Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R0mCuWSlIuXzKaRqed5uN0tixXM.roa
File: R0mCuWSlIuXzKaRqed5uN0tixXM.roa (raw, json)
Hash identifier: 3BYVv89ur6rvm+3Zw+j+NT/hvQpVqdl+Yxp1bOR93Yw=
Subject key identifier: 47:49:82:B9:64:A5:22:E5:F3:29:A4:6A:79:DE:6E:37:4B:62:C5:73
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 018A2DC77192C2CDD716E13A797F06423C7B
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R0mCuWSlIuXzKaRqed5uN0tixXM.roa
Signing time: Fri 25 Aug 2023 17:39:20 +0000
ROA not before: Fri 25 Aug 2023 17:39:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 91.232.185.0/24 maxlen: 24
91.233.192.0/24 maxlen: 24
91.219.17.0/24 maxlen: 24
91.219.18.0/23 maxlen: 23
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2d:c7:71:92:c2:cd:d7:16:e1:3a:79:7f:06:42:3c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Aug 25 17:39:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=474982b964a522e5f329a46a79de6e374b62c573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:69:db:2c:6b:55:32:bd:e2:67:ef:a8:b2:6b:
b6:b7:df:cc:d0:f7:90:bc:8e:bb:3c:d8:79:8d:33:
81:5f:ee:f9:7f:9d:89:cc:b8:9c:e7:3e:7e:39:96:
53:46:ff:df:70:c0:29:cb:15:af:d8:ee:64:85:57:
52:bf:bd:22:da:04:61:05:e5:40:3e:a5:11:29:26:
83:69:1b:0b:73:d1:c6:d8:14:57:9f:31:ce:91:c5:
a0:f8:d4:3e:85:77:9d:44:29:58:1b:a1:0d:dc:49:
b7:f1:6c:45:a6:7d:86:53:dd:a7:a5:2f:66:80:13:
eb:0e:08:c3:6a:2e:e4:e4:e3:08:12:b3:5b:2f:a6:
96:e6:e0:93:b0:d5:3c:a3:97:d7:75:99:9d:cb:2e:
ec:21:6c:e9:2e:66:ee:a1:d2:39:3f:2a:55:51:5d:
92:8a:34:08:03:ea:ed:95:94:7a:97:6b:17:52:a1:
c1:df:7c:82:ca:23:cb:b9:dd:64:81:25:a9:93:fc:
5f:c3:ee:58:51:83:40:19:60:e0:d3:3c:08:1b:cb:
41:f6:84:dc:10:aa:f0:a2:d2:d4:e2:f6:68:76:c0:
ae:41:2a:88:d0:a7:18:eb:b0:5e:d8:56:b8:fe:f6:
f9:99:0d:3f:72:4d:49:d7:b0:34:80:72:7d:aa:22:
ee:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:49:82:B9:64:A5:22:E5:F3:29:A4:6A:79:DE:6E:37:4B:62:C5:73
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/R0mCuWSlIuXzKaRqed5uN0tixXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.17.0-91.219.19.255
91.232.185.0/24
91.233.192.0/24
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
04:2f:c7:06:c4:b8:23:0b:51:39:ef:3c:32:26:6a:3d:aa:42:
bc:6a:a2:f8:6b:c1:29:65:fc:d0:d2:49:ff:6e:21:f6:65:8e:
2d:ea:a7:ec:a0:44:9b:0f:59:3e:f2:d1:98:a4:0f:5d:d9:c6:
f2:bb:a0:1d:c4:0f:34:15:10:bb:c2:c2:73:4f:ed:d6:6f:36:
4e:d4:0e:b4:05:31:fa:b0:a9:13:38:18:a4:cc:0d:ed:5b:61:
f5:a1:0d:5a:44:f3:c2:be:b3:33:f4:05:44:56:23:3f:b2:04:
19:8f:2f:7d:b7:bc:10:23:ca:a4:a7:75:33:1d:bd:a5:4a:03:
86:55:56:d2:30:d2:cb:f6:1a:32:2f:23:e8:48:3a:28:66:cf:
29:8b:f7:9d:29:f9:b5:6b:eb:f0:74:45:b8:1e:28:0b:9b:10:
bc:51:82:bf:87:67:0d:23:40:31:28:7d:4c:1b:5c:63:05:0f:
39:e8:5c:eb:2d:54:3f:0a:1d:6a:eb:93:56:6f:07:08:b4:f8:
08:93:b8:7a:a6:c5:99:cc:db:c7:aa:0a:8b:a9:49:67:9b:97:
89:46:1e:aa:13:03:85:92:77:1f:16:5b:81:7c:3b:ff:b4:4e:
00:c7:29:f7:fc:23:a8:6f:85:da:7f:39:6d:05:b3:8e:b5:38:
da:2e:f2:ac
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYotx3GSws3XFuE6eX8GQjx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwODI1MTczOTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ5ODJiOTY0YTUyMmU1ZjMyOWE0NmE3OWRlNmUzNzRiNjJjNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GnbLGtVMr3iZ++osmu2t9/M0PeQ
vI67PNh5jTOBX+75f52JzLic5z5+OZZTRv/fcMApyxWv2O5khVdSv70i2gRhBeVA
PqURKSaDaRsLc9HG2BRXnzHOkcWg+NQ+hXedRClYG6EN3Em38WxFpn2GU92npS9m
gBPrDgjDai7k5OMIErNbL6aW5uCTsNU8o5fXdZmdyy7sIWzpLmbuodI5PypVUV2S
ijQIA+rtlZR6l2sXUqHB33yCyiPLud1kgSWpk/xfw+5YUYNAGWDg0zwIG8tB9oTc
EKrwotLU4vZodsCuQSqI0KcY67Be2Fa4/vb5mQ0/ck1J17A0gHJ9qiLujQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEdJgrlkpSLl8ymkannebjdLYsVzMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvUjBtQ3VXU2xJdVh6S2FScWVkNXVOMHRpeFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABb2xED
BAJb2xADBABb6LkDBABb6cAwDAMEALLUywMEAbLUzDANBgkqhkiG9w0BAQsFAAOC
AQEABC/HBsS4IwtROe88MiZqPapCvGqi+GvBKWX80NJJ/24h9mWOLeqn7KBEmw9Z
PvLRmKQPXdnG8rugHcQPNBUQu8LCc0/t1m82TtQOtAUx+rCpEzgYpMwN7Vth9aEN
WkTzwr6zM/QFRFYjP7IEGY8vfbe8ECPKpKd1Mx29pUoDhlVW0jDSy/YaMi8j6Eg6
KGbPKYv3nSn5tWvr8HRFuB4oC5sQvFGCv4dnDSNAMSh9TBtcYwUPOehc6y1UPwod
auuTVm8HCLT4CJO4eqbFmczbx6oKi6lJZ5uXiUYeqhMDhZJ3HxZbgXw7/7ROAMcp
9/wjqG+F2n85bQWzjrU42i7yrA==
-----END CERTIFICATE-----
Generated at Mon Aug 28 09:54:14 2023 by rpki-client on console-ams.rpki-client.org