Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/wYlIQ3DPKgXmk0V23AtVjBOJR7s.roa
File: wYlIQ3DPKgXmk0V23AtVjBOJR7s.roa (raw, json)
Hash identifier: MX7z5ac0zdz0lT7RoJBIaMSEIHiKEeGvOvYo1Rlu4VU=
Subject key identifier: C1:89:48:43:70:CF:2A:05:E6:93:45:76:DC:0B:55:8C:13:89:47:BB
Certificate issuer: /CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Certificate serial: 0187F7E83E9FF20BD9DC5FFB3310952B20E6
Authority key identifier: 3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/wYlIQ3DPKgXmk0V23AtVjBOJR7s.roa
Signing time: Sun 07 May 2023 20:30:05 +0000
ROA not before: Sun 07 May 2023 20:30:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.216.0/22 maxlen: 24
91.108.216.0/21 maxlen: 24
91.108.220.0/22 maxlen: 24
91.108.224.0/19 maxlen: 24
91.108.255.0/24 maxlen: 24
91.108.192.0/22 maxlen: 24
91.108.196.0/22 maxlen: 24
91.108.204.0/22 maxlen: 24
91.108.200.0/22 maxlen: 24
91.108.208.0/22 maxlen: 24
91.108.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f7:e8:3e:9f:f2:0b:d9:dc:5f:fb:33:10:95:2b:20:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3adeea3b6aac4d834b4fd7c2e5d3c397f61f43d6
Validity
Not Before: May 7 20:30:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c189484370cf2a05e6934576dc0b558c138947bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e3:7b:fd:c6:5e:8e:c6:b8:6d:ca:73:2e:6a:
d0:d8:7f:04:55:9a:65:cd:48:42:a5:80:a6:08:12:
3a:54:2c:56:d9:49:99:ff:5b:da:5f:01:ed:6b:21:
fb:2f:8b:2c:60:20:7c:5c:e8:85:f5:87:67:07:12:
cd:f4:2e:58:4a:22:43:63:b3:db:cd:3e:13:2c:85:
ed:79:67:79:7b:09:10:5f:1d:f8:40:1c:1d:10:1c:
a7:87:b1:03:8e:0f:e5:34:a4:6a:e1:9c:f8:62:74:
ec:18:f6:f0:e1:fe:19:7d:81:63:29:39:ab:ee:7a:
3f:4a:fe:83:ba:fe:c5:f3:2c:6e:94:d4:22:12:fc:
09:4c:ac:f5:8f:7f:7c:c4:9c:4b:cb:26:de:79:c3:
e8:3e:e4:cd:6c:65:36:86:c9:97:6e:87:8b:39:69:
62:be:6b:60:8f:2e:73:c0:1c:a2:2c:cf:62:2c:62:
3c:39:d7:38:00:c0:27:0f:d6:29:45:f7:ee:3b:24:
d4:e3:6f:9a:bc:62:ba:fa:30:bd:36:b2:27:2f:5e:
a8:b2:c2:45:6f:2b:08:84:43:5f:8b:33:c5:d8:70:
c4:61:55:ff:95:bf:58:a5:e7:05:31:74:35:e2:bd:
81:16:44:62:fa:32:ac:17:3e:82:e0:e5:e4:45:5c:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:89:48:43:70:CF:2A:05:E6:93:45:76:DC:0B:55:8C:13:89:47:BB
X509v3 Authority Key Identifier:
keyid:3A:DE:EA:3B:6A:AC:4D:83:4B:4F:D7:C2:E5:D3:C3:97:F6:1F:43:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/wYlIQ3DPKgXmk0V23AtVjBOJR7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/015f44-0f4c-4714-8615-23b072f5b188/1/Ot7qO2qsTYNLT9fC5dPDl_YfQ9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a4:d8:b9:c2:6e:5c:7e:74:39:48:f6:01:90:73:c8:46:dc:68:
