Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Q65BaIRhf9DmSBDB66IwZOo9Ns4.roa
File: Q65BaIRhf9DmSBDB66IwZOo9Ns4.roa (raw, json)
Hash identifier: eTeWA4lcIc65AVMAsnybIsCK7+ilByzsHzxZRGx/lAE=
Subject key identifier: 43:AE:41:68:84:61:7F:D0:E6:48:10:C1:EB:A2:30:64:EA:3D:36:CE
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019384F244CB33FA451B0475DA9606A178CA
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Q65BaIRhf9DmSBDB66IwZOo9Ns4.roa
Signing time: Mon 02 Dec 2024 01:18:09 +0000
ROA not before: Mon 02 Dec 2024 01:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.147.124.0/23 maxlen: 24
212.116.226.0/23 maxlen: 24
212.116.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:f2:44:cb:33:fa:45:1b:04:75:da:96:06:a1:78:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Dec 2 01:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43ae416884617fd0e64810c1eba23064ea3d36ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:18:e9:e3:7f:d3:09:bc:f4:25:d9:1c:10:
9f:fa:c4:51:73:cd:cb:01:27:af:70:1f:c4:7d:ac:
3e:67:66:10:4d:7c:74:4d:62:ad:b5:ba:04:8f:c1:
9a:88:b4:7e:09:ca:b3:cc:0e:52:09:d3:b4:04:a9:
23:79:b9:b7:29:4b:50:f3:b8:5c:c5:58:13:b8:e2:
67:e4:59:e5:da:6d:2b:29:66:9b:71:c3:61:19:6e:
1a:1f:e9:37:03:c6:9e:d2:22:fe:75:88:2a:e1:d1:
b0:c6:21:97:09:33:bd:9e:d4:63:e4:45:96:0d:98:
36:31:08:3a:78:2a:c6:02:6e:16:9a:cb:8a:a9:a0:
55:59:ba:41:ea:77:ba:dd:4d:f0:3c:62:1d:8d:56:
03:ca:15:60:ff:ae:eb:86:7b:67:9b:27:78:5a:41:
54:82:98:c8:bd:87:7b:f3:6a:ff:7d:9b:53:42:4d:
86:c4:2b:e8:4f:c8:20:b0:ab:04:03:58:b6:77:9f:
e2:62:e2:b3:80:fc:75:cc:7d:1b:99:ae:c3:dc:ea:
9d:10:e1:67:7f:e4:86:85:d2:b7:d6:83:d2:80:0c:
d8:d6:67:68:96:8d:d1:fd:24:74:d2:f1:3c:0f:b9:
4b:ba:76:48:c7:ba:8c:45:c4:ea:60:69:87:25:08:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AE:41:68:84:61:7F:D0:E6:48:10:C1:EB:A2:30:64:EA:3D:36:CE
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Q65BaIRhf9DmSBDB66IwZOo9Ns4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.124.0/23
212.116.226.0/23
212.116.236.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f4:4b:89:95:dd:cf:70:2c:37:7c:35:e5:8b:80:dc:71:74:
58:b9:42:c2:6a:de:bf:75:39:3c:01:61:f6:33:73:33:c0:22:
fa:d9:86:b4:0c:3d:90:d6:c2:0a:5b:ff:64:7e:66:be:97:0f:
78:35:e1:60:5f:c9:52:43:af:6b:fa:68:46:32:e8:9c:63:6c:
8e:2e:eb:85:6f:e9:a1:1a:6d:78:86:af:1a:ac:eb:2c:9c:66:
e7:a0:00:fd:51:af:3f:02:03:2d:2d:a7:6c:9f:f0:93:1e:6c:
c0:db:96:37:bd:d4:d6:20:d6:e4:a8:d5:2e:3e:7e:3c:c9:38:
ba:a5:af:74:cc:f7:08:08:35:4f:05:a8:4c:84:af:e1:40:d5:
3b:1b:6f:32:40:58:88:f1:8b:e9:1d:c7:52:3e:5a:aa:f5:ea:
13:c6:dd:f3:c3:53:05:8e:a2:37:3a:5e:32:52:7d:8c:69:72:
fb:6d:c3:0d:dc:e0:51:45:dc:33:85:30:b9:9c:2a:c1:6a:e2:
08:74:be:1c:e6:fe:2e:78:46:4e:d6:8d:ea:7a:c8:45:7e:c3:
f5:58:5b:12:3d:4d:7a:b8:df:eb:88:69:63:bd:96:09:48:1a:
24:b1:fc:47:a6:8e:72:6c:b4:65:ba:1f:d6:64:2b:b9:64:d3:
81:b1:5f:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOE8kTLM/pFGwR12pYGoXjKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQxMjAyMDExODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FlNDE2ODg0NjE3ZmQwZTY0ODEwYzFlYmEyMzA2NGVhM2QzNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0kY6eN/0wm89CXZHBCf+sRRc83L
ASevcB/Efaw+Z2YQTXx0TWKttboEj8GaiLR+CcqzzA5SCdO0BKkjebm3KUtQ87hc
xVgTuOJn5Fnl2m0rKWabccNhGW4aH+k3A8ae0iL+dYgq4dGwxiGXCTO9ntRj5EWW
DZg2MQg6eCrGAm4WmsuKqaBVWbpB6ne63U3wPGIdjVYDyhVg/67rhntnmyd4WkFU
gpjIvYd782r/fZtTQk2GxCvoT8ggsKsEA1i2d5/iYuKzgPx1zH0bma7D3OqdEOFn
f+SGhdK31oPSgAzY1mdolo3R/SR00vE8D7lLunZIx7qMRcTqYGmHJQhq2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEOuQWiEYX/Q5kgQweuiMGTqPTbOMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvUTY1QmFJUmhmOURtU0JEQjY2SXdaT285TnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW5N8AwQB
1HTiAwQC1HTsMA0GCSqGSIb3DQEBCwUAA4IBAQBF9EuJld3PcCw3fDXli4DccXRY
uULCat6/dTk8AWH2M3MzwCL62Ya0DD2Q1sIKW/9kfma+lw94NeFgX8lSQ69r+mhG
MuicY2yOLuuFb+mhGm14hq8arOssnGbnoAD9Ua8/AgMtLadsn/CTHmzA25Y3vdTW
INbkqNUuPn48yTi6pa90zPcICDVPBahMhK/hQNU7G28yQFiI8YvpHcdSPlqq9eoT
xt3zw1MFjqI3Ol4yUn2MaXL7bcMN3OBRRdwzhTC5nCrBauIIdL4c5v4ueEZO1o3q
eshFfsP1WFsSPU16uN/riGljvZYJSBoksfxHpo5ybLRluh/WZCu5ZNOBsV/H
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:11 2025 by rpki-client