Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/j9idzAc2JnKjnQOpaY7q9RNX58U.roa
File: j9idzAc2JnKjnQOpaY7q9RNX58U.roa (raw, json)
Hash identifier: veQ82DiwAycy15JNEW1sM0AR/Dn0/BZeVhIEsTpSTHM=
Subject key identifier: 8F:D8:9D:CC:07:36:26:72:A3:9D:03:A9:69:8E:EA:F5:13:57:E7:C5
Certificate issuer: /CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Certificate serial: 018234875FAB3F0FE78B1358C2BB9D57CB1C
Authority key identifier: A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/j9idzAc2JnKjnQOpaY7q9RNX58U.roa
Signing time: Mon 25 Jul 2022 08:44:23 +0000
ROA not before: Mon 25 Jul 2022 08:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 91.149.200.0/24 maxlen: 24
91.149.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:87:5f:ab:3f:0f:e7:8b:13:58:c2:bb:9d:57:cb:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a67850e571f3f2aca2c1ec1d7e502d9bd184c45c
Validity
Not Before: Jul 25 08:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fd89dcc07362672a39d03a9698eeaf51357e7c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8a:b8:17:bf:15:8e:81:cb:43:67:cd:2c:54:
0a:08:02:7b:ae:5a:d3:53:f8:23:43:27:f8:1f:1b:
9b:20:12:b7:c8:ee:02:6f:d4:c3:38:02:5a:66:48:
56:fe:2c:95:18:9b:e9:6e:77:72:d9:f5:a2:80:e0:
9c:cc:f2:bb:5a:01:2b:98:8f:c0:b3:80:f3:fd:62:
b7:8a:f3:a5:27:d7:f3:07:4a:f8:10:1c:c6:c2:12:
31:c4:4a:ac:e2:06:30:15:2e:a5:b4:73:dd:7a:0f:
5e:c4:54:97:b5:6b:f8:83:45:7c:b9:62:7a:87:0a:
da:2a:54:2c:5f:a3:7b:00:df:71:6d:d0:06:a2:f3:
a3:9e:19:41:16:4e:a7:34:42:84:e9:b5:32:dc:93:
57:f2:c5:6d:c6:c1:e8:36:69:b6:f1:8e:73:5b:98:
1e:76:f3:59:12:6c:dd:1a:92:1b:19:b3:61:ac:05:
95:23:54:72:ba:66:fa:8b:e5:70:6b:d7:6e:1d:b7:
bd:5d:03:dd:d3:47:fe:97:5d:f1:a8:fd:31:b2:9b:
86:3a:13:df:cb:4d:57:7a:2a:71:75:84:c1:be:26:
6e:d0:7d:c1:a6:24:c7:d9:34:fb:42:60:e5:51:d2:
6d:34:10:0a:af:20:37:59:4d:54:e9:5f:9d:f4:11:
d5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D8:9D:CC:07:36:26:72:A3:9D:03:A9:69:8E:EA:F5:13:57:E7:C5
X509v3 Authority Key Identifier:
keyid:A6:78:50:E5:71:F3:F2:AC:A2:C1:EC:1D:7E:50:2D:9B:D1:84:C4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhQ5XHz8qyiwewdflAtm9GExFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/j9idzAc2JnKjnQOpaY7q9RNX58U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3309b5-f93f-4c62-8dce-b0c151e516cf/1/pnhQ5XHz8qyiwewdflAtm9GExFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.200.0/24
