Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f7985c-d826-428e-8da0-3ea8408792fe/1/Tnlnyj22xYaUqLpnkfr45gwVZUM.roa
File: Tnlnyj22xYaUqLpnkfr45gwVZUM.roa (raw, json)
Hash identifier: L2ENW1NPFnqorVNaeOziZoEJF7BLoSXjPNUNlAxvRAc=
Subject key identifier: 4E:79:67:CA:3D:B6:C5:86:94:A8:BA:67:91:FA:F8:E6:0C:15:65:43
Certificate issuer: /CN=37d48545338a312ebbb0e36061bd025f0e6d9c10
Certificate serial: 01878EE3C64CB6682F48B40CE51ACE91C2B2
Authority key identifier: 37:D4:85:45:33:8A:31:2E:BB:B0:E3:60:61:BD:02:5F:0E:6D:9C:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N9SFRTOKMS67sONgYb0CXw5tnBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f7985c-d826-428e-8da0-3ea8408792fe/1/Tnlnyj22xYaUqLpnkfr45gwVZUM.roa
Signing time: Mon 17 Apr 2023 11:05:04 +0000
ROA not before: Mon 17 Apr 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12837
IP address blocks: 91.196.196.0/22 maxlen: 22
91.196.199.0/24 maxlen: 24
91.196.198.0/24 maxlen: 24
91.196.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:e3:c6:4c:b6:68:2f:48:b4:0c:e5:1a:ce:91:c2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37d48545338a312ebbb0e36061bd025f0e6d9c10
Validity
Not Before: Apr 17 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e7967ca3db6c58694a8ba6791faf8e60c156543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:20:e6:9c:a0:25:19:36:22:b7:6e:a6:9b:83:
81:59:7a:86:60:77:1a:be:ce:4a:19:dd:c5:01:9c:
c4:af:8c:ce:95:52:b1:2f:b2:ee:1c:50:07:a1:da:
24:6c:32:94:55:d2:58:6f:11:80:02:a1:69:53:23:
da:e8:fa:57:4a:de:a6:d3:23:50:f7:5d:32:e4:e5:
d4:06:5d:c3:bf:7c:a1:8a:f7:67:35:35:86:13:e3:
ca:7f:20:00:ca:d8:f6:56:ad:5f:df:6f:7a:67:3b:
5c:c9:b0:61:55:19:1d:89:ab:08:c7:59:ed:99:e2:
69:29:4d:13:40:f5:c5:41:33:c2:4e:30:e0:53:75:
80:ac:ea:7d:42:2d:46:14:63:8d:16:f5:ad:54:91:
8c:40:94:69:3a:99:de:91:7e:b9:5a:de:57:ba:2c:
f5:31:53:1c:2e:99:b6:e5:70:49:67:0d:ab:2f:93:
cb:e8:be:7f:99:18:0b:f3:8b:bb:1f:c7:d7:ab:da:
b1:67:0d:e8:86:40:61:74:e6:b3:3e:a7:9b:aa:f2:
b0:da:4d:a8:92:d2:62:99:42:63:bc:9a:38:57:b1:
89:ba:4e:fa:1a:0f:7c:da:95:a2:41:b5:c9:30:0b:
bb:25:f9:d0:53:ff:b9:30:c8:6c:75:1e:fa:58:7a:
67:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:79:67:CA:3D:B6:C5:86:94:A8:BA:67:91:FA:F8:E6:0C:15:65:43
X509v3 Authority Key Identifier:
keyid:37:D4:85:45:33:8A:31:2E:BB:B0:E3:60:61:BD:02:5F:0E:6D:9C:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N9SFRTOKMS67sONgYb0CXw5tnBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f7985c-d826-428e-8da0-3ea8408792fe/1/Tnlnyj22xYaUqLpnkfr45gwVZUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f7985c-d826-428e-8da0-3ea8408792fe/1/N9SFRTOKMS67sONgYb0CXw5tnBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:6d:ca:4b:2b:e1:d9:bb:a4:ec:b7:bb:1a:9a:86:90:a6:5c:
