Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/3OB5DmlNHF4Po2jw1lvZjXgLQ3c.roa
File: 3OB5DmlNHF4Po2jw1lvZjXgLQ3c.roa (raw, json)
Hash identifier: qwE2+XcP84j8U18BTCDYjGPosaWFY0Jsxks6sEJ+plo=
Subject key identifier: DC:E0:79:0E:69:4D:1C:5E:0F:A3:68:F0:D6:5B:D9:8D:78:0B:43:77
Certificate issuer: /CN=537b37656cd14d488a70512921875717a0d910b6
Certificate serial: 01856F6705B7E097A4029AA730AE9B32641A
Authority key identifier: 53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/3OB5DmlNHF4Po2jw1lvZjXgLQ3c.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12345
IP address blocks: 91.240.163.0/24 maxlen: 24
178.239.20.0/24 maxlen: 24
178.239.21.0/24 maxlen: 24
91.240.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:05:b7:e0:97:a4:02:9a:a7:30:ae:9b:32:64:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537b37656cd14d488a70512921875717a0d910b6
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce0790e694d1c5e0fa368f0d65bd98d780b4377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:79:5e:68:3e:07:e6:69:64:2e:62:55:04:c9:
e1:22:75:c7:99:cb:26:8d:fb:8b:0d:ec:8c:09:3e:
8c:83:1b:ec:e5:7f:9b:f0:df:03:8b:7e:ca:7c:85:
0a:60:fc:2c:3d:76:77:a4:1a:b4:5d:8e:8e:f2:16:
88:5b:c6:c9:52:ea:b3:2a:53:29:81:1f:07:c8:65:
9a:04:5f:c8:5d:db:04:b8:b1:8e:44:d3:9f:5b:24:
86:c9:a3:a1:20:9c:08:31:02:4e:00:23:8d:8c:fa:
0e:ec:8c:e3:64:ab:cf:84:73:21:04:5d:56:ac:5d:
1a:1c:95:6b:e1:d8:05:a7:70:12:3e:c0:6c:9b:41:
c1:0b:ad:56:bd:26:24:6a:a9:cb:0e:d7:64:23:8b:
48:3d:64:5c:32:7c:ac:37:73:a4:43:dc:77:13:d0:
a4:92:ad:8b:49:9a:ed:e6:f9:ad:88:c4:c2:2a:26:
21:aa:f7:f3:cc:94:e3:67:62:5f:53:30:9f:41:ee:
bd:07:b3:d0:cd:00:35:67:98:f0:17:79:33:8e:75:
75:af:22:2e:26:23:79:f6:66:fc:48:31:e6:9b:d2:
88:2f:ec:01:8b:83:d0:a5:d1:38:4e:0f:56:66:72:
41:ed:58:fe:b6:41:e5:6c:f0:c2:14:86:3b:2d:e7:
d0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E0:79:0E:69:4D:1C:5E:0F:A3:68:F0:D6:5B:D9:8D:78:0B:43:77
X509v3 Authority Key Identifier:
keyid:53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/3OB5DmlNHF4Po2jw1lvZjXgLQ3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/U3s3ZWzRTUiKcFEpIYdXF6DZELY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.128.0/24
91.240.163.0/24
178.239.20.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:05:2e:82:c9:ee:9c:94:b0:5b:7a:52:aa:dc:a0:94:14:08:
bb:ed:b5:f1:75:fd:74:ae:d0:e3:92:cd:7d:73:b7:b3:f2:90:
1c:96:c5:5c:28:03:59:d0:67:29:ad:63:ca:66:16:00:c5:57:
2c:8e:da:3b:76:99:f2:d3:96:b0:43:26:7b:d1:98:a4:db:2b:
1a:8c:c0:a6:92:77:1b:20:76:78:4d:00:00:13:79:23:b1:8b:
9b:8b:b4:08:d6:5c:c1:a9:9e:ec:5d:a9:65:d3:fb:da:6e:9d:
69:01:ed:a3:e4:d6:a5:b3:26:14:54:b0:d1:8b:b6:b3:51:0d:
71:1b:1c:48:a6:e6:e6:68:e3:26:7e:8f:97:51:f0:53:a9:16:
c1:4b:56:a4:0f:7b:b3:b8:49:b6:4f:b2:8f:c7:bc:0c:8b:11:
8a:f5:7c:2b:ed:04:c0:5e:7c:03:2b:a3:f7:18:5e:d7:bb:7b:
6c:0a:1d:10:db:e9:a5:91:35:ee:55:30:51:44:30:b2:7a:eb:
b2:86:09:39:e5:42:9f:8f:f6:18:43:85:8c:cc:c7:2a:d6:35:
66:cd:9a:33:b6:36:2c:3c:c8:d7:57:cc:8a:83:3b:0e:cb:b7:
7f:57:a6:fe:a3:15:06:3c:71:22:5c:82:a8:5a:d0:8a:1f:6d:
b1:5a:e3:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZwW34JekApqnMK6bMmQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2IzNzY1NmNkMTRkNDg4YTcwNTEyOTIxODc1NzE3YTBk
OTEwYjYwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UwNzkwZTY5NGQxYzVlMGZhMzY4ZjBkNjViZDk4ZDc4MGI0Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXleaD4H5mlkLmJVBMnhInXHmcsm
jfuLDeyMCT6Mgxvs5X+b8N8Di37KfIUKYPwsPXZ3pBq0XY6O8haIW8bJUuqzKlMp
gR8HyGWaBF/IXdsEuLGORNOfWySGyaOhIJwIMQJOACONjPoO7IzjZKvPhHMhBF1W
rF0aHJVr4dgFp3ASPsBsm0HBC61WvSYkaqnLDtdkI4tIPWRcMnysN3OkQ9x3E9Ck
kq2LSZrt5vmtiMTCKiYhqvfzzJTjZ2JfUzCfQe69B7PQzQA1Z5jwF3kzjnV1ryIu
JiN59mb8SDHmm9KIL+wBi4PQpdE4Tg9WZnJB7Vj+tkHlbPDCFIY7LefQNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNzgeQ5pTRxeD6No8NZb2Y14C0N3MB8GA1UdIwQY
MBaAFFN7N2Vs0U1IinBRKSGHVxeg2RC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUt
Zjk4OTViYjg1ZmIxLzEvM09CNURtbE5IRjRQbzJqdzFsdlpqWGdMUTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUtZjk4OTViYjg1ZmIx
LzEvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/CAAwQA
W/CjAwQBsu8UMA0GCSqGSIb3DQEBCwUAA4IBAQDABS6Cye6clLBbelKq3KCUFAi7
7bXxdf10rtDjks19c7ez8pAclsVcKANZ0GcprWPKZhYAxVcsjto7dpny05awQyZ7
0Zik2ysajMCmkncbIHZ4TQAAE3kjsYubi7QI1lzBqZ7sXall0/vabp1pAe2j5Nal
syYUVLDRi7azUQ1xGxxIpubmaOMmfo+XUfBTqRbBS1akD3uzuEm2T7KPx7wMixGK
9Xwr7QTAXnwDK6P3GF7Xu3tsCh0Q2+mlkTXuVTBRRDCyeuuyhgk55UKfj/YYQ4WM
zMcq1jVmzZoztjYsPMjXV8yKgzsOy7d/V6b+oxUGPHEiXIKoWtCKH22xWuMH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org