Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/nDGTNlUVOT7Y60RKLlP30fPEIx0.roa
File: nDGTNlUVOT7Y60RKLlP30fPEIx0.roa (raw, json)
Hash identifier: uoP/ia5eXRnvx6CpO38gQuzVRHd2EBVOKRgVACpGVRc=
Subject key identifier: 9C:31:93:36:55:15:39:3E:D8:EB:44:4A:2E:53:F7:D1:F3:C4:23:1D
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018A2F3ECD6DD6F72E06BCD573910F4C0D91
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/nDGTNlUVOT7Y60RKLlP30fPEIx0.roa
Signing time: Sat 26 Aug 2023 00:29:19 +0000
ROA not before: Sat 26 Aug 2023 00:29:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 91.147.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2f:3e:cd:6d:d6:f7:2e:06:bc:d5:73:91:0f:4c:0d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 26 00:29:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c3193365515393ed8eb444a2e53f7d1f3c4231d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:0f:32:18:b9:47:ff:94:45:12:1f:a4:11:
4d:a8:42:16:8d:70:d9:f1:77:99:f2:7b:49:76:51:
c6:ba:a4:98:41:c2:13:da:d4:10:ff:66:0b:66:ad:
73:2a:29:f2:3b:29:ef:50:f4:6f:de:44:e3:dc:42:
86:a2:1d:36:e6:31:d6:0a:8f:72:13:98:ed:2d:68:
5c:be:5d:43:f0:4f:ec:24:7d:e8:29:ca:e6:28:fa:
e3:c5:3b:68:59:ff:26:27:eb:5c:83:fc:63:4f:d6:
32:8b:3e:15:01:b4:fa:26:4e:de:67:83:9b:22:bc:
a7:ad:22:e4:62:08:34:3f:67:7f:76:25:f2:81:0a:
7f:22:cc:80:b0:37:5b:67:85:93:63:9c:f1:66:3e:
12:f7:5b:8a:54:99:eb:29:b2:5e:4d:65:43:3f:83:
60:04:54:ab:da:7b:68:94:21:43:f4:a2:ed:47:c0:
dd:24:2d:11:d4:87:4b:4e:03:99:71:27:79:6c:85:
70:8d:1a:40:1e:63:25:f5:68:b3:9a:12:da:4b:cd:
fd:0e:de:36:87:b1:37:af:3e:66:ff:ef:3d:75:fa:
a4:02:79:fe:eb:dc:18:62:3b:ea:c9:67:e1:18:1b:
90:52:7e:76:a9:c7:71:92:e3:19:dc:98:34:5c:e0:
98:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:31:93:36:55:15:39:3E:D8:EB:44:4A:2E:53:F7:D1:F3:C4:23:1D
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/nDGTNlUVOT7Y60RKLlP30fPEIx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.124.0/23
Signature Algorithm: sha256WithRSAEncryption
89:84:53:38:12:c4:d2:81:22:ac:2e:8f:4e:00:8a:84:09:ed:
ed:cf:de:10:c8:0d:8d:39:25:52:28:c4:88:74:fa:40:ab:18:
a0:2c:33:52:df:b4:e7:72:d4:05:2a:ba:75:87:02:a6:8b:30:
a2:99:a9:cc:d0:56:c0:9c:6f:da:3f:90:56:4a:e9:e6:a2:75:
e3:da:d2:4a:e9:71:8a:77:10:13:85:15:83:e4:47:cf:9b:fe:
67:13:1f:5f:29:81:6b:1e:91:d4:78:7e:d8:c5:46:f3:22:5c:
3b:b9:ba:df:39:e9:49:a6:fc:fa:1d:fe:95:d8:03:7b:61:03:
3d:a5:85:69:cc:55:33:7a:91:03:0f:81:dd:8e:cd:f0:b5:8a:
c1:84:a1:7d:5d:08:5e:17:14:60:cc:5a:c7:20:8e:4a:4d:d1:
b8:52:d4:ce:8b:74:3c:4c:2b:04:4e:00:b4:4c:97:6b:83:db:
7e:a5:f9:9a:8e:df:63:7a:7a:ce:a2:35:07:90:81:c5:41:18:
db:f5:9f:ff:24:03:78:75:5e:a2:df:fc:c4:20:61:16:06:ca:
ba:72:cc:e9:5f:95:6b:84:45:4f:ab:64:d6:bc:2f:87:d0:df:
a2:06:ef:7d:1f:a6:96:c1:39:e9:1f:a4:6b:46:af:a8:b8:eb:
6d:90:c3:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYovPs1t1vcuBrzVc5EPTA2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwODI2MDAyOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzMxOTMzNjU1MTUzOTNlZDhlYjQ0NGEyZTUzZjdkMWYzYzQyMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKkPMhi5R/+URRIfpBFNqEIWjXDZ
8XeZ8ntJdlHGuqSYQcIT2tQQ/2YLZq1zKinyOynvUPRv3kTj3EKGoh025jHWCo9y
E5jtLWhcvl1D8E/sJH3oKcrmKPrjxTtoWf8mJ+tcg/xjT9Yyiz4VAbT6Jk7eZ4Ob
IrynrSLkYgg0P2d/diXygQp/IsyAsDdbZ4WTY5zxZj4S91uKVJnrKbJeTWVDP4Ng
BFSr2ntolCFD9KLtR8DdJC0R1IdLTgOZcSd5bIVwjRpAHmMl9WizmhLaS839Dt42
h7E3rz5m/+89dfqkAnn+69wYYjvqyWfhGBuQUn52qcdxkuMZ3Jg0XOCYVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwxkzZVFTk+2OtESi5T99HzxCMdMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvbkRHVE5sVVZPVDdZNjBSS0xsUDMwZlBFSXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW5N8MA0G
CSqGSIb3DQEBCwUAA4IBAQCJhFM4EsTSgSKsLo9OAIqECe3tz94QyA2NOSVSKMSI
dPpAqxigLDNS37TnctQFKrp1hwKmizCimanM0FbAnG/aP5BWSunmonXj2tJK6XGK
dxAThRWD5EfPm/5nEx9fKYFrHpHUeH7YxUbzIlw7ubrfOelJpvz6Hf6V2AN7YQM9
pYVpzFUzepEDD4Hdjs3wtYrBhKF9XQheFxRgzFrHII5KTdG4UtTOi3Q8TCsETgC0
TJdrg9t+pfmajt9jenrOojUHkIHFQRjb9Z//JAN4dV6i3/zEIGEWBsq6cszpX5Vr
hEVPq2TWvC+H0N+iBu99H6aWwTnpH6RrRq+ouOttkMPx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:02 2025 by rpki-client