Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/vNPvDSgAGfzT8mS1AsN3mrZWpzY.roa
File: vNPvDSgAGfzT8mS1AsN3mrZWpzY.roa (raw, json)
Hash identifier: fz6YnOhqOPHUP5w4eHrajJ5DR6geTomLC8RX5JI5fBc=
Subject key identifier: BC:D3:EF:0D:28:00:19:FC:D3:F2:64:B5:02:C3:77:9A:B6:56:A7:36
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01882CEDAE8E75A80CADEE3F2ED1EDE1368E
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/vNPvDSgAGfzT8mS1AsN3mrZWpzY.roa
Signing time: Thu 18 May 2023 03:35:54 +0000
ROA not before: Thu 18 May 2023 03:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.220.249.0/24 maxlen: 24
152.89.192.0/24 maxlen: 24
152.89.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2c:ed:ae:8e:75:a8:0c:ad:ee:3f:2e:d1:ed:e1:36:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: May 18 03:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcd3ef0d280019fcd3f264b502c3779ab656a736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:5b:cc:7a:07:97:90:c3:12:8d:ac:c1:82:
0b:bd:84:44:4e:fc:a8:3a:89:d7:7f:de:8c:a9:57:
89:1b:19:8b:de:9f:58:7b:01:a4:31:e5:0d:f8:6d:
ae:a7:4b:fd:60:b7:e1:67:5c:21:20:29:62:b6:d4:
02:1b:4c:91:83:51:4c:63:46:ec:7f:19:8b:06:34:
6a:f3:ae:4f:bc:7e:39:32:85:b5:6d:12:c2:bd:78:
c1:1e:df:83:0e:e8:c1:b1:c2:c6:20:34:dd:d7:59:
c7:e8:ae:44:fe:c3:59:1f:92:8b:52:15:79:16:41:
ef:44:1c:ec:db:2a:a1:46:b6:42:71:b1:42:a6:54:
b5:20:7e:e2:a2:4d:61:93:2d:99:de:7a:0a:6f:83:
80:db:f0:2b:67:71:2b:87:2f:e8:41:80:2d:f3:e1:
65:5e:19:ad:07:eb:3b:c6:5d:e7:f8:7d:57:16:d3:
ab:20:13:7e:20:f7:21:1d:b8:91:96:a9:c9:16:c6:
91:46:c7:18:a8:d2:69:91:90:64:0f:1a:50:6b:79:
4c:15:8f:0d:93:8d:b3:9e:3b:7d:47:67:e7:46:22:
49:b6:8a:1e:87:a1:74:8f:44:29:72:e4:9c:d5:c4:
64:28:ab:ad:b3:ac:f4:25:45:3b:66:4d:5e:67:07:
b4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:EF:0D:28:00:19:FC:D3:F2:64:B5:02:C3:77:9A:B6:56:A7:36
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/vNPvDSgAGfzT8mS1AsN3mrZWpzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.249.0/24
152.89.192.0/23
Signature Algorithm: sha256WithRSAEncryption
26:22:1d:19:2f:1f:6e:ba:7b:22:c5:b9:8c:d3:91:df:10:8f:
8d:20:de:de:0c:65:eb:37:ac:7e:5b:2a:63:0e:41:3a:bf:ab:
7e:c3:8b:96:2d:16:eb:60:8c:20:d5:0c:4b:7b:bc:4c:b5:df:
ca:89:1c:6e:0b:8b:ef:54:16:34:6d:b8:e8:21:55:bf:20:24:
75:ca:33:99:6a:c0:9c:16:ca:d1:86:43:2d:45:65:b4:bc:c9:
56:c3:96:6f:71:f2:38:6d:a1:b4:12:73:a2:90:33:6e:d4:6c:
97:18:d8:70:fc:28:6e:4d:70:bb:06:4c:bc:70:bd:11:4d:ab:
fd:9a:21:04:c3:55:7b:ab:5d:c0:a8:7c:45:7b:f1:18:c5:7f:
f1:83:1f:21:49:29:f5:05:3a:8e:55:2d:7a:d5:22:c5:74:f3:
93:24:53:6b:ca:cc:24:4b:c5:54:8a:31:57:40:d3:50:5e:92:
1f:5f:d7:71:0c:27:9d:a0:a8:d1:ff:b7:d9:01:be:83:a7:54:
32:f5:04:63:b0:06:08:a1:ab:a5:b4:b9:f7:ba:4b:9b:9c:4b:
49:b2:e1:dd:a4:0c:df:9f:56:57:95:b0:58:4d:72:1e:71:1a:
f1:a0:cb:8b:eb:aa:2f:e8:94:5e:52:d2:c5:93:19:ee:ff:70:
0a:6f:7f:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgs7a6OdagMre4/LtHt4TaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwNTE4MDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QzZWYwZDI4MDAxOWZjZDNmMjY0YjUwMmMzNzc5YWI2NTZhNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprZbzHoHl5DDEo2swYILvYRETvyo
OonXf96MqVeJGxmL3p9YewGkMeUN+G2up0v9YLfhZ1whIClittQCG0yRg1FMY0bs
fxmLBjRq865PvH45MoW1bRLCvXjBHt+DDujBscLGIDTd11nH6K5E/sNZH5KLUhV5
FkHvRBzs2yqhRrZCcbFCplS1IH7iok1hky2Z3noKb4OA2/ArZ3Erhy/oQYAt8+Fl
XhmtB+s7xl3n+H1XFtOrIBN+IPchHbiRlqnJFsaRRscYqNJpkZBkDxpQa3lMFY8N
k42znjt9R2fnRiJJtooeh6F0j0QpcuSc1cRkKKuts6z0JUU7Zk1eZwe0ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzT7w0oABn80/JktQLDd5q2Vqc2MB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvdk5QdkRTZ0FHZnpUOG1TMUFzTjNtclpXcHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9z5AwQB
mFnAMA0GCSqGSIb3DQEBCwUAA4IBAQAmIh0ZLx9uunsixbmM05HfEI+NIN7eDGXr
N6x+WypjDkE6v6t+w4uWLRbrYIwg1QxLe7xMtd/KiRxuC4vvVBY0bbjoIVW/ICR1
yjOZasCcFsrRhkMtRWW0vMlWw5ZvcfI4baG0EnOikDNu1GyXGNhw/ChuTXC7Bky8
cL0RTav9miEEw1V7q13AqHxFe/EYxX/xgx8hSSn1BTqOVS161SLFdPOTJFNryswk
S8VUijFXQNNQXpIfX9dxDCedoKjR/7fZAb6Dp1Qy9QRjsAYIoaultLn3ukubnEtJ
suHdpAzfn1ZXlbBYTXIecRrxoMuL66ov6JReUtLFkxnu/3AKb3+J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:14 2025 by rpki-client