Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/ChzrRsVZQjCwustZamVfHUZqaQ8.roa
File: ChzrRsVZQjCwustZamVfHUZqaQ8.roa (raw, json)
Hash identifier: uqsonyJuxaG09QBVgPsibU0nc7ect37cGKqN4B/jQpk=
Subject key identifier: 0A:1C:EB:46:C5:59:42:30:B0:BA:CB:59:6A:65:5F:1D:46:6A:69:0F
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 081CEF16
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/ChzrRsVZQjCwustZamVfHUZqaQ8.roa
Signing time: Sat 01 Jan 2022 03:52:24 +0000
ROA not before: Sat 01 Jan 2022 03:52:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 91.149.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136113942 (0x81cef16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Jan 1 03:52:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a1ceb46c5594230b0bacb596a655f1d466a690f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5f:65:31:90:e2:44:2e:4c:df:62:da:61:ed:
1d:c6:91:66:b3:dc:11:74:e3:21:8a:88:df:3c:70:
f1:dc:98:06:d8:e7:e1:f5:98:0c:b0:bb:66:7d:7a:
c9:6c:3a:cd:ae:7d:41:c2:10:12:6a:92:89:8d:42:
e3:dd:1d:fd:4c:05:eb:14:1c:73:6c:7a:85:c0:42:
f2:3b:48:bf:cb:a3:53:00:75:80:8a:1f:b4:9d:95:
5c:33:d8:ca:7c:38:8d:b7:4d:d6:a8:6c:86:88:89:
5b:5e:e3:02:89:b9:25:9c:39:fa:78:1f:31:96:55:
42:11:8b:58:d3:40:1c:c7:e8:bf:5c:4d:4d:77:2f:
6b:f4:b7:d8:93:e6:f5:8f:23:ec:5b:0c:1f:18:f1:
0a:fd:8c:a3:f4:ae:1d:4e:ff:19:9e:2c:16:5c:91:
d3:0a:d7:3a:70:1d:00:11:2f:ce:34:e6:33:35:44:
10:68:18:1d:22:7c:17:75:93:81:3b:42:cb:bd:42:
fd:da:12:6b:ff:68:fa:f9:cc:9a:42:d3:e8:ca:f9:
06:ac:ce:52:30:45:b1:df:a0:b8:cd:3d:a0:4e:6f:
e4:72:fd:3d:4c:60:f6:31:7a:b6:16:bb:36:8b:27:
d2:c6:2d:c5:d5:b0:7b:b3:38:a6:36:38:4f:8e:22:
82:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1C:EB:46:C5:59:42:30:B0:BA:CB:59:6A:65:5F:1D:46:6A:69:0F
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/ChzrRsVZQjCwustZamVfHUZqaQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:cf:cd:76:59:2b:90:27:0d:d8:e1:46:ca:c6:f7:cb:13:bb:
e6:5f:6e:cb:67:fc:17:22:b7:27:c6:18:3c:b2:71:d0:eb:14:
90:de:17:47:c4:f0:2f:78:64:94:16:c8:89:82:35:90:d7:aa:
98:26:a7:bf:59:86:29:61:96:1a:04:2c:59:57:32:15:d6:05:
bd:d5:ed:11:78:ea:42:71:03:4e:20:11:23:34:c3:b4:43:ed:
74:20:b5:1f:d4:96:e1:fc:26:39:f1:5e:54:6c:aa:08:37:c5:
c0:0b:65:ea:0f:ad:df:51:6a:ad:cc:ec:48:ed:c2:01:ad:64:
b6:fe:16:79:6d:50:b6:06:4c:d9:61:75:40:37:20:90:b3:31:
e9:f9:e8:8b:26:d3:c2:d1:61:26:38:9c:b7:2f:5e:87:53:60:
9e:ec:41:8f:58:11:3e:eb:0c:cc:96:aa:8b:2f:c6:88:0c:7b:
90:93:85:9d:86:04:8e:2c:7f:99:a7:ff:16:7e:ca:fd:cb:f2:
88:1f:75:41:ef:e4:2a:47:ea:cc:45:ab:18:0a:51:41:9b:a3:
8d:07:3f:d9:d6:41:8d:11:f0:60:e4:2e:ec:a2:63:61:6a:78:
7f:2c:be:90:ec:34:12:48:90:ab:82:84:1c:79:c7:e3:e0:37:
eb:36:72:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBzvFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Njc4NTBlNTcxZjNmMmFjYTJjMWVjMWQ3ZTUwMmQ5YmQxODRjNDVjMB4XDTIyMDEw
MTAzNTIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGExY2ViNDZjNTU5
NDIzMGIwYmFjYjU5NmE2NTVmMWQ0NjZhNjkwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5fZTGQ4kQuTN9i2mHtHcaRZrPcEXTjIYqI3zxw8dyYBtjn
4fWYDLC7Zn16yWw6za59QcIQEmqSiY1C490d/UwF6xQcc2x6hcBC8jtIv8ujUwB1
gIoftJ2VXDPYynw4jbdN1qhshoiJW17jAom5JZw5+ngfMZZVQhGLWNNAHMfov1xN
TXcva/S32JPm9Y8j7FsMHxjxCv2Mo/SuHU7/GZ4sFlyR0wrXOnAdABEvzjTmMzVE
EGgYHSJ8F3WTgTtCy71C/doSa/9o+vnMmkLT6Mr5BqzOUjBFsd+guM09oE5v5HL9
PUxg9jF6tha7Nosn0sYtxdWwe7M4pjY4T44igi0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKHOtGxVlCMLC6y1lqZV8dRmppDzAfBgNVHSMEGDAWgBSmeFDlcfPyrKLB
7B1+UC2b0YTEXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BuaFE1WEh6OHF5aXdld2RmbEF0bTlHRXhGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8x
L0NoenJSc1ZaUWpDd3VzdFphbVZmSFVacWFROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MzMwOWI1LWY5M2YtNGM2Mi04ZGNlLWIwYzE1MWU1MTZjZi8xL3BuaFE1WEh6OHF5
aXdld2RmbEF0bTlHRXhGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuV/DANBgkqhkiG9w0BAQsFAAOC
AQEAs8/NdlkrkCcN2OFGysb3yxO75l9uy2f8FyK3J8YYPLJx0OsUkN4XR8TwL3hk
lBbIiYI1kNeqmCanv1mGKWGWGgQsWVcyFdYFvdXtEXjqQnEDTiARIzTDtEPtdCC1
H9SW4fwmOfFeVGyqCDfFwAtl6g+t31FqrczsSO3CAa1ktv4WeW1QtgZM2WF1QDcg
kLMx6fnoiybTwtFhJjicty9eh1NgnuxBj1gRPusMzJaqiy/GiAx7kJOFnYYEjix/
maf/Fn7K/cvyiB91Qe/kKkfqzEWrGApRQZujjQc/2dZBjRHwYOQu7KJjYWp4fyy+
kOw0EkiQq4KEHHnH4+A36zZytA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org