Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ocevS3lHWpkUj_Wcrb2HjxDHvJs.roa
File: ocevS3lHWpkUj_Wcrb2HjxDHvJs.roa (raw, json)
Hash identifier: pxr/tLu6auw2xURvCc7XArFQGZWC8qWS9Cz8aCU3yAM=
Subject key identifier: A1:C7:AF:4B:79:47:5A:99:14:8F:F5:9C:AD:BD:87:8F:10:C7:BC:9B
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0189C1425A37C16C56683736D46D40FD4160
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ocevS3lHWpkUj_Wcrb2HjxDHvJs.roa
Signing time: Fri 04 Aug 2023 15:54:58 +0000
ROA not before: Fri 04 Aug 2023 15:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.121.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:42:5a:37:c1:6c:56:68:37:36:d4:6d:40:fd:41:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 4 15:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c7af4b79475a99148ff59cadbd878f10c7bc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ec:24:d3:f4:9a:0f:9c:28:e2:d2:c6:98:d2:
9a:2f:7a:83:54:1b:0e:c7:04:30:61:42:4b:94:22:
af:05:78:7d:f0:3d:94:d8:60:4d:c2:ea:72:36:32:
cc:31:9e:71:64:20:43:45:1a:0d:82:e4:98:47:a7:
37:eb:ce:7d:8f:de:c7:24:e3:42:e6:4b:22:9e:d0:
e3:47:13:3c:c4:d3:c9:ec:35:8f:cf:11:c7:73:7a:
3b:f6:6a:80:29:cd:12:f2:a0:c4:5e:2c:a6:ae:a4:
2a:66:77:a3:c5:f2:7b:e2:6b:79:dd:99:e5:ea:7e:
83:79:8f:97:ea:6f:ad:45:65:54:a7:e6:b2:52:c6:
63:17:ae:11:38:97:89:af:9f:9a:80:39:e0:79:4a:
3a:93:83:49:eb:40:36:11:db:15:37:9b:05:b4:fb:
58:ae:a4:30:6d:54:8c:9a:f6:34:4c:a8:25:bd:0c:
c1:db:a0:d0:ba:c3:22:8a:03:aa:82:96:b5:7b:33:
59:9c:d3:2a:68:e1:bb:37:ed:27:0c:dd:ba:e2:65:
1a:89:f3:ca:f1:ae:75:c6:9d:f9:1a:b2:65:3b:7f:
81:14:0f:76:17:57:48:9c:d2:74:ba:a7:eb:10:fb:
81:dd:e0:23:ae:68:71:99:c1:39:ce:26:38:b4:56:
8a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C7:AF:4B:79:47:5A:99:14:8F:F5:9C:AD:BD:87:8F:10:C7:BC:9B
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ocevS3lHWpkUj_Wcrb2HjxDHvJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.117.0-91.147.119.255
91.147.121.0-91.147.123.255
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d2:c2:b7:5c:2d:99:fc:bf:d1:e4:05:5d:b8:81:22:bc:18:
bd:ee:1d:f2:7c:98:96:de:37:cd:02:e5:0e:44:4a:ae:c0:fa:
0f:35:13:0e:10:54:5d:93:9b:dd:82:a2:b1:c9:9d:51:66:ea:
49:91:67:e1:6c:ce:9a:66:eb:89:ee:02:a6:9d:a3:4e:8c:b1:
e7:5e:ed:ba:8a:05:75:7c:d8:fb:83:c6:b2:b5:c1:39:72:3f:
35:31:0e:b4:74:86:cb:5d:61:81:a3:d5:fe:87:e9:c7:3b:31:
9c:78:7a:35:4e:09:6e:19:fa:69:25:ec:95:c0:83:5a:b2:44:
9e:55:f5:c9:fa:53:48:40:52:38:aa:4c:82:47:de:a3:cb:a9:
4a:e3:3c:ee:71:fa:0a:7c:74:ed:86:12:d3:4c:d3:5b:d2:4e:
89:2f:12:b0:85:e9:0c:0e:6c:2e:42:cd:6e:96:18:a1:cf:88:
e8:db:1f:00:f6:5e:5e:2d:7d:9b:67:46:8a:27:21:3b:e6:62:
ea:ff:a3:95:45:04:49:b1:81:65:2f:71:d3:04:d0:8e:44:02:
b9:cc:0e:92:aa:af:7d:e2:46:0c:2c:0c:88:97:26:78:f9:64:
36:d7:b7:8e:4d:2e:24:99:03:0b:d7:41:b3:14:b2:7b:10:ee:
7b:a1:eb:c8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYnBQlo3wWxWaDc21G1A/UFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwODA0MTU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM3YWY0Yjc5NDc1YTk5MTQ4ZmY1OWNhZGJkODc4ZjEwYzdiYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguwk0/SaD5wo4tLGmNKaL3qDVBsO
xwQwYUJLlCKvBXh98D2U2GBNwupyNjLMMZ5xZCBDRRoNguSYR6c36859j97HJONC
5ksintDjRxM8xNPJ7DWPzxHHc3o79mqAKc0S8qDEXiymrqQqZnejxfJ74mt53Znl
6n6DeY+X6m+tRWVUp+ayUsZjF64ROJeJr5+agDngeUo6k4NJ60A2EdsVN5sFtPtY
rqQwbVSMmvY0TKglvQzB26DQusMiigOqgpa1ezNZnNMqaOG7N+0nDN264mUaifPK
8a51xp35GrJlO3+BFA92F1dInNJ0uqfrEPuB3eAjrmhxmcE5ziY4tFaKIQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKHHr0t5R1qZFI/1nK29h48Qx7ybMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvb2NldlMzbEhXcGtVal9XY3JiMkhqeERIdkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBABbk3UD
BANbk3AwDAMEAFuTeQMEAluTeAMEAVuTfgMEANR09AMEANR09jANBgkqhkiG9w0B
AQsFAAOCAQEAENLCt1wtmfy/0eQFXbiBIrwYve4d8nyYlt43zQLlDkRKrsD6DzUT
DhBUXZOb3YKiscmdUWbqSZFn4WzOmmbrie4Cpp2jToyx517tuooFdXzY+4PGsrXB
OXI/NTEOtHSGy11hgaPV/ofpxzsxnHh6NU4Jbhn6aSXslcCDWrJEnlX1yfpTSEBS
OKpMgkfeo8upSuM87nH6Cnx07YYS00zTW9JOiS8SsIXpDA5sLkLNbpYYoc+I6Nsf
APZeXi19m2dGiichO+Zi6v+jlUUESbGBZS9x0wTQjkQCucwOkqqvfeJGDCwMiJcm
ePlkNte3jk0uJJkDC9dBsxSyexDue6HryA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:41 2025 by rpki-client