e6:60:62:fe:c1:68:f4:79:a5:38:9a:96:7b:e7:a2:ca:99:28:
dc:24:5e:db:b3:19:ef:e7:be:4e:33:ab:f0:ce:e0:25:31:9a:
a2:2b:92:14:ef:cb:6d:86:86:63:22:d7:cc:b5:39:e9:76:c0:
14:67:2f:45:4e:10:e4:93:be:c1:a7:70:9b:e5:4c:1e:fa:b0:
02:4a:37:f9:ec:1b:17:87:25:f2:23:05:3d:3c:96:a9:18:de:
95:15:64:99:3c:06:28:f7:b8:16:bd:24:d2:6f:18:22:8f:c3:
d7:75:e3:d9:ac:4b:4a:03:e4:92:97:a4:bd:11:ff:b2:49:49:
ce:ed:a1:3e:4f:ef:1c:a2:72:96:42:47:ae:81:3a:b2:3b:d1:
cd:8d:96:8b:e0:45:b6:82:45:d2:e3:01:06:00:ae:7f:32:62:
7b:ef:f0:ec:f0:b4:21:06:02:7a:2a:fa:08:b6:75:c3:20:8f:
dc:a4:33:68:b6:cb:48:2a:dc:c3:18:57:f4:03:c9:0c:bd:13:
c1:6f:94:df:3a:00:e8:b5:3c:47:1d:46:b8:dc:59:32:04:55:
4a:54:30:8e:ce:20:ca:5a:00:4f:ba:c4:64:22:00:b4:8d:bd:
5b:5b:0e:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeO48ZMtmgvSLQM5RrOkcKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZDQ4NTQ1MzM4YTMxMmViYmIwZTM2MDYxYmQwMjVmMGU2
ZDljMTAwHhcNMjMwNDE3MTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc5NjdjYTNkYjZjNTg2OTRhOGJhNjc5MWZhZjhlNjBjMTU2NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCDmnKAlGTYit26mm4OBWXqGYHca
vs5KGd3FAZzEr4zOlVKxL7LuHFAHodokbDKUVdJYbxGAAqFpUyPa6PpXSt6m0yNQ
910y5OXUBl3Dv3yhivdnNTWGE+PKfyAAytj2Vq1f3296ZztcybBhVRkdiasIx1nt
meJpKU0TQPXFQTPCTjDgU3WArOp9Qi1GFGONFvWtVJGMQJRpOpnekX65Wt5Xuiz1
MVMcLpm25XBJZw2rL5PL6L5/mRgL84u7H8fXq9qxZw3ohkBhdOazPqebqvKw2k2o
ktJimUJjvJo4V7GJuk76Gg982pWiQbXJMAu7JfnQU/+5MMhsdR76WHpnEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE55Z8o9tsWGlKi6Z5H6+OYMFWVDMB8GA1UdIwQY
MBaAFDfUhUUzijEuu7DjYGG9Al8ObZwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjlTRlJUT0tNUzY3c09OZ1liMENYdzV0bkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mNzk4NWMtZDgyNi00MjhlLThkYTAt
M2VhODQwODc5MmZlLzEvVG5sbnlqMjJ4WWFVcUxwbmtmcjQ1Z3dWWlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9mNzk4NWMtZDgyNi00MjhlLThkYTAtM2VhODQwODc5MmZl
LzEvTjlTRlJUT0tNUzY3c09OZ1liMENYdzV0bkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8TEMA0G
CSqGSIb3DQEBCwUAA4IBAQAebcpLK+HZu6Tst7samoaQplzmYGL+wWj0eaU4mpZ7
56LKmSjcJF7bsxnv575OM6vwzuAlMZqiK5IU78tthoZjItfMtTnpdsAUZy9FThDk
k77Bp3Cb5Uwe+rACSjf57BsXhyXyIwU9PJapGN6VFWSZPAYo97gWvSTSbxgij8PX
dePZrEtKA+SSl6S9Ef+ySUnO7aE+T+8conKWQkeugTqyO9HNjZaL4EW2gkXS4wEG
AK5/MmJ77/Ds8LQhBgJ6KvoItnXDII/cpDNotstIKtzDGFf0A8kMvRPBb5TfOgDo
tTxHHUa43FkyBFVKVDCOziDKWgBPusRkIgC0jb1bWw6E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:05 2024 by rpki-client on console-fra.rpki-client.org