Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/03ntk5hpQIxcH8rUDk08bD7rGMI.roa
File: 03ntk5hpQIxcH8rUDk08bD7rGMI.roa (raw, json)
Hash identifier: Rmlxucnni7Osa6FpHx/DyFRtfW6yeAd3X6Q+JSpVO9g=
Subject key identifier: D3:79:ED:93:98:69:40:8C:5C:1F:CA:D4:0E:4D:3C:6C:3E:EB:18:C2
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 018287B774ADEE221292BC9672DA1A1800C2
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/03ntk5hpQIxcH8rUDk08bD7rGMI.roa
Signing time: Wed 10 Aug 2022 12:25:23 +0000
ROA not before: Wed 10 Aug 2022 12:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 84.46.171.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.15.0/24 maxlen: 24
82.140.182.0/24 maxlen: 24
89.117.38.0/24 maxlen: 24
86.38.7.0/24 maxlen: 24
89.116.96.0/24 maxlen: 24
86.38.151.0/24 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.124.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.117.136.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:87:b7:74:ad:ee:22:12:92:bc:96:72:da:1a:18:00:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 12:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d379ed939869408c5c1fcad40e4d3c6c3eeb18c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:f8:a1:20:59:b2:9f:29:b9:90:74:b6:c1:
f5:21:35:14:23:dc:6f:24:c0:c2:08:41:a0:6a:62:
26:20:fa:80:d6:f4:20:48:a0:4c:a7:8a:ed:a5:41:
1d:22:73:5f:28:de:dc:3b:7a:6b:df:33:68:35:7d:
af:30:7b:c1:53:e7:ea:8c:05:d4:a0:4a:91:19:bc:
88:73:3c:04:ee:82:84:ea:76:e4:9e:e6:ee:1b:a5:
6e:aa:3e:ac:4f:b8:21:eb:58:d1:3d:69:79:c5:af:
66:5c:06:b1:fd:67:81:50:03:f7:d4:1c:f4:9e:da:
39:56:34:5b:16:48:b6:40:db:5f:1d:8a:e1:46:d8:
85:bd:01:f7:27:62:01:29:79:d5:ff:fa:ef:78:f5:
09:b1:56:69:e1:01:45:d5:07:12:b6:43:b5:24:64:
ea:6e:d0:f3:8d:77:66:90:8d:ea:35:17:7e:5d:9c:
dc:89:95:c5:0a:f4:99:f0:bb:02:d5:48:56:e5:3e:
1d:32:57:a2:c7:fc:89:27:33:4d:f0:7d:10:00:cf:
31:8d:22:33:87:09:12:61:83:46:52:36:25:74:63:
a0:6b:a8:53:02:5b:06:03:b6:ff:80:a2:b3:16:84:
dc:83:4d:d8:13:0e:6b:a6:41:03:95:16:00:60:eb:
1d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:ED:93:98:69:40:8C:5C:1F:CA:D4:0E:4D:3C:6C:3E:EB:18:C2
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/03ntk5hpQIxcH8rUDk08bD7rGMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/24
84.46.171.0/24
86.38.7.0/24
86.38.151.0/24
89.116.96.0/24
89.116.168.0/24
89.116.193.0/24
89.117.6.0/23
89.117.15.0/24
89.117.38.0/24
89.117.118.0/24
89.117.124.0/24
89.117.136.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:ca:22:2e:86:40:7a:97:24:55:f9:df:e9:32:bf:0f:92:41:
4f:79:eb:39:76:09:ca:f5:08:50:1f:3d:ff:d8:f8:f8:76:e9:
c1:42:fc:d6:e2:9c:f7:f8:98:eb:e2:44:25:90:b4:fa:34:4c:
f8:69:d8:04:e2:09:70:3f:9d:08:fb:0b:8c:a1:ff:e3:37:92:
97:50:92:0b:7c:f8:45:c8:56:9e:92:91:64:7d:be:25:3d:d2:
67:d5:01:2f:3f:69:bb:60:7d:85:c6:33:fa:84:53:ad:08:11:
07:7b:a6:e7:20:ce:82:e3:4d:e4:a0:49:a0:35:b3:b8:a2:2d:
78:fb:6c:9d:c5:7e:aa:68:92:d9:c8:50:d0:f3:ae:81:c9:d5:
5b:dc:eb:f5:43:4d:14:c5:11:71:78:81:09:98:c9:3f:3a:97:
26:34:05:c5:17:40:d3:a7:52:d7:0e:3d:9e:cd:49:e5:30:c5:
c8:0b:ca:ac:fb:5b:bd:a9:29:3b:58:96:5f:11:28:32:f1:6b:
02:de:67:69:32:e2:b4:b4:5a:05:3b:61:3c:db:72:5a:86:44:
53:ea:08:f0:56:ac:61:7c:dc:be:5d:25:8c:3f:b6:de:ca:00:
41:66:9a:4b:61:58:da:62:dd:be:c6:1f:56:b9:90:01:f6:5c:
b8:a5:20:8e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYKHt3St7iISkryWctoaGADCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMTIyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc5ZWQ5Mzk4Njk0MDhjNWMxZmNhZDQwZTRkM2M2YzNlZWIxOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAr4oSBZsp8puZB0tsH1ITUUI9xv
JMDCCEGgamImIPqA1vQgSKBMp4rtpUEdInNfKN7cO3pr3zNoNX2vMHvBU+fqjAXU
oEqRGbyIczwE7oKE6nbknubuG6Vuqj6sT7gh61jRPWl5xa9mXAax/WeBUAP31Bz0
nto5VjRbFki2QNtfHYrhRtiFvQH3J2IBKXnV//rvePUJsVZp4QFF1QcStkO1JGTq
btDzjXdmkI3qNRd+XZzciZXFCvSZ8LsC1UhW5T4dMleix/yJJzNN8H0QAM8xjSIz
hwkSYYNGUjYldGOga6hTAlsGA7b/gKKzFoTcg03YEw5rpkEDlRYAYOsdbwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNN57ZOYaUCMXB/K1A5NPGw+6xjCMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvMDNudGs1aHBRSXhjSDhyVURrMDhiRDdyR01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAUoy2AwQA
VC6rAwQAViYHAwQAViaXAwQAWXRgAwQAWXSoAwQAWXTBAwQBWXUGAwQAWXUPAwQA
WXUmAwQAWXV2AwQAWXV8AwQAWXWIMA0GCSqGSIb3DQEBCwUAA4IBAQDNyiIuhkB6
lyRV+d/pMr8PkkFPees5dgnK9QhQHz3/2Pj4dunBQvzW4pz3+Jjr4kQlkLT6NEz4
adgE4glwP50I+wuMof/jN5KXUJILfPhFyFaekpFkfb4lPdJn1QEvP2m7YH2FxjP6
hFOtCBEHe6bnIM6C403koEmgNbO4oi14+2ydxX6qaJLZyFDQ866BydVb3Ov1Q00U
xRFxeIEJmMk/OpcmNAXFF0DTp1LXDj2ezUnlMMXIC8qs+1u9qSk7WJZfESgy8WsC
3mdpMuK0tFoFO2E823JahkRT6gjwVqxhfNy+XSWMP7beygBBZppLYVjaYt2+xh9W
uZAB9ly4pSCO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org