Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/P8iALRk3FW9ExbnmRrrH38Kx_f0.roa
File: P8iALRk3FW9ExbnmRrrH38Kx_f0.roa (raw, json)
Hash identifier: WKH5i8ki6TDa9BIvxVXYhViIquFmFsnehSfOlpbOLQg=
Subject key identifier: 3F:C8:80:2D:19:37:15:6F:44:C5:B9:E6:46:BA:C7:DF:C2:B1:FD:FD
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0185766BEC30EC49D23CBBB68EBE8FCCF403
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/P8iALRk3FW9ExbnmRrrH38Kx_f0.roa
Signing time: Tue 03 Jan 2023 06:57:42 +0000
ROA not before: Tue 03 Jan 2023 06:57:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 91.147.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:6b:ec:30:ec:49:d2:3c:bb:b6:8e:be:8f:cc:f4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 3 06:57:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fc8802d1937156f44c5b9e646bac7dfc2b1fdfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:b6:c2:c9:88:a1:8a:18:2d:17:85:24:f1:
41:6b:82:2e:f3:32:f1:a8:f7:22:bd:19:d7:b1:74:
92:77:28:b5:34:cf:d5:7d:26:ac:df:46:1e:c4:3f:
fb:c6:2c:87:a9:a1:b4:24:e1:e0:3f:e2:d9:88:c3:
61:d5:04:ae:ec:94:88:7f:44:92:68:43:a9:3f:a7:
0e:96:67:5d:c3:bb:28:f6:fe:01:3d:ac:9d:26:41:
3a:c3:5e:f8:bf:1f:4f:4b:f1:1e:a8:a2:30:86:21:
56:3c:c1:0e:62:8e:09:2f:05:66:bb:5e:61:11:36:
59:61:e1:24:b5:e6:73:91:59:0f:92:bf:73:7f:cf:
f7:81:ae:5b:13:47:03:e1:21:1b:da:16:e7:8a:ba:
78:9c:4f:f5:29:ec:74:c9:5c:e9:59:da:5c:7a:e7:
e7:25:8e:3e:f0:c8:b2:b7:b3:14:4d:3c:68:a1:9e:
bb:e2:3e:fa:84:c4:c6:d3:2a:4c:31:36:d1:1f:59:
e9:96:d0:83:e7:6d:b2:6c:27:d5:69:05:ff:a9:b0:
b3:ee:c5:59:2d:71:f1:c5:e6:bd:00:80:26:d1:a5:
5a:43:54:77:ac:9d:45:77:c8:e8:3e:9e:e3:32:83:
05:60:ff:3b:ea:0a:c8:b2:ea:14:95:d4:ce:54:06:
61:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C8:80:2D:19:37:15:6F:44:C5:B9:E6:46:BA:C7:DF:C2:B1:FD:FD
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/P8iALRk3FW9ExbnmRrrH38Kx_f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.123.0/24
Signature Algorithm: sha256WithRSAEncryption
98:15:29:58:de:26:58:ef:bc:5e:5b:11:44:d4:85:2a:6e:ac:
c2:2a:7f:c7:8e:f2:71:8c:25:66:96:51:d3:ab:6e:61:a2:50:
9a:5f:4a:ab:84:53:c9:d2:7d:02:64:42:13:ec:80:47:d0:2f:
07:6b:1e:8a:76:29:d1:f6:18:17:ef:99:44:78:22:ea:f8:2c:
c7:75:b6:b3:50:7b:ac:f2:72:d8:29:d9:a2:9e:54:01:aa:92:
19:38:2a:9b:8d:d5:d0:ab:35:fd:53:d6:93:0d:d3:63:85:39:
0e:83:e1:c9:54:95:9f:d9:c1:44:5f:15:75:0c:32:6d:c2:48:
9b:93:c2:81:3f:48:a8:99:76:68:b5:08:47:27:cd:8e:23:0f:
49:94:5f:77:23:1e:b1:44:4b:1b:61:ef:d6:d5:1d:d8:2d:77:
30:fc:fb:1e:bf:5c:7d:51:85:f5:16:e7:81:b5:d0:12:7c:af:
67:d1:ec:fc:b4:8f:41:4d:d8:45:65:d9:48:14:1b:dd:4f:f9:
98:4a:da:94:c7:b4:96:e4:0f:1d:41:eb:66:49:11:f6:30:21:
65:84:45:46:42:19:ef:7a:ad:e1:bd:67:d5:b3:37:8e:0d:1a:
41:32:dd:41:99:e2:0f:07:5e:d7:bd:a7:6c:d1:11:24:96:28:
5c:c3:7b:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV2a+ww7EnSPLu2jr6PzPQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwMTAzMDY1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM4ODAyZDE5MzcxNTZmNDRjNWI5ZTY0NmJhYzdkZmMyYjFmZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPe2wsmIoYoYLReFJPFBa4Iu8zLx
qPcivRnXsXSSdyi1NM/VfSas30YexD/7xiyHqaG0JOHgP+LZiMNh1QSu7JSIf0SS
aEOpP6cOlmddw7so9v4BPaydJkE6w174vx9PS/EeqKIwhiFWPMEOYo4JLwVmu15h
ETZZYeEkteZzkVkPkr9zf8/3ga5bE0cD4SEb2hbnirp4nE/1Kex0yVzpWdpceufn
JY4+8Miyt7MUTTxooZ674j76hMTG0ypMMTbRH1npltCD522ybCfVaQX/qbCz7sVZ
LXHxxea9AIAm0aVaQ1R3rJ1Fd8joPp7jMoMFYP876grIsuoUldTOVAZhZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/IgC0ZNxVvRMW55ka6x9/Csf39MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvUDhpQUxSazNGVzlFeGJubVJyckgzOEt4X2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5N7MA0G
CSqGSIb3DQEBCwUAA4IBAQCYFSlY3iZY77xeWxFE1IUqbqzCKn/HjvJxjCVmllHT
q25holCaX0qrhFPJ0n0CZEIT7IBH0C8Hax6KdinR9hgX75lEeCLq+CzHdbazUHus
8nLYKdminlQBqpIZOCqbjdXQqzX9U9aTDdNjhTkOg+HJVJWf2cFEXxV1DDJtwkib
k8KBP0iomXZotQhHJ82OIw9JlF93Ix6xREsbYe/W1R3YLXcw/Psev1x9UYX1FueB
tdASfK9n0ez8tI9BTdhFZdlIFBvdT/mYStqUx7SW5A8dQetmSRH2MCFlhEVGQhnv
eq3hvWfVszeODRpBMt1BmeIPB17Xvads0REklihcw3uX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:52 2025 by rpki-client