Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cpkB2re2ynk8mVwXwDsmpzGA4Ig.roa
File: cpkB2re2ynk8mVwXwDsmpzGA4Ig.roa (raw, json)
Hash identifier: 9RvsJMa1fXKfnV83dqbL5o4bj/D+OCPVc4Ne7MVpwJw=
Subject key identifier: 72:99:01:DA:B7:B6:CA:79:3C:99:5C:17:C0:3B:26:A7:31:80:E0:88
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0183D78D2BE887E32B922C187A9408813693
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cpkB2re2ynk8mVwXwDsmpzGA4Ig.roa
Signing time: Fri 14 Oct 2022 17:31:36 +0000
ROA not before: Fri 14 Oct 2022 17:31:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.246.0/24 maxlen: 24
91.147.124.0/23 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d7:8d:2b:e8:87:e3:2b:92:2c:18:7a:94:08:81:36:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Oct 14 17:31:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=729901dab7b6ca793c995c17c03b26a73180e088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:00:22:3c:15:75:ea:11:75:b4:26:a9:43:65:
df:55:13:0a:0e:d9:be:f4:87:59:df:f6:ea:ff:1a:
6a:59:4f:0b:27:b3:41:7d:81:dc:c6:25:58:69:c6:
0b:8a:c3:da:74:fa:ab:85:67:a7:91:be:30:0d:9d:
90:80:3d:75:6f:68:b2:6f:8c:3c:17:63:02:5b:88:
29:51:2b:fe:a5:07:72:de:3a:6e:8d:94:47:cc:41:
70:f0:d7:be:56:c0:c6:84:37:36:e9:9c:f3:fc:e5:
14:f3:92:31:a2:05:12:9f:fd:31:c8:69:c4:d9:07:
20:78:83:f8:66:d7:92:b7:0b:fb:17:7c:c1:dc:c9:
58:38:9a:d5:60:a3:45:1f:a0:fd:f5:25:ee:f0:3c:
93:a8:e6:89:6e:4d:dc:24:f0:2a:e5:16:17:ba:c2:
3b:0e:08:75:8a:b7:f9:71:49:71:f2:a4:d7:ed:8f:
09:83:c8:35:f5:3d:94:e7:ae:db:2d:8d:11:27:56:
96:33:a1:97:7b:7e:d9:7b:18:9c:e6:1e:87:26:72:
a8:7b:72:25:a0:9c:b8:ad:b9:c7:55:d0:80:ea:f2:
72:5b:d6:8f:ab:73:bf:5e:a7:e5:d1:f7:9c:26:fa:
9b:97:55:17:42:45:bb:5b:4d:e6:e6:42:09:7f:6c:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:99:01:DA:B7:B6:CA:79:3C:99:5C:17:C0:3B:26:A7:31:80:E0:88
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cpkB2re2ynk8mVwXwDsmpzGA4Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.124.0/22
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a2:c5:ff:8a:25:7c:cd:ae:a4:26:c8:95:01:8d:09:2d:4d:
bd:4a:c0:36:31:d3:73:ec:53:29:14:9f:ce:35:1f:07:a9:d3:
3b:59:d4:25:55:a4:de:6e:04:03:23:f9:ba:18:50:15:0a:93:
2c:5b:be:45:0a:0c:9d:fb:c9:6f:3d:a5:27:d6:f9:fc:b5:55:
81:8d:fe:77:8d:b1:5c:69:96:61:46:20:d6:da:11:f7:7e:5b:
ee:c7:56:9b:37:71:45:6d:bc:34:d6:75:e8:27:55:16:c6:6e:
6b:b8:a0:4a:a0:43:e4:fb:8a:cb:9e:34:ef:28:c5:0e:58:d4:
de:ec:44:da:39:67:86:63:c8:ab:7d:2e:5f:94:b6:71:e3:0f:
2f:1b:f0:d0:1b:5a:e7:cf:2b:df:38:9c:5b:80:1e:34:8f:86:
13:c8:9f:c3:80:cf:6a:de:0e:60:bf:74:d9:f7:e5:64:8a:1f:
ec:e0:23:2f:ea:7b:19:c6:c8:b7:98:8e:ef:05:7e:1b:4c:96:
3f:f8:dd:b5:9c:99:81:d5:10:5c:5b:b1:a0:3b:5c:a0:71:79:
30:20:ff:d8:a5:cc:3e:91:81:53:a4:b4:9e:d0:a0:b9:e8:ec:
bb:dc:18:27:0f:18:a6:00:5b:46:ea:0a:0b:d9:1a:2d:4c:cb:
b7:92:70:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPXjSvoh+MrkiwYepQIgTaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjIxMDE0MTczMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk5MDFkYWI3YjZjYTc5M2M5OTVjMTdjMDNiMjZhNzMxODBlMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAAiPBV16hF1tCapQ2XfVRMKDtm+
9IdZ3/bq/xpqWU8LJ7NBfYHcxiVYacYLisPadPqrhWenkb4wDZ2QgD11b2iyb4w8
F2MCW4gpUSv+pQdy3jpujZRHzEFw8Ne+VsDGhDc26Zzz/OUU85IxogUSn/0xyGnE
2QcgeIP4ZteStwv7F3zB3MlYOJrVYKNFH6D99SXu8DyTqOaJbk3cJPAq5RYXusI7
Dgh1irf5cUlx8qTX7Y8Jg8g19T2U567bLY0RJ1aWM6GXe37Zexic5h6HJnKoe3Il
oJy4rbnHVdCA6vJyW9aPq3O/Xqfl0fecJvqbl1UXQkW7W03m5kIJf2xXvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHKZAdq3tsp5PJlcF8A7JqcxgOCIMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvY3BrQjJyZTJ5bms4bVZ3WHdEc21wekdBNElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW5N8AwQA
1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQAgosX/iiV8za6kJsiVAY0JLU29SsA2MdNz
7FMpFJ/ONR8HqdM7WdQlVaTebgQDI/m6GFAVCpMsW75FCgyd+8lvPaUn1vn8tVWB
jf53jbFcaZZhRiDW2hH3flvux1abN3FFbbw01nXoJ1UWxm5ruKBKoEPk+4rLnjTv
KMUOWNTe7ETaOWeGY8irfS5flLZx4w8vG/DQG1rnzyvfOJxbgB40j4YTyJ/DgM9q
3g5gv3TZ9+Vkih/s4CMv6nsZxsi3mI7vBX4bTJY/+N21nJmB1RBcW7GgO1ygcXkw
IP/Ypcw+kYFTpLSe0KC56Oy73BgnDximAFtG6goL2RotTMu3knCD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:13 2025 by rpki-client