Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9jOrrw0R8lO8kOadeNQk65FXODg.roa
File: 9jOrrw0R8lO8kOadeNQk65FXODg.roa (raw, json)
Hash identifier: AJ2cne2nE3pkD/vQME/YbzvXWzy5X72wnWTW7gADYE0=
Subject key identifier: F6:33:AB:AF:0D:11:F2:53:BC:90:E6:9D:78:D4:24:EB:91:57:38:38
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183952404FFCBB5C4AAD5252467792841D8
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9jOrrw0R8lO8kOadeNQk65FXODg.roa
Signing time: Sat 01 Oct 2022 20:01:49 +0000
ROA not before: Sat 01 Oct 2022 20:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 89.117.70.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.116.146.0/23 maxlen: 24
89.116.148.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.226.0/23 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:95:24:04:ff:cb:b5:c4:aa:d5:25:24:67:79:28:41:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 1 20:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f633abaf0d11f253bc90e69d78d424eb91573838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:8e:38:b1:0b:16:83:91:5e:61:43:49:ae:
56:c9:d6:79:11:83:da:eb:35:e9:6c:5c:71:f9:7c:
58:44:a3:02:e9:47:4a:a2:06:29:e8:fd:bb:0a:a8:
ef:70:39:e0:eb:cc:2f:71:ad:a6:83:a4:10:7f:93:
59:a0:3f:ca:01:5d:ef:8a:1f:69:3f:89:25:ee:d2:
66:1d:d4:8c:c5:65:4c:f8:51:56:50:e9:0c:f5:89:
3e:56:ed:b2:0d:dc:e5:f8:3c:0f:4c:bb:39:b5:72:
7b:66:43:d8:e2:fb:5d:0b:31:9a:5c:b2:90:c6:3e:
12:2c:b5:ab:cf:35:43:c1:47:d1:4b:93:37:9b:5a:
99:f7:f3:46:34:28:4b:2b:05:ff:e6:5a:9b:15:f1:
14:1f:0e:e7:62:69:34:1f:f9:ae:66:7d:3d:45:89:
c8:25:72:b6:51:ef:3c:95:b9:4c:37:0e:1e:46:06:
a1:35:ae:be:00:c6:5f:91:7a:4a:b0:c3:76:db:91:
c9:44:78:16:50:4f:7e:1c:ff:50:1a:2e:40:51:15:
2e:08:79:db:60:e0:1d:15:fa:6a:df:8e:11:3e:6f:
e0:e4:64:b3:9e:29:98:66:6c:b8:26:1c:5a:9e:76:
9d:3a:21:e0:89:af:83:6f:33:4f:54:37:ef:1c:cd:
43:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:33:AB:AF:0D:11:F2:53:BC:90:E6:9D:78:D4:24:EB:91:57:38:38
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9jOrrw0R8lO8kOadeNQk65FXODg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.182.0/23
89.116.130.0/23
89.116.146.0-89.116.149.255
89.117.6.0/23
89.117.12.0/23
89.117.24.0/23
89.117.36.0/23
89.117.70.0/23
89.117.102.0/23
89.117.158.0/23
89.117.226.0/23
Signature Algorithm: sha256WithRSAEncryption
01:e2:f2:e7:f6:0a:01:35:b3:ee:6d:e1:19:1b:05:bd:52:03:
7a:3c:22:d2:d7:5f:4d:c6:0b:92:54:49:b4:19:a4:cb:e6:0c:
d4:20:02:ad:75:ac:4b:5f:f0:87:41:0f:3c:4a:cc:1b:d5:08:
c9:cc:6b:27:b0:04:f3:41:93:90:cd:15:02:06:99:73:bb:97:
10:a9:30:b5:65:3f:02:6a:11:79:fd:28:e7:74:d9:67:c6:ca:
2f:53:e3:a5:18:4c:0d:38:33:ac:fa:d8:9b:36:e7:15:d7:ee:
88:f2:df:77:9d:bb:27:35:77:3e:d4:c2:1b:9d:4b:44:e9:cb:
ca:b0:07:51:9c:f0:66:d4:fb:8a:99:66:5c:38:dc:eb:89:9d:
e2:78:ba:ff:29:08:3e:1f:bf:89:d4:54:b5:ef:f2:02:da:ed:
dc:0d:27:01:cc:85:8e:ed:48:9f:9a:ae:73:87:30:59:d1:8e:
17:64:23:1e:e2:70:03:9e:68:f1:e7:a5:d9:39:25:03:d0:95:
59:78:2a:31:32:22:88:3d:82:02:86:cd:16:26:ba:c6:76:d2:
98:21:48:dc:cf:a9:1a:81:5c:7d:ea:73:2a:4b:72:72:f1:e0:
0e:0b:aa:3b:a1:3b:49:8c:58:f6:28:7c:fb:46:e0:0e:40:43:
1b:2f:ca:57
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYOVJAT/y7XEqtUlJGd5KEHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDAxMjAwMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjMzYWJhZjBkMTFmMjUzYmM5MGU2OWQ3OGQ0MjRlYjkxNTczODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iaOOLELFoORXmFDSa5WydZ5EYPa
6zXpbFxx+XxYRKMC6UdKogYp6P27CqjvcDng68wvca2mg6QQf5NZoD/KAV3vih9p
P4kl7tJmHdSMxWVM+FFWUOkM9Yk+Vu2yDdzl+DwPTLs5tXJ7ZkPY4vtdCzGaXLKQ
xj4SLLWrzzVDwUfRS5M3m1qZ9/NGNChLKwX/5lqbFfEUHw7nYmk0H/muZn09RYnI
JXK2Ue88lblMNw4eRgahNa6+AMZfkXpKsMN225HJRHgWUE9+HP9QGi5AURUuCHnb
YOAdFfpq344RPm/g5GSznimYZmy4JhxannadOiHgia+DbzNPVDfvHM1DFQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPYzq68NEfJTvJDmnXjUJOuRVzg4MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvOWpPcnJ3MFI4bE84a09hZGVOUWs2NUZYT0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBVia2AwQB
WXSCMAwDBAFZdJIDBAFZdJQDBAFZdQYDBAFZdQwDBAFZdRgDBAFZdSQDBAFZdUYD
BAFZdWYDBAFZdZ4DBAFZdeIwDQYJKoZIhvcNAQELBQADggEBAAHi8uf2CgE1s+5t
4RkbBb1SA3o8ItLXX03GC5JUSbQZpMvmDNQgAq11rEtf8IdBDzxKzBvVCMnMayew
BPNBk5DNFQIGmXO7lxCpMLVlPwJqEXn9KOd02WfGyi9T46UYTA04M6z62Js25xXX
7ojy33eduyc1dz7UwhudS0Tpy8qwB1Gc8GbU+4qZZlw43OuJneJ4uv8pCD4fv4nU
VLXv8gLa7dwNJwHMhY7tSJ+arnOHMFnRjhdkIx7icAOeaPHnpdk5JQPQlVl4KjEy
Iog9ggKGzRYmusZ20pghSNzPqRqBXH3qcypLcnLx4A4LqjuhO0mMWPYofPtG4A5A
Qxsvylc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org