Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/IfyvfQaLggsaAVA59LyJvl-oqhQ.roa
File: IfyvfQaLggsaAVA59LyJvl-oqhQ.roa (raw, json)
Hash identifier: h/MO5dEXCix/yrutJXbqZeHMmHcF8M/8P9q2IcDF56U=
Subject key identifier: 21:FC:AF:7D:06:8B:82:0B:1A:01:50:39:F4:BC:89:BE:5F:A8:AA:14
Certificate issuer: /CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Certificate serial: 0A365276
Authority key identifier: FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/IfyvfQaLggsaAVA59LyJvl-oqhQ.roa
Signing time: Sat 16 Apr 2022 05:56:19 +0000
ROA not before: Sat 16 Apr 2022 05:56:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 91.188.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171332214 (0xa365276)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Validity
Not Before: Apr 16 05:56:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21fcaf7d068b820b1a015039f4bc89be5fa8aa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:97:5f:cf:2a:70:cf:bd:de:3c:2d:23:31:
66:a3:59:4c:0c:2a:e3:b2:51:96:3a:fe:72:fd:81:
df:d9:ef:12:52:22:6f:a6:33:d6:48:e3:40:a2:f0:
97:12:cc:b5:1e:f8:10:5c:4b:47:84:42:9f:b2:87:
63:67:da:76:f0:1a:c6:b9:3d:a8:a9:69:b7:ca:42:
84:7f:1b:97:ae:2c:4b:49:74:e8:cc:b5:4f:3c:41:
6a:31:d0:3f:8e:ed:3f:cf:2c:84:b4:79:55:8b:7d:
b5:e2:25:a4:2b:b3:69:51:6b:6e:83:33:06:60:b8:
bd:8b:20:29:b8:f5:0c:2c:4d:e5:6e:e7:73:08:1c:
44:1e:63:6a:3c:72:c6:d7:de:72:dc:f5:2f:e3:ae:
ff:ba:29:90:f9:df:e3:02:ee:12:42:32:7a:fd:58:
6c:78:6e:db:ea:90:c0:d2:cb:48:8f:21:b1:f3:eb:
53:79:f5:3e:b5:9b:3f:65:b3:62:2a:ee:b8:9a:40:
ab:ad:6c:d0:dc:ce:01:ce:76:7c:19:2a:ba:e2:e9:
ec:fa:22:d9:0a:9e:fa:ba:72:9c:31:98:58:e3:9c:
8e:8b:c6:34:8c:c5:25:92:a3:a4:20:d6:03:ce:2b:
7a:af:61:0b:42:aa:21:ab:c9:f5:f7:6e:3c:65:a3:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FC:AF:7D:06:8B:82:0B:1A:01:50:39:F4:BC:89:BE:5F:A8:AA:14
X509v3 Authority Key Identifier:
keyid:FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/IfyvfQaLggsaAVA59LyJvl-oqhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/_zbtM3WmqJXK3Ung7NQplFSzuJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.253.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:59:9e:ba:b3:63:ca:5f:3c:50:64:c7:32:4c:db:2f:59:76:
26:f5:75:aa:8a:42:eb:54:13:42:56:48:e3:05:c0:34:0a:3f:
71:44:0e:98:7f:8a:40:3d:dd:5a:d7:df:42:d3:42:e9:2f:74:
c1:3e:5d:83:36:29:5e:c4:43:5a:85:46:c7:f4:ac:63:72:5c:
27:d3:58:1f:ed:44:f9:22:9f:8e:1d:e4:7c:1b:a7:c7:8a:7a:
59:d6:0a:f6:fa:b7:f2:57:2a:7e:7a:fd:69:cf:ee:ab:bf:b5:
16:bc:f4:24:d3:02:e0:c1:f5:62:a5:d2:11:28:1f:e7:d7:4e:
84:ab:5b:68:33:5c:d7:0b:62:2c:50:ab:ac:49:0a:9e:17:e5:
dc:94:4e:b0:50:cd:7e:90:c4:f9:46:17:39:70:60:71:58:d5:
d3:b7:4d:0f:8b:fe:59:36:29:b0:77:dd:b4:cb:4f:1d:cd:84:
ee:da:60:10:06:64:8f:02:7b:41:d9:1f:de:94:e6:fb:27:10:
a9:5e:8e:6c:56:ec:8c:37:73:31:a1:cb:84:ba:94:e9:b6:54:
51:89:dc:db:07:9e:d2:7a:0d:a1:22:a0:87:83:f8:27:5a:24:
c1:b9:50:23:5a:02:66:be:19:b8:92:68:2c:e2:7c:fc:0e:aa:
c1:5e:f3:d3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECjZSdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjM2ZWQzMzc1YTZhODk1Y2FkZDQ5ZTBlY2Q0Mjk5NDU0YjNiODljMB4XDTIyMDQx
NjA1NTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFmY2FmN2QwNjhi
ODIwYjFhMDE1MDM5ZjRiYzg5YmU1ZmE4YWExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0Kl1/PKnDPvd48LSMxZqNZTAwq47JRljr+cv2B39nvElIi
b6Yz1kjjQKLwlxLMtR74EFxLR4RCn7KHY2fadvAaxrk9qKlpt8pChH8bl64sS0l0
6My1TzxBajHQP47tP88shLR5VYt9teIlpCuzaVFrboMzBmC4vYsgKbj1DCxN5W7n
cwgcRB5jajxyxtfectz1L+Ou/7opkPnf4wLuEkIyev1YbHhu2+qQwNLLSI8hsfPr
U3n1PrWbP2WzYiruuJpAq61s0NzOAc52fBkquuLp7Poi2Qqe+rpynDGYWOOcjovG
NIzFJZKjpCDWA84req9hC0KqIavJ9fduPGWjdw8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQh/K99BouCCxoBUDn0vIm+X6iqFDAfBgNVHSMEGDAWgBT/Nu0zdaaolcrd
SeDs1CmUVLO4nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196YnRNM1dtcUpYSzNVbmc3TlFwbEZTenVKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvM2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8x
L0lmeXZmUWFMZ2dzYUFWQTU5THlKdmwtb3FoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
M2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8xL196YnRNM1dtcUpY
SzNVbmc3TlFwbEZTenVKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFu8/TANBgkqhkiG9w0BAQsFAAOC
AQEAyVmeurNjyl88UGTHMkzbL1l2JvV1qopC61QTQlZI4wXANAo/cUQOmH+KQD3d
WtffQtNC6S90wT5dgzYpXsRDWoVGx/SsY3JcJ9NYH+1E+SKfjh3kfBunx4p6WdYK
9vq38lcqfnr9ac/uq7+1Frz0JNMC4MH1YqXSESgf59dOhKtbaDNc1wtiLFCrrEkK
nhfl3JROsFDNfpDE+UYXOXBgcVjV07dND4v+WTYpsHfdtMtPHc2E7tpgEAZkjwJ7
Qdkf3pTm+ycQqV6ObFbsjDdzMaHLhLqU6bZUUYnc2wee0noNoSKgh4P4J1okwblQ
I1oCZr4ZuJJoLOJ8/A6qwV7z0w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:25 2023 by rpki-client on console-ams.rpki-client.org