f2:cb:a2:83:f3:4f:72:aa:98:21:53:2c:4f:60:6d:74:69:a8:
73:44:2e:b6:3c:ed:13:ac:33:55:d3:f4:14:ef:e5:4a:e3:09:
5e:bf:e9:02:34:63:4a:8a:10:57:14:8b:f2:2d:25:e4:f9:59:
9d:e1:c4:9b:1b:00:63:d0:4e:d8:39:d2:9d:ff:a3:06:a0:60:
b7:45:d0:8d:83:ef:ea:0a:c4:76:ce:4d:3c:57:a2:77:a2:11:
d5:7a:80:1c:26:ad:2f:1a:af:b3:f0:91:6e:e4:4b:ab:97:12:
eb:45:30:ab:b6:91:11:6d:49:16:ce:c2:c6:13:1d:1f:dd:bc:
5e:66:f4:8b:8d:6e:de:71:81:f9:42:72:f4:70:3d:44:52:06:
1b:01:0c:a7:fd:d5:6c:1f:93:70:2a:c7:d2:08:fe:1d:6e:4b:
a5:98:bf:f2:53:b5:b5:b2:09:6b:e2:b1:2f:a6:5a:20:b9:a9:
95:88:3c:6a:86:fa:0a:2e:f7:6c:52:7c:09:2c:22:45:da:eb:
de:87:93:4a:c6:a6:de:7e:45:53:35:9e:bc:fc:36:ef:68:aa:
dc:3a:fd:37:a9:98:6a:6a:c4:a0:6e:a4:53:1a:ae:b5:74:d6:
c2:70:53:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf36D6f8gvZ3F/7MxCVKyDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZGVlYTNiNmFhYzRkODM0YjRmZDdjMmU1ZDNjMzk3ZjYx
ZjQzZDYwHhcNMjMwNTA3MjAzMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg5NDg0MzcwY2YyYTA1ZTY5MzQ1NzZkYzBiNTU4YzEzODk0N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuN7/cZejsa4bcpzLmrQ2H8EVZpl
zUhCpYCmCBI6VCxW2UmZ/1vaXwHtayH7L4ssYCB8XOiF9YdnBxLN9C5YSiJDY7Pb
zT4TLIXteWd5ewkQXx34QBwdEBynh7EDjg/lNKRq4Zz4YnTsGPbw4f4ZfYFjKTmr
7no/Sv6Duv7F8yxulNQiEvwJTKz1j398xJxLyybeecPoPuTNbGU2hsmXboeLOWli
vmtgjy5zwByiLM9iLGI8Odc4AMAnD9YpRffuOyTU42+avGK6+jC9NrInL16ossJF
bysIhENfizPF2HDEYVX/lb9YpecFMXQ14r2BFkRi+jKsFz6C4OXkRVz+uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGJSENwzyoF5pNFdtwLVYwTiUe7MB8GA1UdIwQY
MBaAFDre6jtqrE2DS0/XwuXTw5f2H0PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUt
MjNiMDcyZjViMTg4LzEvd1lsSVEzRFBLZ1htazBWMjNBdFZqQk9KUjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wMTVmNDQtMGY0Yy00NzE0LTg2MTUtMjNiMDcyZjViMTg4
LzEvT3Q3cU8ycXNUWU5MVDlmQzVkUERsX1lmUTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGW2zAMA0G
CSqGSIb3DQEBCwUAA4IBAQCk2LnCblx+dDlI9gGQc8hG3Gjyy6KD809yqpghUyxP
YG10aahzRC62PO0TrDNV0/QU7+VK4wlev+kCNGNKihBXFIvyLSXk+Vmd4cSbGwBj
0E7YOdKd/6MGoGC3RdCNg+/qCsR2zk08V6J3ohHVeoAcJq0vGq+z8JFu5EurlxLr
RTCrtpERbUkWzsLGEx0f3bxeZvSLjW7ecYH5QnL0cD1EUgYbAQyn/dVsH5NwKsfS
CP4dbkulmL/yU7W1sglr4rEvploguamViDxqhvoKLvdsUnwJLCJF2uveh5NKxqbe
fkVTNZ68/DbvaKrcOv03qZhqasSgbqRTGq61dNbCcFPF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:25 2025 by rpki-client