Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2XdeLkUmpT1xk-Fur9w3m0d3ckw.roa
File: 2XdeLkUmpT1xk-Fur9w3m0d3ckw.roa (raw, json)
Hash identifier: 6+hXLXLs9K0zhoyMKgVXPvtnBcmES1gFaun7vOWtk/A=
Subject key identifier: D9:77:5E:2E:45:26:A5:3D:71:93:E1:6E:AF:DC:37:9B:47:77:72:4C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183E56BD5A699008BF45EA3E924A2C9EFE4
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2XdeLkUmpT1xk-Fur9w3m0d3ckw.roa
Signing time: Mon 17 Oct 2022 10:09:52 +0000
ROA not before: Mon 17 Oct 2022 10:09:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:6b:d5:a6:99:00:8b:f4:5e:a3:e9:24:a2:c9:ef:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 17 10:09:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9775e2e4526a53d7193e16eafdc379b4777724c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:12:d6:62:7b:04:95:4e:1c:b7:e5:76:35:
aa:e9:66:0b:7c:7f:77:8d:63:08:3e:e7:82:10:91:
41:0d:be:e7:34:59:6b:56:81:9a:2e:26:a1:a8:2e:
4b:92:97:ff:df:bd:7d:43:04:fd:4f:8e:dc:4b:85:
6b:a2:a5:9d:21:99:fd:27:03:e5:29:b3:f7:ab:be:
c6:e2:d4:7b:7e:8c:66:2c:ff:c8:19:0c:00:b8:cd:
02:df:f7:14:e0:59:c2:88:1a:e8:2d:4b:89:28:6a:
0d:74:42:80:71:de:6a:f7:6b:ab:16:de:d0:9e:9a:
63:03:8d:82:07:8b:b1:72:c6:19:7e:37:3b:f8:ab:
0c:c8:bb:95:77:30:54:45:8b:de:02:d2:b8:96:3d:
de:a5:b8:22:c4:a9:ec:6a:96:e6:bd:ea:31:e3:b5:
78:55:f8:dd:91:96:b9:aa:5b:ba:1e:62:be:86:62:
7a:ac:2d:79:03:94:de:a2:9a:c3:fe:f1:fa:3a:91:
9d:d7:7c:44:99:f0:8c:8c:ec:fb:0e:72:cf:09:ea:
0a:42:e1:af:b5:f0:ae:5e:03:22:78:69:c6:16:16:
dc:fe:4b:5f:55:fa:c5:13:75:81:ee:a5:90:02:32:
be:88:24:ac:bb:12:45:64:b0:5f:ab:91:8e:6b:ea:
0c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:77:5E:2E:45:26:A5:3D:71:93:E1:6E:AF:DC:37:9B:47:77:72:4C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2XdeLkUmpT1xk-Fur9w3m0d3ckw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.210.0/23
89.116.252.0/24
89.117.8.0/23
89.117.32.0/23
89.117.94.0/23
89.117.116.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
15:67:e3:59:f3:41:1e:7a:3a:69:5c:6d:16:e4:75:b5:ef:27:
31:9d:72:6e:99:0b:72:4f:d8:71:99:9f:25:93:43:75:8d:f6:
12:46:14:e1:80:a6:e9:bd:26:6c:be:e3:5e:db:6e:ca:2f:b3:
4d:b8:ae:c9:b3:e5:8e:d1:1c:34:11:fc:83:03:bb:c3:e2:62:
81:32:f4:31:bb:7f:3e:59:de:89:1b:a3:ca:70:c8:78:2a:31:
aa:cd:46:e5:aa:92:59:6e:57:c9:92:9c:98:7e:52:c2:dc:f2:
15:30:0c:b0:a5:69:ac:da:9a:74:91:0c:6b:83:24:53:a1:2e:
f8:8b:25:34:fc:14:09:d6:89:0b:8c:d8:aa:f8:b6:21:fe:aa:
26:3f:84:a5:66:c0:29:3e:d9:89:a1:5c:9b:77:8b:c3:0a:40:
be:55:a3:31:be:a0:94:25:23:93:25:99:1d:16:60:ae:50:9e:
f7:e9:7a:f9:1d:61:df:68:47:ad:8a:3a:46:38:47:02:e6:87:
2b:4b:ec:40:5d:bf:0f:a0:16:0e:6a:31:fc:da:fa:ee:dc:fc:
01:c2:da:ef:e0:88:2c:0f:8d:6e:54:c4:98:5a:ec:7c:35:fe:
54:b5:2c:87:49:67:42:7f:70:ca:19:15:8c:17:87:f6:47:ca:
bb:f2:f4:14
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYPla9WmmQCL9F6j6SSiye/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDE3MTAwOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc3NWUyZTQ1MjZhNTNkNzE5M2UxNmVhZmRjMzc5YjQ3Nzc3MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+4S1mJ7BJVOHLfldjWq6WYLfH93
jWMIPueCEJFBDb7nNFlrVoGaLiahqC5Lkpf/3719QwT9T47cS4VroqWdIZn9JwPl
KbP3q77G4tR7foxmLP/IGQwAuM0C3/cU4FnCiBroLUuJKGoNdEKAcd5q92urFt7Q
nppjA42CB4uxcsYZfjc7+KsMyLuVdzBURYveAtK4lj3epbgixKnsapbmveox47V4
VfjdkZa5qlu6HmK+hmJ6rC15A5TeoprD/vH6OpGd13xEmfCMjOz7DnLPCeoKQuGv
tfCuXgMieGnGFhbc/ktfVfrFE3WB7qWQAjK+iCSsuxJFZLBfq5GOa+oM7QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFNl3Xi5FJqU9cZPhbq/cN5tHd3JMMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvMlhkZUxrVW1wVDF4ay1GdXI5dzNtMGQzY2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAFW
JrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZdJYDBABZ
dKEDBABZdKMDBABZdKYDBAFZdNIDBABZdPwDBAFZdQgDBAFZdSADBAFZdV4DBAFZ
dXQDBABZdb4DBABZdd4DBAFZdeQDBABZdfUDBABZdfowDQYJKoZIhvcNAQELBQAD
ggEBABVn41nzQR56OmlcbRbkdbXvJzGdcm6ZC3JP2HGZnyWTQ3WN9hJGFOGApum9
Jmy+417bbsovs024rsmz5Y7RHDQR/IMDu8PiYoEy9DG7fz5Z3okbo8pwyHgqMarN
RuWqklluV8mSnJh+UsLc8hUwDLClaazamnSRDGuDJFOhLviLJTT8FAnWiQuM2Kr4
tiH+qiY/hKVmwCk+2YmhXJt3i8MKQL5VozG+oJQlI5MlmR0WYK5QnvfpevkdYd9o
R62KOkY4RwLmhytL7EBdvw+gFg5qMfza+u7c/AHC2u/giCwPjW5UxJha7Hw1/lS1
LIdJZ0J/cMoZFYwXh/ZHyrvy9BQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org