e9:38:6c:d0:21:21:af:d3:dc:45:a1:
6b:3a:6e:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgqp4EDrEbRd7Vr0fQ5oLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwM2Q0ODY1M2I0MmI3NDY0NzI2ODkyNmIzYzRhNDk3Zjll
Zjc5YmQwHhcNMjMwMTAyMDMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFkMjc0Mzg3MjE3YTIxZDMxMDU5NmQwN2RkODE1MzUzYTI1ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY70LyDaBzeWooTebFFRc4+UGz6W
LC5p4uYJk3cEPnuVtIIIjstjCeQMNYex8y0VHc3hCMgrqNmyOeSO6Lr8UjjC1tjT
vSZgQBTD/86Hg4a/hXQAN9c4t3tQhxVDnPreZrmCDWLnU44ii1Ll/M3sTOFiiJ/9
XZmrBIzNdy2h/4/IlU+31hXvSNqdyew4WR+rbjPTzD3Iioce0UgCFsPR+ySyBQN2
9n3lQgKkLq2Vn8bxC9CEMmAkL6hHoSNqcyY9aB3HPK026mY0KSlknQRogjU5EgX1
JI2iL/hJtSXkJa3qbsrvU4Y70WGkV9g3PPdViErXma8rXEXwxBnqPe0KLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0dJ0OHIXoh0xBZbQfdgVNTol+1MB8GA1UdIwQY
MBaAFHA9SGU7QrdGRyaJJrPEpJf573m9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0QxSVpUdEN0MFpISm9rbXM4U2tsX252ZWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YTQwOTQtNWUzZS00MDRhLTk5MDYt
ZTcwZWE2MzMyMzY1LzEvM1IwblE0Y2hlaUhURUZsdEI5MkJVMU9pWDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YTQwOTQtNWUzZS00MDRhLTk5MDYtZTcwZWE2MzMyMzY1
LzEvY0QxSVpUdEN0MFpISm9rbXM4U2tsX252ZWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/L+MA0G
CSqGSIb3DQEBCwUAA4IBAQAWFEdkjGZnVDVDDZfvCIuX9IH07Z/TtAmzuR73gdP3
jqexJqWXok1nG3WXlLCi+c19jXi1Vqb0MBRI0YSrDM8EOd9Z/l4oKXEL8hs6wVdu
nJl26myVyb0j2nYpCvUZSyBjibKXV8GWNXSwLI3VRKKrkp5wjDOEzK7yEHT8Qdpl
GBsAz2WNAJ3Vi7iCZubv5Mundyiojc4lMd40rfjl6LgZ4tZY/Mqz0Gsp9/kC42YC
BZBx1fsFJu3IUsQoy8IFUdpsGHOU8o/ROLUu1T26t73670ERjhFS+Tvqq8vD/ewe
banpPMDH+imz7Ot9EsIWkPF56Ths0CEhr9PcRaFrOm6r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:38 2025 by rpki-client