Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/EW23LEEe7S-Zz-H3TZWr5JKkqwc.roa
File: EW23LEEe7S-Zz-H3TZWr5JKkqwc.roa (raw, json)
Hash identifier: uH57Oqpb+GO2ndRjs9Fg9DDuXV4JH3xY1suJ6tBbsoM=
Subject key identifier: 11:6D:B7:2C:41:1E:ED:2F:99:CF:E1:F7:4D:95:AB:E4:92:A4:AB:07
Certificate issuer: /CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Certificate serial: 0187770C83234BA94DA0D8761233D361AA18
Authority key identifier: 3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/EW23LEEe7S-Zz-H3TZWr5JKkqwc.roa
Signing time: Wed 12 Apr 2023 19:58:41 +0000
ROA not before: Wed 12 Apr 2023 19:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.216.0/22 maxlen: 24
91.108.220.0/22 maxlen: 24
91.108.224.0/24 maxlen: 24
91.108.255.0/24 maxlen: 24
91.108.192.0/22 maxlen: 24
91.108.196.0/22 maxlen: 24
91.108.204.0/22 maxlen: 24
91.108.200.0/22 maxlen: 24
91.108.208.0/22 maxlen: 24
91.108.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:77:0c:83:23:4b:a9:4d:a0:d8:76:12:33:d3:61:aa:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Validity
Not Before: Apr 12 19:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=116db72c411eed2f99cfe1f74d95abe492a4ab07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:09:7b:e3:2b:65:4c:71:c6:86:fb:c8:10:de:
f4:2f:b7:ab:dc:66:fe:50:00:1b:ed:a6:ba:fb:8a:
e4:89:f5:c1:54:6b:8a:73:b1:ef:6e:3b:f6:8f:a8:
a0:e1:75:a0:93:7d:3b:77:24:51:7a:fc:be:9e:02:
5f:af:a1:97:de:96:60:a0:48:b4:99:c7:93:82:eb:
c2:0f:96:8d:45:7c:09:c5:02:60:01:c6:91:29:18:
04:25:70:78:51:17:5d:0f:94:d0:01:95:f6:7c:41:
ec:43:37:71:53:5f:10:53:a7:bc:9b:bb:8e:45:68:
ab:cb:e4:53:0e:08:a0:9a:11:6e:c1:c3:37:9e:80:
35:a5:3d:36:d2:be:64:67:20:65:41:81:3b:5f:63:
32:7f:d3:03:f2:7b:bd:1a:13:83:ba:95:f7:23:a9:
5f:b4:5d:94:85:7c:56:93:93:82:68:0a:db:07:a7:
7b:a9:5a:10:5f:f8:28:fe:f6:8b:7e:7a:f3:62:cb:
fe:e8:f1:88:5c:92:cd:97:ae:a8:ef:21:5e:b5:b4:
db:cb:54:f7:5e:f2:18:e4:d9:d9:36:d8:15:91:79:
9a:31:83:d3:de:b3:02:a0:c2:0f:ed:3a:1f:f4:61:
53:e5:e2:b7:51:55:28:75:e2:be:a0:9a:92:0b:fc:
f4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6D:B7:2C:41:1E:ED:2F:99:CF:E1:F7:4D:95:AB:E4:92:A4:AB:07
X509v3 Authority Key Identifier:
keyid:3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/EW23LEEe7S-Zz-H3TZWr5JKkqwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0-91.108.224.255
91.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:ec:0e:1b:9e:82:0d:d5:27:2a:82:28:a7:a3:06:4c:89:7c:
94:9e:26:51:2b:11:27:a1:c8:e2:13:1f:c3:9d:20:50:0c:0f:
af:af:1f:41:68:00:5c:06:58:ee:9f:75:a4:a2:ae:89:9c:b6:
11:be:70:d8:c6:96:55:d7:d0:6a:9d:6c:7b:0f:a3:db:f3:45:
32:99:c3:2a:15:06:6e:7b:ae:cd:ef:68:1b:04:52:5b:d8:2d:
d4:b2:17:20:21:b7:34:4e:82:72:6c:72:78:4b:2a:3d:9f:f0:
29:4e:6c:d8:96:5c:1a:33:7b:c3:31:63:61:10:2f:9e:6d:fc:
05:c8:39:e2:2c:55:50:8c:c3:89:52:32:ba:8e:a8:1d:cf:30:
35:de:33:ff:da:ee:1a:39:de:e9:e6:fe:30:d3:72:0a:58:8b:
47:dd:e8:b8:40:8a:5b:38:35:0d:09:9d:d7:2a:44:dd:06:0e:
41:11:7d:b8:0d:09:28:55:75:cb:dd:b3:d7:ea:7c:0e:89:14:
fb:b2:5b:15:a7:4c:35:49:8a:09:0b:a9:c4:e6:f9:f8:2f:5d:
e4:a8:3b:98:72:de:03:b8:6c:b6:c4:29:28:c5:c0:b8:8d:ee:
68:a7:bb:ee:69:b2:77:bb:20:3f:8e:52:c1:8b:96:fb:11:c0:
ae:47:94:9c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYd3DIMjS6lNoNh2EjPTYaoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZGVlYTNiNmFhYzRkODM0YjRmZDdjMmU1ZDNjMzk3ZjYx
ZjQzZDYwHhcNMjMwNDEyMTk1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTZkYjcyYzQxMWVlZDJmOTljZmUxZjc0ZDk1YWJlNDkyYTRhYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQl74ytlTHHGhvvIEN70L7er3Gb+
UAAb7aa6+4rkifXBVGuKc7Hvbjv2j6ig4XWgk307dyRRevy+ngJfr6GX3pZgoEi0
mceTguvCD5aNRXwJxQJgAcaRKRgEJXB4URddD5TQAZX2fEHsQzdxU18QU6e8m7uO
RWiry+RTDgigmhFuwcM3noA1pT020r5kZyBlQYE7X2Myf9MD8nu9GhODupX3I6lf
tF2UhXxWk5OCaArbB6d7qVoQX/go/vaLfnrzYsv+6PGIXJLNl66o7yFetbTby1T3
XvIY5NnZNtgVkXmaMYPT3rMCoMIP7Tof9GFT5eK3UVUodeK+oJqSC/z0PwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBFttyxBHu0vmc/h902Vq+SSpKsHMB8GA1UdIwQY
MBaAFDre6jtqrE2DS0/XwuXTw5f2H0PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUt
MjNiMDcyZjViMTg4LzEvRVcyM0xFRWU3Uy1aei1IM1RaV3I1SktrcXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUtMjNiMDcyZjViMTg4
LzEvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZbbMAD
BABbbOADBABbbP8wDQYJKoZIhvcNAQELBQADggEBAHzsDhuegg3VJyqCKKejBkyJ
fJSeJlErESehyOITH8OdIFAMD6+vH0FoAFwGWO6fdaSiromcthG+cNjGllXX0Gqd
bHsPo9vzRTKZwyoVBm57rs3vaBsEUlvYLdSyFyAhtzROgnJscnhLKj2f8ClObNiW
XBoze8MxY2EQL55t/AXIOeIsVVCMw4lSMrqOqB3PMDXeM//a7ho53unm/jDTcgpY
i0fd6LhAils4NQ0JndcqRN0GDkERfbgNCShVdcvds9fqfA6JFPuyWxWnTDVJigkL
qcTm+fgvXeSoO5hy3gO4bLbEKSjFwLiN7minu+5psne7ID+OUsGLlvsRwK5HlJw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:00 2024 by rpki-client on console-fra.rpki-client.org