Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/hONqM_OAmwu_sR8DIjc5jGE3SiE.roa
File: hONqM_OAmwu_sR8DIjc5jGE3SiE.roa (raw, json)
Hash identifier: +Eou65cM6sG7qhtVRP5wa6O7TWYJ8dXCrrWuIC9tjas=
Subject key identifier: 84:E3:6A:33:F3:80:9B:0B:BF:B1:1F:03:22:37:39:8C:61:37:4A:21
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 01847CEC7DD01D79420824FF8E2D2D3E493F
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/hONqM_OAmwu_sR8DIjc5jGE3SiE.roa
Signing time: Tue 15 Nov 2022 20:13:04 +0000
ROA not before: Tue 15 Nov 2022 20:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.236.0/23 maxlen: 23
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:ec:7d:d0:1d:79:42:08:24:ff:8e:2d:2d:3e:49:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Nov 15 20:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84e36a33f3809b0bbfb11f032237398c61374a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f1:d2:13:c4:c1:24:3a:05:50:40:a5:40:70:
35:5f:98:62:0c:b3:2d:bd:16:dd:99:d0:0a:bf:85:
08:cc:05:a3:a8:42:46:25:15:a2:0d:7e:71:79:6b:
81:2c:18:37:35:cf:ee:94:1b:b6:44:e6:ba:c2:f6:
c6:bf:e2:5f:87:a4:3c:b2:d7:d5:ea:65:a1:c6:cc:
8c:55:21:00:dc:c3:1e:6f:a8:eb:4d:e0:43:23:1f:
32:01:55:af:5e:e5:46:dd:10:d7:3c:ec:43:3d:af:
85:fe:87:2d:c0:24:85:90:d7:6e:54:47:40:a8:50:
4e:6b:b3:dc:77:3b:19:94:39:de:d2:62:45:78:08:
73:73:31:f8:50:fc:6d:a4:71:4c:de:2c:98:21:55:
cf:20:00:e4:d6:52:1a:3d:02:8c:06:50:ed:7f:e2:
f4:34:70:e0:1c:41:9c:bf:78:e5:70:fa:6d:17:c8:
9e:78:8b:d7:d2:41:e9:f5:6b:ce:dc:83:88:38:65:
04:2f:0a:43:2e:c8:60:b5:37:72:8b:a1:ef:34:56:
8a:29:36:10:86:b0:ce:65:a2:48:f2:88:86:f0:bf:
95:8d:55:fc:4f:70:e6:ff:07:5c:24:f3:88:7e:b3:
84:f8:87:82:db:6e:f7:1b:da:99:78:b5:54:31:32:
9d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E3:6A:33:F3:80:9B:0B:BF:B1:1F:03:22:37:39:8C:61:37:4A:21
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/hONqM_OAmwu_sR8DIjc5jGE3SiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/24
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.236.0/23
91.149.240.0/22
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
8f:38:99:03:1c:0f:80:fa:bb:e5:6e:83:44:ef:c1:23:df:1e:
18:f2:97:2f:b6:16:d0:5c:40:87:17:1e:a1:31:cc:87:1c:aa:
2b:4e:94:ca:40:6a:43:88:35:29:14:09:31:51:4a:aa:87:c2:
af:13:a3:5f:a2:5f:23:80:3a:98:37:97:6d:cb:d9:c4:9d:08:
f0:50:e0:7f:82:8c:0f:fd:e8:58:ea:cb:ba:a5:1e:8f:a0:53:
d6:dd:e9:ba:31:43:77:e4:8d:59:a9:78:fb:84:d9:a3:98:e2:
1e:f6:61:30:ea:64:dc:0b:39:0e:cb:52:8e:5c:86:20:45:b7:
1f:9b:07:7e:24:ad:2e:75:08:71:c5:74:98:7f:9d:97:ce:e0:
34:e6:3d:40:ee:c1:d6:56:a7:21:31:53:f5:51:df:a9:f8:ba:
02:ce:de:7d:0a:f4:3f:cc:6d:2b:e8:5b:b4:81:90:39:f0:4b:
1a:10:5e:fb:7c:fc:b0:ce:39:47:9a:5a:31:1c:9a:a3:2e:1a:
75:7b:ae:25:dc:e3:80:46:ae:4c:d0:6d:eb:16:f9:3d:c9:5f:
c9:dc:fc:5b:f4:08:fb:13:98:d0:85:b2:8d:62:db:c6:57:22:
ba:0e:c3:0c:f1:e8:57:f8:9a:9a:ce:e4:bf:3f:69:7d:99:82:
a9:46:06:00
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYR87H3QHXlCCCT/ji0tPkk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIxMTE1MjAxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUzNmEzM2YzODA5YjBiYmZiMTFmMDMyMjM3Mzk4YzYxMzc0YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfHSE8TBJDoFUEClQHA1X5hiDLMt
vRbdmdAKv4UIzAWjqEJGJRWiDX5xeWuBLBg3Nc/ulBu2ROa6wvbGv+Jfh6Q8stfV
6mWhxsyMVSEA3MMeb6jrTeBDIx8yAVWvXuVG3RDXPOxDPa+F/octwCSFkNduVEdA
qFBOa7PcdzsZlDne0mJFeAhzczH4UPxtpHFM3iyYIVXPIADk1lIaPQKMBlDtf+L0
NHDgHEGcv3jlcPptF8ieeIvX0kHp9WvO3IOIOGUELwpDLshgtTdyi6HvNFaKKTYQ
hrDOZaJI8oiG8L+VjVX8T3Dm/wdcJPOIfrOE+IeC2273G9qZeLVUMTKdjQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFITjajPzgJsLv7EfAyI3OYxhN0ohMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvaE9OcU1fT0Ftd3Vfc1I4RElqYzVqR0UzU2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5AwQBW5XKAwQA
W5XaMAwDBABbld0DBAVblcADBAFblegDBAFblewDBAJblfAwCwMEAFuV/QMDAVuU
MA0GCSqGSIb3DQEBCwUAA4IBAQCPOJkDHA+A+rvlboNE78Ej3x4Y8pcvthbQXECH
Fx6hMcyHHKorTpTKQGpDiDUpFAkxUUqqh8KvE6Nfol8jgDqYN5dty9nEnQjwUOB/
gowP/ehY6su6pR6PoFPW3em6MUN35I1ZqXj7hNmjmOIe9mEw6mTcCzkOy1KOXIYg
Rbcfmwd+JK0udQhxxXSYf52XzuA05j1A7sHWVqchMVP1Ud+p+LoCzt59CvQ/zG0r
6Fu0gZA58EsaEF77fPywzjlHmloxHJqjLhp1e64l3OOARq5M0G3rFvk9yV/J3Pxb
9Aj7E5jQhbKNYtvGVyK6DsMM8ehX+JqazuS/P2l9mYKpRgYA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org