Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/494455-1d2e-4e2b-8f0e-9a0cfce878a4/1/y9vSQbVVBtQTqFDAkBJdGTBFS8I.roa
File: y9vSQbVVBtQTqFDAkBJdGTBFS8I.roa (raw, json)
Hash identifier: poNNm7qIe0b8+vO4akybhKFlRtuRj2wNuGXekpfm7aQ=
Subject key identifier: CB:DB:D2:41:B5:55:06:D4:13:A8:50:C0:90:12:5D:19:30:45:4B:C2
Certificate issuer: /CN=42f48f7fae012916a775d5e3b6fa231098343ea0
Certificate serial: 042F7CEA
Authority key identifier: 42:F4:8F:7F:AE:01:29:16:A7:75:D5:E3:B6:FA:23:10:98:34:3E:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvSPf64BKRanddXjtvojEJg0PqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/494455-1d2e-4e2b-8f0e-9a0cfce878a4/1/y9vSQbVVBtQTqFDAkBJdGTBFS8I.roa
Signing time: Thu 19 May 2022 10:03:30 +0000
ROA not before: Thu 19 May 2022 10:03:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34304
IP address blocks: 86.107.58.0/23 maxlen: 23
86.107.57.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
86.107.63.0/24 maxlen: 24
86.107.60.0/23 maxlen: 23
193.138.192.0/22 maxlen: 22
89.47.0.0/24 maxlen: 24
89.47.8.0/24 maxlen: 24
89.47.9.0/24 maxlen: 24
89.47.14.0/24 maxlen: 24
89.47.12.0/24 maxlen: 24
89.35.224.0/24 maxlen: 24
89.35.229.0/24 maxlen: 24
89.35.232.0/24 maxlen: 24
89.35.236.0/24 maxlen: 24
89.35.234.0/23 maxlen: 23
89.35.238.0/23 maxlen: 23
2a05:8880::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70221034 (0x42f7cea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f48f7fae012916a775d5e3b6fa231098343ea0
Validity
Not Before: May 19 10:03:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbdbd241b55506d413a850c090125d1930454bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:5d:10:27:47:ff:19:e1:da:ac:1a:5a:9c:bf:
41:b4:33:e1:a4:9e:d1:3e:28:6d:f4:07:4f:12:9a:
b5:77:a0:d8:6e:cd:a7:68:a9:a2:36:91:93:d0:59:
ff:08:7f:89:ea:a3:52:c2:48:81:e8:12:3f:e1:ea:
85:8e:8a:cd:df:ca:f4:47:00:1c:a7:22:18:89:12:
30:d1:4c:ba:72:dc:b0:42:be:a2:8b:19:82:7a:c2:
d9:cd:df:c4:9c:79:4c:94:dc:6d:ca:d8:c6:70:43:
cd:c1:20:a6:18:a7:4d:14:1a:0e:da:85:1f:e1:fc:
9b:b2:68:ee:64:b6:14:52:0b:13:9b:bb:4d:4e:13:
36:31:af:b1:18:25:8a:83:40:bf:7e:91:d0:1b:c4:
23:16:f1:1d:c8:2e:c0:0a:7a:c6:c3:2c:ff:10:58:
10:e0:95:8e:34:92:b3:3a:3f:21:d9:dd:c6:a2:95:
83:d7:c7:06:dd:08:8d:66:86:47:31:60:ea:27:ad:
5d:7c:0f:3b:3b:e0:b4:c1:e2:43:73:30:28:0b:bc:
85:3b:bb:02:d6:44:ee:ab:70:f7:06:2b:b9:96:89:
38:58:af:ef:0e:9d:1e:7c:4a:71:66:b3:31:06:df:
63:d3:d3:12:43:20:61:94:5b:68:8d:dc:26:9e:95:
76:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DB:D2:41:B5:55:06:D4:13:A8:50:C0:90:12:5D:19:30:45:4B:C2
X509v3 Authority Key Identifier:
keyid:42:F4:8F:7F:AE:01:29:16:A7:75:D5:E3:B6:FA:23:10:98:34:3E:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvSPf64BKRanddXjtvojEJg0PqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/494455-1d2e-4e2b-8f0e-9a0cfce878a4/1/y9vSQbVVBtQTqFDAkBJdGTBFS8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/494455-1d2e-4e2b-8f0e-9a0cfce878a4/1/QvSPf64BKRanddXjtvojEJg0PqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.57.0-86.107.61.255