91.149.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:4f:04:26:08:b5:1c:0f:2c:ca:4b:b1:dc:30:f2:7a:55:8a:
34:8a:27:cd:c1:da:71:5a:fd:bb:5f:9c:61:73:2b:39:e6:40:
0c:f1:10:e9:55:f5:87:76:e7:24:0c:7b:19:46:89:5d:6b:58:
77:0b:19:e5:4c:c6:30:a8:37:5f:56:f0:97:85:24:97:a0:5f:
06:c5:9c:ed:89:2c:32:95:5c:0c:6b:69:2c:16:f5:d0:49:b2:
ed:cd:94:92:b9:5a:20:1b:df:e4:f1:e4:f5:f4:9a:4d:1b:4d:
26:02:11:4b:16:ca:f2:1f:83:c8:cd:60:b2:c5:a2:9e:a6:f3:
43:d4:fd:99:b7:02:7d:5b:ff:e1:b2:48:e3:51:f0:28:2c:53:
5e:99:a5:a9:8f:1c:76:97:d5:3e:d6:1d:d7:f0:c5:4a:c2:85:
42:b7:6d:70:5c:33:ca:3f:e8:d6:de:79:a8:fe:26:c9:f3:23:
fe:c6:9d:07:3d:d8:9d:a4:3b:44:be:46:98:48:e2:c7:fd:5f:
9f:74:6f:81:c0:ed:66:71:d0:44:26:fb:99:9d:20:0b:d0:2d:
2c:1d:1d:31:eb:8e:d2:4e:bf:a4:e0:02:79:7d:d1:7b:15:85:
86:cd:0a:8e:5f:d5:b5:a7:61:77:a7:47:1c:39:d0:be:8b:ff:
d9:7c:a8:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI0h1+rPw/nixNYwrudV8scMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1MGU1NzFmM2YyYWNhMmMxZWMxZDdlNTAyZDliZDE4
NGM0NWMwHhcNMjIwNzI1MDg0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ4OWRjYzA3MzYyNjcyYTM5ZDAzYTk2OThlZWFmNTEzNTdlN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoq4F78VjoHLQ2fNLFQKCAJ7rlrT
U/gjQyf4HxubIBK3yO4Cb9TDOAJaZkhW/iyVGJvpbndy2fWigOCczPK7WgErmI/A
s4Dz/WK3ivOlJ9fzB0r4EBzGwhIxxEqs4gYwFS6ltHPdeg9exFSXtWv4g0V8uWJ6
hwraKlQsX6N7AN9xbdAGovOjnhlBFk6nNEKE6bUy3JNX8sVtxsHoNmm28Y5zW5ge
dvNZEmzdGpIbGbNhrAWVI1Ryumb6i+Vwa9duHbe9XQPd00f+l13xqP0xspuGOhPf
y01XeipxdYTBviZu0H3BpiTH2TT7QmDlUdJtNBAKryA3WU1U6V+d9BHV2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI/YncwHNiZyo50DqWmO6vUTV+fFMB8GA1UdIwQY
MBaAFKZ4UOVx8/KsosHsHX5QLZvRhMRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2Ut
YjBjMTUxZTUxNmNmLzEvajlpZHpBYzJKbktqblFPcGFZN3E5Uk5YNThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zMzA5YjUtZjkzZi00YzYyLThkY2UtYjBjMTUxZTUxNmNm
LzEvcG5oUTVYSHo4cXlpd2V3ZGZsQXRtOUdFeEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW5XIAwQC
W5XkMA0GCSqGSIb3DQEBCwUAA4IBAQA8TwQmCLUcDyzKS7HcMPJ6VYo0iifNwdpx
Wv27X5xhcys55kAM8RDpVfWHduckDHsZRolda1h3CxnlTMYwqDdfVvCXhSSXoF8G
xZztiSwylVwMa2ksFvXQSbLtzZSSuVogG9/k8eT19JpNG00mAhFLFsryH4PIzWCy
xaKepvND1P2ZtwJ9W//hskjjUfAoLFNemaWpjxx2l9U+1h3X8MVKwoVCt21wXDPK
P+jW3nmo/ibJ8yP+xp0HPdidpDtEvkaYSOLH/V+fdG+BwO1mcdBEJvuZnSAL0C0s
HR0x647STr+k4AJ5fdF7FYWGzQqOX9W1p2F3p0ccOdC+i//ZfKjH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:58 2025 by rpki-client