Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pZY5B78XyT6_ml_0ljvD4aDEq0I.roa
File: pZY5B78XyT6_ml_0ljvD4aDEq0I.roa (raw, json)
Hash identifier: 0SUXWsSuC5m2XC+icTK5Gcb0RgabGA3oW08UvlOLHT8=
Subject key identifier: A5:96:39:07:BF:17:C9:3E:BF:9A:5F:F4:96:3B:C3:E1:A0:C4:AB:42
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019421B202B2C2A0510B7F0044A759718377
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pZY5B78XyT6_ml_0ljvD4aDEq0I.roa
Signing time: Wed 01 Jan 2025 11:48:21 +0000
ROA not before: Wed 01 Jan 2025 11:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 91.147.116.0/24 maxlen: 24
91.147.117.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
91.147.119.0/24 maxlen: 24
91.147.122.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.244.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:02:b2:c2:a0:51:0b:7f:00:44:a7:59:71:83:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jan 1 11:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5963907bf17c93ebf9a5ff4963bc3e1a0c4ab42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:19:61:5c:72:d5:93:b5:c5:c0:ed:f4:9c:02:
0c:bb:ef:4a:25:2d:ec:1a:16:e5:37:27:7f:90:9f:
9e:09:e1:17:c4:c4:a7:f0:c6:df:35:ac:d2:05:da:
6b:b9:65:04:e3:a3:15:c4:ad:8c:5c:fe:08:fc:28:
7d:50:05:b1:ec:7e:9a:b1:f5:2d:6d:14:6c:00:a3:
f8:2f:10:30:ec:8a:6c:c2:47:b1:d9:9e:c4:9c:1d:
c2:5b:ac:49:9b:33:74:3c:0c:66:01:e5:a1:e7:d9:
65:00:c7:d5:64:29:13:d9:0f:a9:12:35:40:88:f7:
c8:11:79:57:35:d7:6f:86:b1:8a:10:3b:d7:6d:98:
e9:9c:85:91:ba:d3:17:03:00:ff:f0:d3:2e:16:5e:
ae:1b:b3:5f:7b:f4:19:79:f0:9a:93:fd:47:63:d0:
fc:d5:51:51:73:f8:a7:e1:54:c5:7b:d1:44:57:d0:
af:4f:87:b5:86:27:f5:08:ec:65:cd:e9:0f:8a:b9:
91:e3:3f:7e:88:67:9b:86:9a:3f:4a:24:de:ae:47:
a1:13:c5:d8:9e:61:e1:39:6f:49:56:35:42:f7:27:
39:d9:4b:37:26:7f:ae:1e:97:74:f9:5c:85:d7:cf:
18:e2:e8:31:10:c0:d9:cc:16:74:23:e2:60:87:43:
c3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:96:39:07:BF:17:C9:3E:BF:9A:5F:F4:96:3B:C3:E1:A0:C4:AB:42
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pZY5B78XyT6_ml_0ljvD4aDEq0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/22
91.147.122.0/23
91.147.126.0/23
212.116.244.0/24
212.116.246.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:08:d1:e9:96:79:65:83:96:0e:11:ea:08:8e:5a:99:bf:f7:
9f:25:86:a9:66:89:30:d2:19:3d:d9:79:ae:24:7d:7b:9e:50:
2b:2b:2d:5b:6b:31:91:1e:05:cd:2b:29:b9:75:95:eb:c5:fc:
ad:cd:22:e1:9c:f6:36:81:d4:d6:50:55:b1:06:d3:6f:5f:e2:
47:14:3d:cf:0c:40:0c:80:b9:8c:dc:41:9c:d5:96:71:d7:59:
ae:0e:6b:e6:03:ef:20:36:22:4f:f2:bd:40:c0:aa:7f:f5:1c:
ac:76:82:b7:1d:f6:55:67:30:58:ea:61:ee:d2:fe:96:fc:ab:
b0:22:6a:9d:65:11:e1:ae:77:15:d1:dd:b3:3d:03:49:23:8d:
37:3d:fd:6a:b2:dd:0e:0e:90:56:5e:1e:48:a5:b1:39:44:e0:
ad:1c:ef:46:18:5c:13:4a:f8:30:c8:4a:26:8f:82:5b:65:7b:
de:39:47:1d:0d:7f:4c:1e:7b:8d:9e:d7:a9:b8:72:d6:bf:22:
25:f9:cb:7d:c7:9b:5a:b8:85:c9:59:82:09:0c:9d:c5:9d:bf:
af:10:62:f9:29:36:3b:2d:db:9f:5b:83:12:fa:08:29:f0:ef:
7e:ed:44:8f:21:54:03:dc:de:87:9a:cd:0d:70:03:87:e6:81:
85:28:e9:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsgKywqBRC38ARKdZcYN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwMTAxMTE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk2MzkwN2JmMTdjOTNlYmY5YTVmZjQ5NjNiYzNlMWEwYzRhYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xlhXHLVk7XFwO30nAIMu+9KJS3s
GhblNyd/kJ+eCeEXxMSn8MbfNazSBdpruWUE46MVxK2MXP4I/Ch9UAWx7H6asfUt
bRRsAKP4LxAw7Ipswkex2Z7EnB3CW6xJmzN0PAxmAeWh59llAMfVZCkT2Q+pEjVA
iPfIEXlXNddvhrGKEDvXbZjpnIWRutMXAwD/8NMuFl6uG7Nfe/QZefCak/1HY9D8
1VFRc/in4VTFe9FEV9CvT4e1hif1COxlzekPirmR4z9+iGebhpo/SiTerkehE8XY
nmHhOW9JVjVC9yc52Us3Jn+uHpd0+VyF188Y4ugxEMDZzBZ0I+Jgh0PDmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKWWOQe/F8k+v5pf9JY7w+GgxKtCMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvcFpZNUI3OFh5VDZfbWxfMGxqdkQ0YURFcTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW5N0AwQB
W5N6AwQBW5N+AwQA1HT0AwQA1HT2MA0GCSqGSIb3DQEBCwUAA4IBAQDYCNHplnll
g5YOEeoIjlqZv/efJYapZokw0hk92XmuJH17nlArKy1bazGRHgXNKym5dZXrxfyt
zSLhnPY2gdTWUFWxBtNvX+JHFD3PDEAMgLmM3EGc1ZZx11muDmvmA+8gNiJP8r1A
wKp/9RysdoK3HfZVZzBY6mHu0v6W/KuwImqdZRHhrncV0d2zPQNJI403Pf1qst0O
DpBWXh5IpbE5ROCtHO9GGFwTSvgwyEomj4JbZXveOUcdDX9MHnuNntepuHLWvyIl
+ct9x5tauIXJWYIJDJ3Fnb+vEGL5KTY7LdufW4MS+ggp8O9+7USPIVQD3N6Hms0N
cAOH5oGFKOk+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:36 2025 by rpki-client