Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/YRoHr3RjA5aWZvSvBFBHhYfwZy0.roa
File: YRoHr3RjA5aWZvSvBFBHhYfwZy0.roa (raw, json)
Hash identifier: fLZgPOGYgNDyX8YbQqsL+ZM55/6gTZt93GzI1c7uCKU=
Subject key identifier: 61:1A:07:AF:74:63:03:96:96:66:F4:AF:04:50:47:85:87:F0:67:2D
Certificate issuer: /CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Certificate serial: 01866EE74C3AC11888900E5887F5D4E9D7E3
Authority key identifier: 3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/YRoHr3RjA5aWZvSvBFBHhYfwZy0.roa
Signing time: Mon 20 Feb 2023 12:58:17 +0000
ROA not before: Mon 20 Feb 2023 12:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.216.0/22 maxlen: 24
91.108.224.0/19 maxlen: 19
91.108.220.0/22 maxlen: 24
91.108.255.0/24 maxlen: 24
91.108.192.0/22 maxlen: 24
91.108.196.0/22 maxlen: 24
91.108.204.0/22 maxlen: 24
91.108.200.0/22 maxlen: 24
91.108.208.0/22 maxlen: 24
91.108.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:e7:4c:3a:c1:18:88:90:0e:58:87:f5:d4:e9:d7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Validity
Not Before: Feb 20 12:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=611a07af746303969666f4af0450478587f0672d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6d:53:9c:fb:d6:82:b3:6b:47:e8:28:d1:32:
41:e1:6c:52:e9:48:6c:38:b2:29:9d:e2:9c:e0:e1:
24:77:47:c8:d1:88:88:5e:54:af:dd:e1:58:9c:cc:
af:99:bd:59:79:9b:97:67:f9:c4:30:ea:09:4c:95:
bb:08:61:ed:f9:60:9c:70:ad:b7:e1:d6:1a:4f:04:
18:aa:3e:e1:ee:ee:20:12:b3:24:db:c2:ec:7a:dc:
60:49:c9:b6:8d:fc:34:46:04:7a:81:2e:9c:45:23:
8e:9f:a8:ef:ea:cb:09:5c:e1:bd:4a:26:4c:45:81:
c6:26:44:fb:05:46:e5:2f:7f:9d:51:cb:e8:b2:3c:
8a:96:b8:cc:98:a5:7b:07:93:5a:c9:99:3b:6f:8e:
30:54:e0:c5:e3:f3:61:c6:b2:c7:95:3b:69:1d:cf:
3d:d4:8e:1d:7d:2d:9f:2b:b7:d1:9c:21:fe:c3:e9:
d6:50:9c:72:f4:93:6e:e9:a3:27:45:8e:5e:e9:da:
a3:93:33:72:9d:6d:cf:d2:da:24:ea:d7:a6:5b:80:
cb:26:93:78:9e:3f:9e:eb:79:f8:ba:1b:f9:cf:25:
bd:33:6a:b6:88:78:2e:3f:3a:a8:6e:d8:0e:17:12:
b3:ae:c0:42:d6:fc:c4:7a:4b:6f:fa:66:de:e7:00:
d4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1A:07:AF:74:63:03:96:96:66:F4:AF:04:50:47:85:87:F0:67:2D
X509v3 Authority Key Identifier:
keyid:3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/YRoHr3RjA5aWZvSvBFBHhYfwZy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0/18
Signature Algorithm: sha256WithRSAEncryption
34:8e:b4:fd:0b:5a:11:53:1a:57:b8:14:15:21:87:50:c5:fa:
2c:20:b3:11:d1:4b:95:aa:d1:59:9b:4b:ba:48:d5:2b:af:b6:
35:9f:d7:d1:dd:43:d9:58:57:61:cf:66:1a:f0:a4:7c:4c:c0:
fc:39:c1:be:cb:69:b7:3d:25:da:b7:32:42:f9:06:f0:5c:ff:
46:87:82:d3:32:fc:6e:94:53:df:d4:65:97:96:a2:38:d6:2b:
de:82:07:db:a5:3f:eb:a4:0f:a4:e4:ee:7b:52:8e:57:5e:3f:
0c:12:fc:41:38:ae:20:8a:16:29:99:97:fe:65:0d:7f:58:98:
21:3f:47:9f:0f:56:9e:90:48:74:08:b6:3d:26:a3:e0:95:58:
95:6b:e0:21:3e:6b:55:78:a6:4d:7b:61:8a:d8:68:52:d4:c5:
e2:32:1b:be:64:41:59:a2:c8:ca:f0:1d:a0:8f:47:f4:33:d3:
35:20:0f:0a:c8:7a:cb:ba:55:13:62:af:db:d2:aa:a6:9a:b8:
17:f6:67:0b:94:75:b9:00:2f:74:b7:c2:56:6d:52:12:4f:77:
e1:25:da:cf:29:62:cb:e1:0a:49:de:19:c9:a7:7f:70:4b:5b:
ef:58:5b:08:b3:3e:19:f3:8c:5e:d7:09:5e:93:5f:43:54:69:
9e:f3:76:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZu50w6wRiIkA5Yh/XU6dfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZGVlYTNiNmFhYzRkODM0YjRmZDdjMmU1ZDNjMzk3ZjYx
ZjQzZDYwHhcNMjMwMjIwMTI1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFhMDdhZjc0NjMwMzk2OTY2NmY0YWYwNDUwNDc4NTg3ZjA2NzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3G1TnPvWgrNrR+go0TJB4WxS6Uhs
OLIpneKc4OEkd0fI0YiIXlSv3eFYnMyvmb1ZeZuXZ/nEMOoJTJW7CGHt+WCccK23
4dYaTwQYqj7h7u4gErMk28LsetxgScm2jfw0RgR6gS6cRSOOn6jv6ssJXOG9SiZM
RYHGJkT7BUblL3+dUcvosjyKlrjMmKV7B5NayZk7b44wVODF4/NhxrLHlTtpHc89
1I4dfS2fK7fRnCH+w+nWUJxy9JNu6aMnRY5e6dqjkzNynW3P0tok6temW4DLJpN4
nj+e63n4uhv5zyW9M2q2iHguPzqobtgOFxKzrsBC1vzEektv+mbe5wDUrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEaB690YwOWlmb0rwRQR4WH8GctMB8GA1UdIwQY
MBaAFDre6jtqrE2DS0/XwuXTw5f2H0PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUt
MjNiMDcyZjViMTg4LzEvWVJvSHIzUmpBNWFXWnZTdkJGQkhoWWZ3WnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUtMjNiMDcyZjViMTg4
LzEvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW2zAMA0G
CSqGSIb3DQEBCwUAA4IBAQA0jrT9C1oRUxpXuBQVIYdQxfosILMR0UuVqtFZm0u6
SNUrr7Y1n9fR3UPZWFdhz2Ya8KR8TMD8OcG+y2m3PSXatzJC+QbwXP9Gh4LTMvxu
lFPf1GWXlqI41iveggfbpT/rpA+k5O57Uo5XXj8MEvxBOK4gihYpmZf+ZQ1/WJgh
P0efD1aekEh0CLY9JqPglViVa+AhPmtVeKZNe2GK2GhS1MXiMhu+ZEFZosjK8B2g
j0f0M9M1IA8KyHrLulUTYq/b0qqmmrgX9mcLlHW5AC90t8JWbVIST3fhJdrPKWLL
4QpJ3hnJp39wS1vvWFsIsz4Z84xe1wlek19DVGme83Yl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:05 2025 by rpki-client