Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/fXNOn6fb4EnvzRs6_89oPQmSsrM.roa
File: fXNOn6fb4EnvzRs6_89oPQmSsrM.roa (raw, json)
Hash identifier: RdR0Nb/0JrHrbZX7mxul1saX8slPMdsINRtRShW8ly8=
Subject key identifier: 7D:73:4E:9F:A7:DB:E0:49:EF:CD:1B:3A:FF:CF:68:3D:09:92:B2:B3
Certificate issuer: /CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Certificate serial: 01877A857DDD5537D62D1F328106E04A4486
Authority key identifier: 3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/fXNOn6fb4EnvzRs6_89oPQmSsrM.roa
Signing time: Thu 13 Apr 2023 12:09:41 +0000
ROA not before: Thu 13 Apr 2023 12:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.216.0/22 maxlen: 24
91.108.220.0/22 maxlen: 24
91.108.224.0/19 maxlen: 24
91.108.255.0/24 maxlen: 24
91.108.192.0/22 maxlen: 24
91.108.196.0/22 maxlen: 24
91.108.204.0/22 maxlen: 24
91.108.200.0/22 maxlen: 24
91.108.208.0/22 maxlen: 24
91.108.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:85:7d:dd:55:37:d6:2d:1f:32:81:06:e0:4a:44:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Validity
Not Before: Apr 13 12:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d734e9fa7dbe049efcd1b3affcf683d0992b2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3f:fd:da:d2:90:79:85:9b:01:00:9e:ee:e6:
4c:90:08:77:a4:e7:93:c1:13:13:40:86:9e:22:a0:
d1:96:b9:cd:e9:02:04:b7:79:da:65:df:33:cc:df:
ec:18:89:98:b8:05:37:a7:8f:45:e9:e3:f9:d5:d7:
d9:6c:ff:83:e9:f1:ec:23:df:5e:27:5e:4c:e8:52:
22:a5:b6:58:34:34:a6:1c:ff:2c:68:05:0f:4a:cf:
80:22:78:c0:7f:5a:6c:4d:85:db:aa:90:e4:36:ab:
d0:5b:93:e9:20:af:97:b2:f8:40:fc:97:2c:69:a2:
61:2a:bc:21:ab:7f:97:3f:4e:e9:4f:a5:d4:fa:30:
9f:c1:db:ab:6e:21:4c:3f:65:a2:08:da:6e:bd:9f:
26:0d:ae:1e:a8:ee:73:60:18:a7:86:57:8d:aa:ec:
97:3d:d4:f4:44:50:80:5f:47:ed:b9:af:ad:59:7d:
2d:2a:24:0d:ad:aa:04:79:d6:81:0f:91:18:c9:8e:
19:16:3f:ae:2e:0f:89:85:9c:8c:76:f0:ef:ba:ca:
26:9a:67:41:58:2c:06:d4:0f:9b:2a:f2:b0:f7:6f:
28:a5:22:72:47:cd:3b:2d:e8:0e:a5:16:5b:6f:2f:
40:b0:eb:1c:af:dd:0b:2c:29:71:60:fb:e9:8e:93:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:73:4E:9F:A7:DB:E0:49:EF:CD:1B:3A:FF:CF:68:3D:09:92:B2:B3
X509v3 Authority Key Identifier:
keyid:3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/fXNOn6fb4EnvzRs6_89oPQmSsrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0/18
Signature Algorithm: sha256WithRSAEncryption
99:ca:3e:e8:57:86:76:22:43:55:e6:26:4c:7a:ce:84:db:ea:
0e:63:ea:a8:07:17:c6:49:88:6d:40:69:86:65:e8:8b:2c:6a:
bb:96:77:09:e0:61:05:34:18:5c:63:4d:eb:51:65:71:a1:c4:
65:65:70:2f:f6:c5:ab:8b:45:b8:d3:62:ea:d1:1c:78:c3:4e:
e9:4f:bf:f9:e1:3a:1b:c7:60:bf:5e:e2:13:d8:3e:2c:05:2c:
6d:23:80:d6:b1:f8:d5:1d:29:b3:11:3e:ed:57:60:07:03:ae:
8f:a7:1d:b7:78:90:76:6a:da:5d:b3:3a:d8:74:cd:97:2e:c1:
e9:89:ef:8c:6d:e2:fc:c8:a6:25:02:85:75:c5:65:34:62:f7:
b0:50:23:e6:44:1f:77:80:06:d6:9c:f0:62:47:54:66:a8:7e:
5c:68:90:a0:fd:e5:af:62:6d:40:c4:b8:1a:58:84:0a:dd:44:
27:36:c4:f7:44:6f:5f:cc:8b:c4:49:d6:b6:df:0f:2b:17:08:
0b:5c:16:f3:70:f2:aa:38:63:f1:6f:d6:88:e0:a7:d7:0a:59:
33:9a:96:d9:82:6e:2a:71:74:45:47:04:ae:db:7f:12:ce:07:
a1:79:02:40:3b:50:df:02:51:9a:ca:c6:84:0c:73:58:a9:b2:
cf:c0:1c:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6hX3dVTfWLR8ygQbgSkSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZGVlYTNiNmFhYzRkODM0YjRmZDdjMmU1ZDNjMzk3ZjYx
ZjQzZDYwHhcNMjMwNDEzMTIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDczNGU5ZmE3ZGJlMDQ5ZWZjZDFiM2FmZmNmNjgzZDA5OTJiMmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj/92tKQeYWbAQCe7uZMkAh3pOeT
wRMTQIaeIqDRlrnN6QIEt3naZd8zzN/sGImYuAU3p49F6eP51dfZbP+D6fHsI99e
J15M6FIipbZYNDSmHP8saAUPSs+AInjAf1psTYXbqpDkNqvQW5PpIK+XsvhA/Jcs
aaJhKrwhq3+XP07pT6XU+jCfwdurbiFMP2WiCNpuvZ8mDa4eqO5zYBinhleNquyX
PdT0RFCAX0ftua+tWX0tKiQNraoEedaBD5EYyY4ZFj+uLg+JhZyMdvDvusommmdB
WCwG1A+bKvKw928opSJyR807LegOpRZbby9AsOscr90LLClxYPvpjpMIWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH1zTp+n2+BJ780bOv/PaD0JkrKzMB8GA1UdIwQY
MBaAFDre6jtqrE2DS0/XwuXTw5f2H0PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUt
MjNiMDcyZjViMTg4LzEvZlhOT242ZmI0RW52elJzNl84OW9QUW1Tc3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUtMjNiMDcyZjViMTg4
LzEvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW2zAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZyj7oV4Z2IkNV5iZMes6E2+oOY+qoBxfGSYhtQGmG
ZeiLLGq7lncJ4GEFNBhcY03rUWVxocRlZXAv9sWri0W402Lq0Rx4w07pT7/54Tob
x2C/XuIT2D4sBSxtI4DWsfjVHSmzET7tV2AHA66Ppx23eJB2atpdszrYdM2XLsHp
ie+MbeL8yKYlAoV1xWU0YvewUCPmRB93gAbWnPBiR1RmqH5caJCg/eWvYm1AxLga
WIQK3UQnNsT3RG9fzIvESda23w8rFwgLXBbzcPKqOGPxb9aI4KfXClkzmpbZgm4q
cXRFRwSu238SzgeheQJAO1DfAlGaysaEDHNYqbLPwBy3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-ams.rpki-client.org