Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/fltEACClrRyRXj4cb-LT68jDZiE.roa
File: fltEACClrRyRXj4cb-LT68jDZiE.roa (raw, json)
Hash identifier: dV4Syzx9jeQU4zbCXwEHCYj2RApEKW2Eg9h79I9FRV0=
Subject key identifier: 7E:5B:44:00:20:A5:AD:1C:91:5E:3E:1C:6F:E2:D3:EB:C8:C3:66:21
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01856ED4C2F04FEDA6452583C43FCF721DD2
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/fltEACClrRyRXj4cb-LT68jDZiE.roa
Signing time: Sun 01 Jan 2023 19:35:15 +0000
ROA not before: Sun 01 Jan 2023 19:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 91.220.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c2:f0:4f:ed:a6:45:25:83:c4:3f:cf:72:1d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 19:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e5b440020a5ad1c915e3e1c6fe2d3ebc8c36621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:42:7a:1a:93:89:3f:74:66:6b:ad:d3:0b:a9:
35:8f:12:33:3b:2a:60:6d:07:51:84:86:29:69:47:
32:d1:c5:7b:cd:80:f3:35:9c:88:9e:68:e2:d2:8f:
5f:07:a1:0f:99:4e:02:8c:24:76:dc:1e:20:85:6e:
4a:b1:65:0e:a6:bf:c5:09:bd:0d:96:b8:ca:45:2c:
40:82:6e:77:24:1e:48:e2:9d:30:c0:e7:c6:c9:3c:
47:5a:9e:28:55:db:d0:3d:ee:fc:f4:a9:ca:76:11:
91:db:2d:04:18:d0:52:7a:ef:59:2c:cf:e8:ca:1d:
28:7d:80:c5:13:83:69:36:90:1d:8b:c5:ca:43:64:
fe:ca:04:c2:92:b1:f2:b5:8b:58:11:11:54:53:1e:
1f:2b:74:a7:c6:4b:d8:62:b6:64:87:69:c8:1c:7a:
d6:10:47:10:f7:c9:ac:8d:28:f0:67:c3:06:a2:0e:
ef:40:06:12:90:1f:3e:6c:01:13:b3:ec:c6:27:a1:
ef:84:5e:f7:f7:c5:df:3e:86:ae:a5:0c:60:0d:46:
09:32:fb:50:74:d4:91:37:f4:ec:d1:37:70:1e:ea:
07:62:51:08:be:5c:ec:25:6f:7c:9a:a0:b3:ee:b0:
91:fb:16:4e:f3:b4:7f:3e:0b:12:4e:ab:89:69:f6:
41:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5B:44:00:20:A5:AD:1C:91:5E:3E:1C:6F:E2:D3:EB:C8:C3:66:21
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/fltEACClrRyRXj4cb-LT68jDZiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.249.0/24
Signature Algorithm: sha256WithRSAEncryption
22:62:a8:08:ee:38:da:e6:f9:47:48:3c:17:bd:48:70:76:f4:
6a:a4:8a:0a:a2:05:68:a8:59:e8:dc:d3:68:6d:2e:d8:80:2c:
c5:a1:a3:b3:89:c1:31:ac:de:7c:7b:ed:e6:ad:19:3b:be:0b:
c9:94:e2:76:fa:4a:d3:f9:54:8b:56:89:cc:18:ee:5d:96:d1:
13:5e:9b:62:1a:10:24:22:e9:52:5e:36:1c:ac:e5:8e:c5:6d:
b3:cc:6d:f1:a9:2d:9c:bc:b4:ad:7a:03:40:8a:da:ce:8a:5f:
dd:5b:cf:e3:16:6b:bb:dc:02:0c:36:2c:74:1c:3b:52:6c:fc:
5c:d8:64:e6:f3:8d:05:4c:f5:84:0c:5e:05:49:ba:fc:da:bc:
d6:7b:eb:b0:ac:42:49:01:6a:c6:6c:e3:cc:a2:09:42:4e:1f:
e6:ed:ea:f1:a6:7a:5f:b6:ee:ca:a2:5a:80:f2:fe:da:1a:af:
8c:d9:64:55:87:6a:92:86:39:1f:96:0d:90:7a:9f:df:10:ab:
ab:64:b5:79:3c:2a:09:97:ef:2e:91:9a:3f:00:9a:4e:8f:44:
2a:b3:bd:78:1e:49:b6:09:db:0a:2c:20:a5:f6:4e:5b:cd:8f:
e0:e6:f8:3f:b2:e2:5a:2f:3e:a3:2b:f0:5d:cd:94:5e:98:fb:
ca:46:d5:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MLwT+2mRSWDxD/Pch3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwMTAxMTkzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTViNDQwMDIwYTVhZDFjOTE1ZTNlMWM2ZmUyZDNlYmM4YzM2NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUJ6GpOJP3Rma63TC6k1jxIzOypg
bQdRhIYpaUcy0cV7zYDzNZyInmji0o9fB6EPmU4CjCR23B4ghW5KsWUOpr/FCb0N
lrjKRSxAgm53JB5I4p0wwOfGyTxHWp4oVdvQPe789KnKdhGR2y0EGNBSeu9ZLM/o
yh0ofYDFE4NpNpAdi8XKQ2T+ygTCkrHytYtYERFUUx4fK3SnxkvYYrZkh2nIHHrW
EEcQ98msjSjwZ8MGog7vQAYSkB8+bAETs+zGJ6HvhF7398XfPoaupQxgDUYJMvtQ
dNSRN/Ts0TdwHuoHYlEIvlzsJW98mqCz7rCR+xZO87R/PgsSTquJafZBxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5bRAAgpa0ckV4+HG/i0+vIw2YhMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvZmx0RUFDQ2xyUnlSWGo0Y2ItTFQ2OGpEWmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9z5MA0G
CSqGSIb3DQEBCwUAA4IBAQAiYqgI7jja5vlHSDwXvUhwdvRqpIoKogVoqFno3NNo
bS7YgCzFoaOzicExrN58e+3mrRk7vgvJlOJ2+krT+VSLVonMGO5dltETXptiGhAk
IulSXjYcrOWOxW2zzG3xqS2cvLStegNAitrOil/dW8/jFmu73AIMNix0HDtSbPxc
2GTm840FTPWEDF4FSbr82rzWe+uwrEJJAWrGbOPMoglCTh/m7erxpnpftu7KolqA
8v7aGq+M2WRVh2qShjkflg2Qep/fEKurZLV5PCoJl+8ukZo/AJpOj0Qqs714Hkm2
CdsKLCCl9k5bzY/g5vg/suJaLz6jK/BdzZRemPvKRtX7
-----END CERTIFICATE-----
Generated at Thu Jul 20 13:17:49 2023 by rpki-client on console-ams.rpki-client.org