Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/iFmSjCoF9b7qXkzOdLsDp7_nZyE.roa
File: iFmSjCoF9b7qXkzOdLsDp7_nZyE.roa (raw, json)
Hash identifier: WwCo+OcnY6UAKCLRrJIYbFFpEUrQlWSFpF9XoRqKmkw=
Subject key identifier: 88:59:92:8C:2A:05:F5:BE:EA:5E:4C:CE:74:BB:03:A7:BF:E7:67:21
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 0183C7BAE35BA8F3E06F6627FC1FA823B201
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/iFmSjCoF9b7qXkzOdLsDp7_nZyE.roa
Signing time: Tue 11 Oct 2022 15:47:37 +0000
ROA not before: Tue 11 Oct 2022 15:47:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.202.0/23 maxlen: 23
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:ba:e3:5b:a8:f3:e0:6f:66:27:fc:1f:a8:23:b2:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Oct 11 15:47:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8859928c2a05f5beea5e4cce74bb03a7bfe76721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4e:3d:a0:7b:c4:72:f7:2d:4b:02:4b:84:cd:
da:9a:92:09:cb:a7:e0:fb:f0:83:49:53:18:a7:89:
b9:c8:21:2c:64:ab:7a:67:65:39:9a:cf:e0:b5:62:
58:76:36:eb:c0:99:4a:f2:6f:b5:f5:c9:20:f2:e1:
21:0f:f9:63:ad:79:bc:20:7a:65:a1:cf:12:3c:aa:
41:82:b0:1b:34:76:94:0a:05:f4:b9:1a:d2:ea:dc:
11:9c:8e:a3:79:31:86:e4:90:a8:f3:fb:c2:06:22:
85:04:0f:f6:f6:f2:45:32:94:42:17:f3:53:88:fa:
0f:3d:38:aa:5c:1b:6b:e6:e2:33:ec:5a:57:30:a4:
65:88:e1:bb:a1:7a:68:f4:30:2c:a5:2e:3d:1e:74:
12:56:07:b1:6c:3e:fe:5f:4b:c9:12:6a:bd:93:49:
ca:6d:99:bb:06:9c:0b:62:a2:cc:1c:a7:49:63:32:
90:59:2a:04:5a:8a:43:94:b4:1e:dc:e0:4b:42:13:
74:8a:e3:a1:62:0b:4f:bb:f7:eb:31:a9:f5:d5:11:
e3:9b:93:26:ea:ad:41:5f:a0:94:93:2b:ba:77:2e:
58:3b:46:08:f6:07:0b:04:9f:6b:c7:fb:6b:88:5a:
ff:a7:5b:87:10:2a:1b:09:1d:84:39:49:4e:5e:d2:
20:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:59:92:8C:2A:05:F5:BE:EA:5E:4C:CE:74:BB:03:A7:BF:E7:67:21
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/iFmSjCoF9b7qXkzOdLsDp7_nZyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.240.0/22
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
4d:6c:ef:22:0f:e3:a9:a2:94:97:13:d0:23:04:1b:a9:9a:8f:
35:1c:8e:d5:47:86:e6:bd:0c:ee:91:3d:5f:b9:45:83:96:7f:
b2:86:13:4c:f9:f5:fd:29:13:dc:a7:f3:d2:d6:6e:2d:b5:95:
3f:59:43:66:c8:f2:25:39:ab:5d:4f:e9:9c:67:57:6d:55:c7:
ad:3c:f9:5d:24:8e:7c:c5:08:57:8d:56:57:cf:7b:df:47:2e:
0c:11:05:c4:21:8b:26:53:9a:5e:69:43:04:1a:b8:9a:f6:91:
46:e1:ca:96:2d:e4:ac:d4:48:ed:d2:5b:d4:4f:00:10:11:57:
1a:d5:65:d7:b0:1b:41:9a:98:4b:1a:66:54:0c:cb:08:23:d2:
e3:29:1a:0a:fb:6d:e0:15:50:2c:41:2e:72:0d:ed:d1:6a:45:
7d:f6:96:88:b5:2d:e5:a6:96:a4:88:70:77:6b:f5:ff:ae:56:
48:25:cd:0c:0f:5e:3b:c2:55:aa:fa:7a:5e:69:92:02:74:6c:
e1:79:fd:9b:89:7d:1e:cb:bb:78:0d:59:89:31:71:e2:6e:9a:
9e:a0:a4:b2:22:74:e3:3b:c9:af:4c:3a:d9:7d:89:e5:8c:c0:
f3:5c:89:d6:5f:28:42:a6:3f:58:3d:fe:92:85:fb:8d:51:b8:
67:20:42:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYPHuuNbqPPgb2Yn/B+oI7IBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIxMDExMTU0NzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODU5OTI4YzJhMDVmNWJlZWE1ZTRjY2U3NGJiMDNhN2JmZTc2NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi049oHvEcvctSwJLhM3ampIJy6fg
+/CDSVMYp4m5yCEsZKt6Z2U5ms/gtWJYdjbrwJlK8m+19ckg8uEhD/ljrXm8IHpl
oc8SPKpBgrAbNHaUCgX0uRrS6twRnI6jeTGG5JCo8/vCBiKFBA/29vJFMpRCF/NT
iPoPPTiqXBtr5uIz7FpXMKRliOG7oXpo9DAspS49HnQSVgexbD7+X0vJEmq9k0nK
bZm7BpwLYqLMHKdJYzKQWSoEWopDlLQe3OBLQhN0iuOhYgtPu/frMan11RHjm5Mm
6q1BX6CUkyu6dy5YO0YI9gcLBJ9rx/triFr/p1uHECobCR2EOUlOXtIg8QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIhZkowqBfW+6l5MznS7A6e/52chMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvaUZtU2pDb0Y5YjdxWGt6T2RMc0RwN19uWnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQBW5XKMAwD
BABbld0DBAVblcADBAFblegDBAJblfAwCwMEAFuV/QMDAVuUMA0GCSqGSIb3DQEB
CwUAA4IBAQBNbO8iD+OpopSXE9AjBBupmo81HI7VR4bmvQzukT1fuUWDln+yhhNM
+fX9KRPcp/PS1m4ttZU/WUNmyPIlOatdT+mcZ1dtVcetPPldJI58xQhXjVZXz3vf
Ry4MEQXEIYsmU5peaUMEGria9pFG4cqWLeSs1Ejt0lvUTwAQEVca1WXXsBtBmphL
GmZUDMsII9LjKRoK+23gFVAsQS5yDe3RakV99paItS3lppakiHB3a/X/rlZIJc0M
D147wlWq+npeaZICdGzhef2biX0ey7t4DVmJMXHibpqeoKSyInTjO8mvTDrZfYnl
jMDzXInWXyhCpj9YPf6ShfuNUbhnIELy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org