Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/3z27VIMg2qacoSJ8PA7S1g8-mRs.roa
File: 3z27VIMg2qacoSJ8PA7S1g8-mRs.roa (raw, json)
Hash identifier: +7j4WKtMzROIgmqdl+eC7Am/5uRJEsqu/u9B3lMOp2k=
Subject key identifier: DF:3D:BB:54:83:20:DA:A6:9C:A1:22:7C:3C:0E:D2:D6:0F:3E:99:1B
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 0183CB997A7365DAF883BC40372BDBD58A71
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/3z27VIMg2qacoSJ8PA7S1g8-mRs.roa
Signing time: Wed 12 Oct 2022 09:49:36 +0000
ROA not before: Wed 12 Oct 2022 09:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.219.0/24 maxlen: 24
91.149.221.0/24 maxlen: 24
91.149.236.0/22 maxlen: 22
91.149.235.0/24 maxlen: 24
91.149.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:99:7a:73:65:da:f8:83:bc:40:37:2b:db:d5:8a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Oct 12 09:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df3dbb548320daa69ca1227c3c0ed2d60f3e991b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:98:f0:5d:85:f5:e3:ba:c6:9e:51:b0:4a:a4:
19:c5:26:a3:a4:39:70:97:07:3b:b1:14:e0:e8:77:
ea:84:9d:97:2d:70:b9:aa:29:00:63:38:8f:29:d9:
9b:76:77:16:34:1c:00:81:bf:38:03:e1:79:61:08:
79:ff:a6:eb:ec:f1:9c:11:e8:b8:85:d1:13:2c:6c:
a0:89:59:4b:5d:99:5c:37:c1:7b:76:3c:77:83:0c:
b1:15:1e:2b:52:c8:3a:05:b0:2e:b5:05:82:19:33:
22:79:b9:b5:ac:92:35:38:1c:06:37:a3:0f:18:67:
d0:ad:38:c8:71:e9:8a:c7:04:89:68:25:4e:0c:09:
66:83:3e:5d:1c:6c:08:35:b1:82:c2:d0:53:67:41:
82:d5:e4:8b:5a:c3:21:c3:d4:8b:6c:81:89:b3:fa:
ca:ad:5c:d9:89:34:03:a4:85:e3:ed:1c:9f:08:f4:
c1:57:b4:3c:90:17:d7:60:f1:e0:e0:9d:5c:d0:8a:
9f:9c:3c:69:27:51:f2:e9:0b:6c:c5:7c:5d:fd:f3:
f7:7f:17:dd:d5:2e:c7:ea:d3:c7:b7:25:34:c7:c8:
c8:b7:08:61:dc:23:68:53:f5:f1:e5:01:f0:a7:67:
80:a8:30:dc:8c:e8:b9:71:50:43:16:c7:1a:22:ef:
18:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3D:BB:54:83:20:DA:A6:9C:A1:22:7C:3C:0E:D2:D6:0F:3E:99:1B
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/3z27VIMg2qacoSJ8PA7S1g8-mRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.219.0/24
91.149.221.0/24
91.149.235.0-91.149.239.255
91.149.252.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4b:72:5f:44:77:59:e7:9f:12:98:9c:09:8c:64:47:d5:ed:
87:6a:9c:82:d6:5a:b8:ef:f0:3d:7c:01:49:26:78:a5:e8:08:
11:48:21:ae:4f:bc:08:56:f3:4a:29:9a:b0:85:c7:a9:35:08:
58:47:15:9c:79:d3:13:a7:7c:2a:f5:5b:bd:e8:ed:1c:5c:26:
3d:77:f3:8f:85:33:8e:ae:3f:b9:ec:72:7f:14:5c:67:61:ed:
01:a9:63:2c:93:18:6e:8d:27:de:33:1f:82:ec:e8:22:fc:b0:
24:0c:0e:ad:56:46:c3:76:45:cd:f2:f6:52:96:95:a7:7f:f5:
b6:83:4a:dd:8a:06:d9:52:e0:ce:86:68:37:ca:94:0a:84:3e:
68:bd:09:59:6d:0f:d5:9d:96:b6:2d:96:4e:5f:8f:18:87:99:
9b:06:6e:16:cc:a1:71:04:d0:21:02:bf:07:0d:a8:a3:6e:13:
42:08:70:dc:68:89:5e:db:a9:97:ec:e4:d1:c6:e3:e4:b4:c4:
41:8a:58:4f:b0:92:be:0a:32:1b:68:25:71:e3:3f:20:2b:bf:
e1:88:4f:89:d7:9c:65:b2:43:e0:be:33:35:3d:23:92:0d:60:
bc:00:4a:08:60:c7:12:80:25:66:a9:3e:99:a7:18:42:62:79:
6b:7d:41:b5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYPLmXpzZdr4g7xANyvb1YpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIxMDEyMDk0OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNkYmI1NDgzMjBkYWE2OWNhMTIyN2MzYzBlZDJkNjBmM2U5OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZjwXYX147rGnlGwSqQZxSajpDlw
lwc7sRTg6HfqhJ2XLXC5qikAYziPKdmbdncWNBwAgb84A+F5YQh5/6br7PGcEei4
hdETLGygiVlLXZlcN8F7djx3gwyxFR4rUsg6BbAutQWCGTMiebm1rJI1OBwGN6MP
GGfQrTjIcemKxwSJaCVODAlmgz5dHGwINbGCwtBTZ0GC1eSLWsMhw9SLbIGJs/rK
rVzZiTQDpIXj7RyfCPTBV7Q8kBfXYPHg4J1c0IqfnDxpJ1Hy6QtsxXxd/fP3fxfd
1S7H6tPHtyU0x8jItwhh3CNoU/Xx5QHwp2eAqDDcjOi5cVBDFscaIu8YpwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN89u1SDINqmnKEifDwO0tYPPpkbMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvM3oyN1ZJTWcycWFjb1NKOFBBN1MxZzgtbVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW5XXAwQA
W5XbAwQAW5XdMAwDBABblesDBARbleADBABblfwwDQYJKoZIhvcNAQELBQADggEB
AFNLcl9Ed1nnnxKYnAmMZEfV7YdqnILWWrjv8D18AUkmeKXoCBFIIa5PvAhW80op
mrCFx6k1CFhHFZx50xOnfCr1W73o7RxcJj1384+FM46uP7nscn8UXGdh7QGpYyyT
GG6NJ94zH4Ls6CL8sCQMDq1WRsN2Rc3y9lKWlad/9baDSt2KBtlS4M6GaDfKlAqE
Pmi9CVltD9WdlrYtlk5fjxiHmZsGbhbMoXEE0CECvwcNqKNuE0IIcNxoiV7bqZfs
5NHG4+S0xEGKWE+wkr4KMhtoJXHjPyArv+GIT4nXnGWyQ+C+MzU9I5INYLwASghg
xxKAJWapPpmnGEJieWt9QbU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org