Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/Q6D6eiO02ZlCEYQKxqgaOKzG8jE.roa
File: Q6D6eiO02ZlCEYQKxqgaOKzG8jE.roa (raw, json)
Hash identifier: RXdPp3yUgHddik/EkCAJT+D34Wigs8n7ZZKcU1o3KpQ=
Subject key identifier: 43:A0:FA:7A:23:B4:D9:99:42:11:84:0A:C6:A8:1A:38:AC:C6:F2:31
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 0183CB997989D244602616C6854A00EB2E09
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/Q6D6eiO02ZlCEYQKxqgaOKzG8jE.roa
Signing time: Wed 12 Oct 2022 09:49:36 +0000
ROA not before: Wed 12 Oct 2022 09:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:99:79:89:d2:44:60:26:16:c6:85:4a:00:eb:2e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Oct 12 09:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43a0fa7a23b4d9994211840ac6a81a38acc6f231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:da:2e:07:f0:69:ae:3b:c7:a6:eb:4a:23:
68:0b:cd:a2:db:c3:2d:bf:1b:85:34:2a:f8:5f:bc:
33:d9:63:2e:e1:d1:2f:e8:30:71:70:ed:7b:31:de:
3a:41:ee:9c:cc:bb:b6:d9:73:df:9e:62:c7:fe:cf:
59:fc:68:d3:56:ba:a2:7f:c9:4f:72:bc:02:16:bf:
48:f3:35:8b:ac:6a:a1:69:ed:4a:4a:96:c6:2c:54:
03:f3:7c:89:64:9c:21:63:f3:4b:8e:c9:84:c2:e4:
c0:e0:47:f7:b6:7a:b1:96:04:a3:6c:88:a9:3f:02:
0b:66:96:d2:32:e3:e1:25:bb:ee:a6:80:bb:74:c3:
8a:0d:35:a4:6a:09:e1:56:84:30:6d:0c:a6:12:70:
e4:d6:d3:ba:47:2e:34:59:e2:0b:0f:63:bc:8e:68:
36:72:82:22:fb:be:bf:b6:80:03:a6:6f:5f:a9:72:
58:0d:be:11:c7:7c:61:0e:e6:54:a0:30:58:28:84:
b3:f1:8b:1c:11:34:c1:c3:46:e9:c7:14:64:4b:f2:
67:3f:61:96:6c:cc:56:9d:a4:92:e7:0a:d7:c8:1e:
cd:45:74:3c:ca:cf:06:af:ef:0e:5e:d1:38:a8:65:
cb:c3:4d:d0:8a:5b:77:03:ff:c2:f2:3e:c1:ae:ad:
21:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A0:FA:7A:23:B4:D9:99:42:11:84:0A:C6:A8:1A:38:AC:C6:F2:31
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/Q6D6eiO02ZlCEYQKxqgaOKzG8jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/24
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.240.0/22
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
0c:e4:4d:1a:6d:2a:69:10:63:0c:ed:42:b5:62:24:33:8d:69:
e7:bc:56:eb:3b:b0:85:dc:61:c5:58:50:34:8d:20:6d:91:71:
f5:0e:7b:ab:6c:01:9a:c2:62:ac:f8:79:b2:23:1f:07:01:00:
e4:a6:a2:ec:29:36:4d:71:f6:76:8f:6e:96:34:59:b4:75:c8:
93:dc:fe:ab:4c:7b:cc:2b:3d:4a:a2:dd:82:f7:74:46:0f:66:
16:33:4b:bb:34:b3:1d:c8:df:e4:1a:9c:18:16:b0:92:58:cd:
17:69:a1:b6:3b:9b:c5:84:49:a6:59:64:a2:10:80:24:b3:4d:
8c:28:8f:84:56:d3:aa:5d:e1:5a:28:49:a7:7a:0a:24:a5:65:
c0:98:f8:c2:4b:41:76:7c:9d:2f:cc:70:59:86:13:1f:aa:c1:
03:cf:20:e5:d5:d0:a2:ab:1e:3e:84:b9:fd:91:60:3f:60:43:
09:2c:80:ef:de:3c:af:d2:99:13:a8:4c:b8:4c:0a:a8:4f:0a:
fe:dd:8b:82:10:b8:0b:25:68:93:e5:f5:e8:30:df:bd:ec:1f:
da:70:f8:4a:9c:76:de:16:8b:a2:c7:83:c2:02:ad:ae:a5:86:
c6:7a:6b:62:e3:78:49:bc:c7:7b:a2:9e:4d:96:09:d3:4e:e3:
4e:98:5e:18
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYPLmXmJ0kRgJhbGhUoA6y4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIxMDEyMDk0OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2EwZmE3YTIzYjRkOTk5NDIxMTg0MGFjNmE4MWEzOGFjYzZmMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjunaLgfwaa47x6brSiNoC82i28Mt
vxuFNCr4X7wz2WMu4dEv6DBxcO17Md46Qe6czLu22XPfnmLH/s9Z/GjTVrqif8lP
crwCFr9I8zWLrGqhae1KSpbGLFQD83yJZJwhY/NLjsmEwuTA4Ef3tnqxlgSjbIip
PwILZpbSMuPhJbvupoC7dMOKDTWkagnhVoQwbQymEnDk1tO6Ry40WeILD2O8jmg2
coIi+76/toADpm9fqXJYDb4Rx3xhDuZUoDBYKISz8YscETTBw0bpxxRkS/JnP2GW
bMxWnaSS5wrXyB7NRXQ8ys8Gr+8OXtE4qGXLw03Qilt3A//C8j7Brq0hyQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEOg+nojtNmZQhGECsaoGjisxvIxMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvUTZENmVpTzAyWmxDRVlRS3hxZ2FPS3pHOGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAATAzAwQBW5XKAwQA
W5XaMAwDBABbld0DBAVblcADBAFblegDBAJblfAwCwMEAFuV/QMDAVuUMA0GCSqG
SIb3DQEBCwUAA4IBAQAM5E0abSppEGMM7UK1YiQzjWnnvFbrO7CF3GHFWFA0jSBt
kXH1DnurbAGawmKs+HmyIx8HAQDkpqLsKTZNcfZ2j26WNFm0dciT3P6rTHvMKz1K
ot2C93RGD2YWM0u7NLMdyN/kGpwYFrCSWM0XaaG2O5vFhEmmWWSiEIAks02MKI+E
VtOqXeFaKEmnegokpWXAmPjCS0F2fJ0vzHBZhhMfqsEDzyDl1dCiqx4+hLn9kWA/
YEMJLIDv3jyv0pkTqEy4TAqoTwr+3YuCELgLJWiT5fXoMN+97B/acPhKnHbeFoui
x4PCAq2upYbGemti43hJvMd7op5NlgnTTuNOmF4Y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org