Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/op03PiIgIryfJLOgnxJUFmrJJf8.roa
File: op03PiIgIryfJLOgnxJUFmrJJf8.roa (raw, json)
Hash identifier: iKXldOB3E0Yf5jLjuZ/b02px/tq9Hd/2dVn8nrNZrxs=
Subject key identifier: A2:9D:37:3E:22:20:22:BC:9F:24:B3:A0:9F:12:54:16:6A:C9:25:FF
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0189B7471C726AB10548A98300DF981867A7
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/op03PiIgIryfJLOgnxJUFmrJJf8.roa
Signing time: Wed 02 Aug 2023 17:23:58 +0000
ROA not before: Wed 02 Aug 2023 17:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197644
IP address blocks: 91.147.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b7:47:1c:72:6a:b1:05:48:a9:83:00:df:98:18:67:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 2 17:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a29d373e222022bc9f24b3a09f1254166ac925ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:14:b9:2b:82:35:f2:30:cf:9b:b6:d0:42:20:
64:6d:a7:2e:62:9e:28:b8:2a:17:94:3a:00:8a:c0:
4a:78:e7:2e:be:58:26:56:23:da:79:f0:9f:08:7d:
25:f9:64:92:e3:17:71:3a:a0:08:38:b3:30:f9:84:
d0:af:b8:d5:f4:f3:f9:5f:ed:68:7e:74:3c:11:fe:
e5:84:8e:f4:64:fc:ab:28:75:9c:07:8b:97:25:24:
b3:89:ef:b2:e7:5e:e9:e8:4e:ab:90:24:02:0f:e9:
f3:c9:76:cb:03:8e:a8:23:84:3c:b8:fa:91:a3:02:
8a:c5:a3:4a:de:1a:54:9e:3e:96:9e:3f:e6:ef:a7:
2e:d1:f2:ae:b0:52:fa:34:25:07:1d:df:80:df:05:
a6:e4:30:85:ec:9b:06:ff:66:70:65:5e:29:a0:c0:
26:7d:5f:9f:a0:56:03:be:d1:28:25:b6:a9:85:17:
95:29:78:14:b6:d2:0e:07:a1:f4:77:93:18:16:9b:
c7:e4:22:4c:d8:9f:a8:53:09:32:73:db:cd:73:8d:
86:45:7c:29:3e:48:b8:84:67:1a:3e:8d:40:66:13:
90:55:5b:fe:67:85:26:5f:64:03:17:62:94:03:91:
2f:f2:71:33:86:c5:ec:66:bb:43:db:e5:fe:11:09:
54:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:37:3E:22:20:22:BC:9F:24:B3:A0:9F:12:54:16:6A:C9:25:FF
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/op03PiIgIryfJLOgnxJUFmrJJf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:53:63:7b:5f:c3:17:92:ab:5c:fe:52:c1:66:12:c0:2b:5c:
6f:29:d1:e3:1a:2c:a0:97:47:32:bc:b1:3d:87:88:58:f0:d9:
ef:6f:b2:76:70:05:b8:e6:e0:de:f9:96:86:fe:d0:10:6d:78:
43:5b:87:f1:a2:c0:2b:81:9f:ca:f5:50:a4:46:9e:6d:7e:bf:
a4:f4:2c:63:ef:c7:86:99:af:fa:80:f1:17:d7:eb:80:00:4b:
eb:23:5b:45:a2:fd:6e:e8:d8:77:ad:d2:84:30:bf:c5:2c:33:
5f:28:93:a8:47:29:b6:5c:61:a3:1d:03:b4:2d:5e:d7:91:a6:
14:d1:6f:5f:22:12:b7:ff:34:51:aa:b5:2a:e3:bd:bc:84:7f:
06:b7:5f:82:a2:0f:18:b3:7a:8d:7c:6b:95:8a:5c:3a:f6:27:
4b:e2:4b:d2:31:0f:91:1e:4d:f9:ad:53:54:db:ca:47:e6:c9:
bd:3b:a2:e0:9d:c6:a6:23:07:22:53:42:df:70:7d:d5:dc:37:
9c:35:c5:c4:b3:ff:00:0a:a2:01:0d:ec:cb:15:78:54:b6:66:
e4:f5:52:18:fa:e3:5e:3b:8d:c3:14:7e:1e:d7:ca:38:2e:e5:
86:cf:03:21:65:91:42:28:48:3a:01:6b:ed:d3:9e:47:7d:d5:
2e:39:ed:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm3RxxyarEFSKmDAN+YGGenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwODAyMTcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjlkMzczZTIyMjAyMmJjOWYyNGIzYTA5ZjEyNTQxNjZhYzkyNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBS5K4I18jDPm7bQQiBkbacuYp4o
uCoXlDoAisBKeOcuvlgmViPaefCfCH0l+WSS4xdxOqAIOLMw+YTQr7jV9PP5X+1o
fnQ8Ef7lhI70ZPyrKHWcB4uXJSSzie+y517p6E6rkCQCD+nzyXbLA46oI4Q8uPqR
owKKxaNK3hpUnj6Wnj/m76cu0fKusFL6NCUHHd+A3wWm5DCF7JsG/2ZwZV4poMAm
fV+foFYDvtEoJbaphReVKXgUttIOB6H0d5MYFpvH5CJM2J+oUwkyc9vNc42GRXwp
Pki4hGcaPo1AZhOQVVv+Z4UmX2QDF2KUA5Ev8nEzhsXsZrtD2+X+EQlUhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKdNz4iICK8nySzoJ8SVBZqySX/MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvb3AwM1BpSWdJcnlmSkxPZ254SlVGbXJKSmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5N0MA0G
CSqGSIb3DQEBCwUAA4IBAQCNU2N7X8MXkqtc/lLBZhLAK1xvKdHjGiygl0cyvLE9
h4hY8Nnvb7J2cAW45uDe+ZaG/tAQbXhDW4fxosArgZ/K9VCkRp5tfr+k9Cxj78eG
ma/6gPEX1+uAAEvrI1tFov1u6Nh3rdKEML/FLDNfKJOoRym2XGGjHQO0LV7XkaYU
0W9fIhK3/zRRqrUq4728hH8Gt1+Cog8Ys3qNfGuVilw69idL4kvSMQ+RHk35rVNU
28pH5sm9O6LgncamIwciU0LfcH3V3DecNcXEs/8ACqIBDezLFXhUtmbk9VIY+uNe
O43DFH4e18o4LuWGzwMhZZFCKEg6AWvt055HfdUuOe2Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:10 2025 by rpki-client