86.107.63.0/24
89.35.224.0/24
89.35.229.0/24
89.35.232.0/24
89.35.234.0-89.35.236.255
89.35.238.0/23
89.47.0.0/24
89.47.8.0/23
89.47.12.0/24
89.47.14.0/24
188.211.164.0/23
193.138.192.0/22
IPv6:
2a05:8880::/30
Signature Algorithm: sha256WithRSAEncryption
4a:97:b5:f2:6f:77:a9:5e:6f:8e:28:10:52:70:84:98:75:94:
a6:6f:63:25:f0:d1:a5:18:cd:18:d4:4d:4d:7a:6c:34:a3:56:
ee:10:22:cd:aa:78:7a:56:78:d2:e6:78:a6:34:34:ab:40:99:
10:29:4b:22:56:90:24:6b:d2:20:9d:a5:7e:41:8a:ef:3b:59:
37:b2:1a:24:0c:53:16:4f:9f:6e:4d:8f:22:26:a5:40:15:f8:
f5:96:39:18:40:e2:b2:e3:ce:c8:43:5f:79:d8:32:d1:7b:7f:
4e:b4:1a:55:c8:98:8f:12:09:04:d2:7a:df:5f:df:66:8a:b1:
28:d2:55:fd:17:d2:c5:3f:b6:4f:5f:4c:86:05:ae:c2:b5:bf:
dc:0f:69:0c:69:02:be:90:a6:f9:40:c4:2f:d8:82:84:54:15:
ad:06:8c:9b:47:91:3d:0d:79:09:25:cd:71:42:92:15:bb:db:
67:0c:7c:dd:f7:47:f2:f4:7e:d6:bc:c1:5b:b4:bb:46:4c:22:
f0:33:7d:59:1b:bb:ee:3a:42:a9:6f:0f:96:5e:d9:4c:31:90:
10:37:8d:bb:9e:88:2f:4f:2c:ea:c0:02:76:0c:ce:bf:de:63:
3e:a3:86:5e:c4:db:81:e0:a3:04:f8:17:56:5e:91:fc:fb:1e:
0c:b3:74:a6
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIEBC986jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmY0OGY3ZmFlMDEyOTE2YTc3NWQ1ZTNiNmZhMjMxMDk4MzQzZWEwMB4XDTIyMDUx
OTEwMDMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JkYmQyNDFiNTU1
MDZkNDEzYTg1MGMwOTAxMjVkMTkzMDQ1NGJjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONdECdH/xnh2qwaWpy/QbQz4aSe0T4obfQHTxKatXeg2G7N
p2ipojaRk9BZ/wh/ieqjUsJIgegSP+HqhY6Kzd/K9EcAHKciGIkSMNFMunLcsEK+
oosZgnrC2c3fxJx5TJTcbcrYxnBDzcEgphinTRQaDtqFH+H8m7Jo7mS2FFILE5u7
TU4TNjGvsRglioNAv36R0BvEIxbxHcguwAp6xsMs/xBYEOCVjjSSszo/IdndxqKV
g9fHBt0IjWaGRzFg6ietXXwPOzvgtMHiQ3MwKAu8hTu7AtZE7qtw9wYruZaJOFiv
7w6dHnxKcWazMQbfY9PTEkMgYZRbaI3cJp6VdssCAwEAAaOCAnEwggJtMB0GA1Ud
DgQWBBTL29JBtVUG1BOoUMCQEl0ZMEVLwjAfBgNVHSMEGDAWgBRC9I9/rgEpFqd1
1eO2+iMQmDQ+oDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F2U1BmNjRCS1JhbmRkWGp0dm9qRUpnMFBxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvNDk0NDU1LTFkMmUtNGUyYi04ZjBlLTlhMGNmY2U4NzhhNC8x
L3k5dlNRYlZWQnRRVHFGREFrQkpkR1RCRlM4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
NDk0NDU1LTFkMmUtNGUyYi04ZjBlLTlhMGNmY2U4NzhhNC8xL1F2U1BmNjRCS1Jh
bmRkWGp0dm9qRUpnMFBxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hgYIKwYBBQUHAQcBAf8EdzB1MGQEAgABMF4wDAMEAFZrOQMEAVZrPAMEAFZrPwME
AFkj4AMEAFkj5QMEAFkj6DAMAwQBWSPqAwQAWSPsAwQBWSPuAwQAWS8AAwQBWS8I
AwQAWS8MAwQAWS8OAwQBvNOkAwQCwYrAMA0EAgACMAcDBQIqBYiAMA0GCSqGSIb3
DQEBCwUAA4IBAQBKl7Xyb3epXm+OKBBScISYdZSmb2Ml8NGlGM0Y1E1Nemw0o1bu
ECLNqnh6VnjS5nimNDSrQJkQKUsiVpAka9IgnaV+QYrvO1k3shokDFMWT59uTY8i
JqVAFfj1ljkYQOKy487IQ1952DLRe39OtBpVyJiPEgkE0nrfX99mirEo0lX9F9LF
P7ZPX0yGBa7Ctb/cD2kMaQK+kKb5QMQv2IKEVBWtBoybR5E9DXkJJc1xQpIVu9tn
DHzd90fy9H7WvMFbtLtGTCLwM31ZG7vuOkKpbw+WXtlMMZAQN427nogvTyzqwAJ2
DM6/3mM+o4ZexNuB4KME+BdWXpH8+x4Ms3Sm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:33 2024 by rpki-client on console-ams.rpki-client.org