Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/KrbH9NCFqJ3a_M3xxx-t9Hg87Js.roa
File: KrbH9NCFqJ3a_M3xxx-t9Hg87Js.roa (raw, json)
Hash identifier: vEyGYmcOCpWXBN/NTPDeuONEAk+GN5E1JHWW03xfYXs=
Subject key identifier: 2A:B6:C7:F4:D0:85:A8:9D:DA:FC:CD:F1:C7:1F:AD:F4:78:3C:EC:9B
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0192C3C714F4FB1DD2836F954CC3C31D2C58
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/KrbH9NCFqJ3a_M3xxx-t9Hg87Js.roa
Signing time: Fri 25 Oct 2024 13:04:16 +0000
ROA not before: Fri 25 Oct 2024 13:04:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.147.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:c7:14:f4:fb:1d:d2:83:6f:95:4c:c3:c3:1d:2c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Oct 25 13:04:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ab6c7f4d085a89ddafccdf1c71fadf4783cec9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:28:18:90:5e:cf:20:0d:32:2f:ea:98:24:10:
67:d5:08:36:10:fb:3d:5e:06:d7:99:4d:17:b3:e0:
6e:42:2b:a0:bf:2a:3e:8e:db:ba:18:a7:dd:88:54:
55:e3:fe:e1:30:ee:c4:8f:aa:ba:a6:cc:63:a1:42:
f5:21:95:59:9a:4c:c2:ad:6d:c1:52:16:13:49:08:
a5:6e:19:93:91:b6:13:e3:a2:0b:24:32:13:77:1b:
9e:f4:68:fa:ed:71:42:fa:ac:54:7f:67:6d:a1:d7:
5c:7d:83:d2:6d:4f:de:f5:cd:02:15:c7:d3:6f:dd:
20:6a:54:2b:11:0c:ee:97:b5:aa:c6:cf:5c:18:0a:
51:fd:ad:89:e3:9d:dc:40:5f:f8:05:a9:49:57:d5:
87:b7:05:7e:09:64:d3:07:70:f5:c2:16:22:ac:1b:
15:3c:b8:f1:fe:14:55:b9:44:d6:dd:2e:54:44:a1:
a4:1b:de:4e:c3:12:72:b3:5f:72:9f:27:13:19:58:
b9:93:da:ef:72:4c:98:a2:12:42:d0:23:39:81:20:
4d:e6:79:e6:8a:74:af:11:08:a4:5f:cc:7d:13:27:
be:7e:34:64:db:4f:ca:40:a2:62:61:32:a6:78:29:
c4:3b:9b:a7:12:f5:01:0b:e7:1b:85:a1:3f:ec:3f:
eb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B6:C7:F4:D0:85:A8:9D:DA:FC:CD:F1:C7:1F:AD:F4:78:3C:EC:9B
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/KrbH9NCFqJ3a_M3xxx-t9Hg87Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:9e:ad:f1:53:6d:0e:5e:9c:0e:19:50:47:b7:25:ea:7d:40:
8b:b6:ed:12:bb:20:2c:39:c0:ec:86:88:87:78:9e:91:71:fe:
33:61:75:f6:b2:c7:79:2d:99:cc:ab:d5:4b:c9:c9:eb:ed:86:
aa:d0:5b:f6:bc:94:2e:1f:2f:1a:6e:82:c5:d7:1e:2a:5d:8a:
4a:f2:d0:5d:29:5a:31:89:20:db:17:c3:f2:71:8b:d1:49:6e:
ee:87:8e:41:2c:9a:9d:74:0f:02:1d:14:12:e9:e9:04:ad:70:
91:71:89:66:be:3b:53:a6:ff:3a:c2:f5:99:fb:b0:20:ee:16:
67:53:cd:82:89:ee:f3:cc:8a:7b:67:c9:db:ed:28:d1:41:77:
83:46:a1:33:1d:a7:01:7f:14:b5:0b:df:7a:7e:4a:28:0c:e9:
ee:69:ca:ed:91:c6:f1:1d:b9:b1:c2:91:50:61:7b:60:04:df:
08:ac:15:53:f5:52:77:74:e8:4f:67:4f:36:2f:85:9d:ce:e5:
67:11:fa:f8:8f:87:09:d8:a4:a2:c3:18:a1:32:fa:f1:b1:66:
32:1e:a5:e3:ff:c5:70:c5:29:1a:67:c0:bf:d5:ef:1c:fb:d4:
5d:1b:3e:0f:f6:31:db:f0:12:66:c9:0f:3c:65:d6:11:d7:52:
01:cf:da:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLDxxT0+x3Sg2+VTMPDHSxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQxMDI1MTMwNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI2YzdmNGQwODVhODlkZGFmY2NkZjFjNzFmYWRmNDc4M2NlYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxigYkF7PIA0yL+qYJBBn1Qg2EPs9
XgbXmU0Xs+BuQiugvyo+jtu6GKfdiFRV4/7hMO7Ej6q6psxjoUL1IZVZmkzCrW3B
UhYTSQilbhmTkbYT46ILJDITdxue9Gj67XFC+qxUf2dtoddcfYPSbU/e9c0CFcfT
b90galQrEQzul7Wqxs9cGApR/a2J453cQF/4BalJV9WHtwV+CWTTB3D1whYirBsV
PLjx/hRVuUTW3S5URKGkG95OwxJys19ynycTGVi5k9rvckyYohJC0CM5gSBN5nnm
inSvEQikX8x9Eye+fjRk20/KQKJiYTKmeCnEO5unEvUBC+cbhaE/7D/rsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq2x/TQhaid2vzN8ccfrfR4POybMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvS3JiSDlOQ0ZxSjNhX00zeHh4LXQ5SGc4N0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW5N8MA0G
CSqGSIb3DQEBCwUAA4IBAQBcnq3xU20OXpwOGVBHtyXqfUCLtu0SuyAsOcDshoiH
eJ6Rcf4zYXX2ssd5LZnMq9VLycnr7Yaq0Fv2vJQuHy8aboLF1x4qXYpK8tBdKVox
iSDbF8PycYvRSW7uh45BLJqddA8CHRQS6ekErXCRcYlmvjtTpv86wvWZ+7Ag7hZn
U82Cie7zzIp7Z8nb7SjRQXeDRqEzHacBfxS1C996fkooDOnuacrtkcbxHbmxwpFQ
YXtgBN8IrBVT9VJ3dOhPZ082L4WdzuVnEfr4j4cJ2KSiwxihMvrxsWYyHqXj/8Vw
xSkaZ8C/1e8c+9RdGz4P9jHb8BJmyQ88ZdYR11IBz9rX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:35 2025 by rpki-client