Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/O67MIB6iaJOQT0qCqfJsEDq0SYw.roa
File: O67MIB6iaJOQT0qCqfJsEDq0SYw.roa (raw, json)
Hash identifier: UTZfCt4ORiefyN1863ilWA/OfAylfE4OroQKM9AOUXA=
Subject key identifier: 3B:AE:CC:20:1E:A2:68:93:90:4F:4A:82:A9:F2:6C:10:3A:B4:49:8C
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 0189890E5DDE22A45BB67F1D66E79C3C8F0E
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/O67MIB6iaJOQT0qCqfJsEDq0SYw.roa
Signing time: Mon 24 Jul 2023 17:59:27 +0000
ROA not before: Mon 24 Jul 2023 17:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 91.219.17.0/24 maxlen: 24
91.219.18.0/24 maxlen: 24
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:0e:5d:de:22:a4:5b:b6:7f:1d:66:e7:9c:3c:8f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Jul 24 17:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3baecc201ea26893904f4a82a9f26c103ab4498c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ad:78:30:31:fe:ff:22:8f:a9:c7:e0:08:23:
d0:d2:30:9a:1b:77:ab:1d:85:dd:86:2c:46:fc:09:
d9:24:4c:b6:3a:54:88:de:2d:c6:f9:42:8e:02:4d:
95:c8:e3:53:af:9b:84:e6:8e:88:9d:e5:01:27:91:
4d:ca:ac:5d:18:47:7b:53:d5:73:99:97:c2:cf:fd:
4b:c3:cd:d3:c9:14:13:36:9e:1d:73:05:7f:9e:9a:
21:e3:e4:22:38:a3:38:a5:ca:4a:e6:f5:39:9b:6e:
71:e5:91:3f:1c:fc:fd:f3:b1:27:ea:9c:5f:fc:16:
88:b7:21:85:43:63:2b:ae:6b:d3:44:35:ab:e9:56:
14:2b:c9:24:32:c4:97:2a:17:ec:8b:b9:d6:f0:ea:
fc:9d:28:a3:eb:bd:20:52:48:22:3c:bd:7a:06:d8:
5c:79:cd:e7:95:ef:f7:f9:00:aa:25:94:07:84:55:
c7:c1:ee:90:37:c0:6c:6a:07:48:25:af:fd:fb:15:
65:04:00:8d:79:71:d3:65:0e:77:74:ac:ff:c0:06:
94:6b:b8:d0:83:19:5b:14:72:9c:ce:eb:74:26:3f:
e6:75:57:13:62:f6:6f:22:bc:c5:99:63:a8:8d:29:
e8:c6:af:47:00:f9:cc:42:84:cb:ae:7e:97:3f:7c:
f4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AE:CC:20:1E:A2:68:93:90:4F:4A:82:A9:F2:6C:10:3A:B4:49:8C
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/O67MIB6iaJOQT0qCqfJsEDq0SYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.17.0-91.219.18.255
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
27:48:f7:62:c4:de:a6:67:d7:18:98:1e:91:7d:06:5a:49:94:
59:47:69:82:08:86:71:38:7d:76:f9:6d:bb:61:7d:9c:f7:26:
ae:f7:21:d2:82:0c:54:98:99:d1:d5:b1:d0:68:fd:16:3a:bb:
0b:99:df:d3:04:ef:57:0f:3e:41:b8:54:e5:f0:f5:97:17:bb:
a3:c6:39:57:9c:c1:62:11:db:a9:55:c8:57:91:63:98:af:9a:
13:90:18:d9:5c:22:78:1b:0f:a9:21:3b:f8:7b:9a:cf:68:9a:
7d:7d:d5:f4:0d:eb:af:b1:cb:b0:fc:d8:10:55:4c:24:ba:c3:
e5:05:79:09:19:80:2e:33:60:a9:fc:4e:b8:55:73:36:eb:9f:
5e:1a:40:18:80:f9:26:44:a5:cf:47:28:cb:ca:1e:f7:22:b3:
e0:7e:a7:8c:05:39:be:92:65:76:13:c5:72:47:b0:8f:0d:35:
53:80:60:23:75:13:65:c7:b1:04:2a:57:7e:f9:48:57:39:30:
d4:94:be:86:01:25:42:bc:25:c1:ee:d0:3c:9b:29:d0:28:b7:
20:d3:82:06:86:a5:d7:d0:f4:cd:5a:13:55:43:08:95:c5:24:
1d:70:1f:e9:58:92:bd:7c:e9:0b:00:4a:94:23:4d:04:2e:c9:
f9:58:a4:12
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYmJDl3eIqRbtn8dZuecPI8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwNzI0MTc1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmFlY2MyMDFlYTI2ODkzOTA0ZjRhODJhOWYyNmMxMDNhYjQ0OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK14MDH+/yKPqcfgCCPQ0jCaG3er
HYXdhixG/AnZJEy2OlSI3i3G+UKOAk2VyONTr5uE5o6IneUBJ5FNyqxdGEd7U9Vz
mZfCz/1Lw83TyRQTNp4dcwV/npoh4+QiOKM4pcpK5vU5m25x5ZE/HPz987En6pxf
/BaItyGFQ2MrrmvTRDWr6VYUK8kkMsSXKhfsi7nW8Or8nSij670gUkgiPL16Bthc
ec3nle/3+QCqJZQHhFXHwe6QN8BsagdIJa/9+xVlBACNeXHTZQ53dKz/wAaUa7jQ
gxlbFHKczut0Jj/mdVcTYvZvIrzFmWOojSnoxq9HAPnMQoTLrn6XP3z0mQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDuuzCAeomiTkE9KgqnybBA6tEmMMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvTzY3TUlCNmlhSk9RVDBxQ3FmSnNFRHEwU1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABb2xED
BABb2xIwDAMEALLUywMEAbLUzDANBgkqhkiG9w0BAQsFAAOCAQEAJ0j3YsTepmfX
GJgekX0GWkmUWUdpggiGcTh9dvltu2F9nPcmrvch0oIMVJiZ0dWx0Gj9Fjq7C5nf
0wTvVw8+QbhU5fD1lxe7o8Y5V5zBYhHbqVXIV5FjmK+aE5AY2VwieBsPqSE7+Hua
z2iafX3V9A3rr7HLsPzYEFVMJLrD5QV5CRmALjNgqfxOuFVzNuufXhpAGID5JkSl
z0coy8oe9yKz4H6njAU5vpJldhPFckewjw01U4BgI3UTZcexBCpXfvlIVzkw1JS+
hgElQrwlwe7QPJsp0Ci3INOCBoal19D0zVoTVUMIlcUkHXAf6ViSvXzpCwBKlCNN
BC7J+VikEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:46 2024 by rpki-client on console-ams.rpki-client.org