Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CSgyhF31qYzt5ve9J6noPmvDWdE.roa
File: CSgyhF31qYzt5ve9J6noPmvDWdE.roa (raw, json)
Hash identifier: 40JX1NL8I4dcynuzHH100JdvNX0Nq1YMhshS4/7QI3w=
Subject key identifier: 09:28:32:84:5D:F5:A9:8C:ED:E6:F7:BD:27:A9:E8:3E:6B:C3:59:D1
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182AF8A187FB54A7C43E004ACF09EDF3A2F
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CSgyhF31qYzt5ve9J6noPmvDWdE.roa
Signing time: Thu 18 Aug 2022 06:00:39 +0000
ROA not before: Thu 18 Aug 2022 06:00:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.46.170.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.117.27.0/24 maxlen: 24
89.117.35.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
86.38.214.0/24 maxlen: 24
89.117.167.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:8a:18:7f:b5:4a:7c:43:e0:04:ac:f0:9e:df:3a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 18 06:00:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=092832845df5a98cede6f7bd27a9e83e6bc359d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:d5:57:03:ff:61:91:8f:64:d2:af:7e:2d:
df:81:d0:64:8f:52:fb:eb:86:48:a9:b3:cc:a6:4f:
d5:cc:66:fa:42:13:cf:db:b4:74:5e:98:6b:e1:a3:
3e:b0:79:a2:97:04:d6:e3:71:3e:ed:91:e3:16:fd:
a8:2f:5e:75:80:4f:19:0e:5b:a1:3f:e2:1f:dc:03:
ad:25:f9:90:2c:c7:64:93:de:3f:3d:45:d6:9d:d1:
bb:8d:f9:ef:f4:b4:0e:83:23:b4:18:20:24:46:bf:
c3:a6:2a:ab:b7:39:88:04:82:db:81:6a:79:a5:be:
fd:8c:72:c8:f4:d8:d6:03:bc:6d:49:c1:e3:27:b3:
6e:27:1c:19:08:3f:c6:73:50:36:76:fd:d3:c5:85:
51:a5:e2:c1:76:ee:98:ac:1d:d1:37:12:37:04:d3:
eb:f9:5d:53:e1:23:0b:5c:30:ad:08:93:62:e5:47:
70:1a:7a:b3:24:42:f7:50:22:12:04:3e:3b:73:bf:
66:f7:06:aa:27:9d:78:45:7d:93:1f:19:da:d3:80:
5e:8d:86:4b:ed:17:c5:41:76:7b:6a:25:b7:24:0d:
d3:be:dd:60:02:f9:c6:9f:72:96:b2:77:0a:84:b0:
e6:fe:70:96:a9:a2:9a:ef:5a:80:06:c7:a4:2c:7e:
36:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:28:32:84:5D:F5:A9:8C:ED:E6:F7:BD:27:A9:E8:3E:6B:C3:59:D1
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CSgyhF31qYzt5ve9J6noPmvDWdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
86.38.214.0/24
89.116.102.0/24
89.116.158.0/24
89.116.163.0/24
89.116.190.0/24
89.117.27.0/24
89.117.35.0/24
89.117.101.0/24
89.117.111.0/24
89.117.167.0/24
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
13:03:1f:df:fb:bb:73:ab:b3:f6:10:e1:6a:8b:7a:e9:70:d4:
1c:05:bf:1b:b4:d5:4a:9c:77:64:97:34:70:69:c8:c7:c4:51:
e8:f4:86:53:97:90:54:75:ec:a3:69:84:c1:ae:bc:ac:0d:65:
52:15:d8:3d:7d:7b:3e:19:4b:42:d6:b5:4b:24:60:63:39:ea:
3b:e7:ec:42:62:4a:cd:cc:11:24:f8:32:07:77:56:73:c4:b9:
ec:b3:0b:d3:2f:a1:94:3e:63:19:34:4c:c0:3c:54:bc:11:6e:
30:36:6f:b4:34:bd:a0:bd:1f:b0:b3:a2:77:91:dc:7b:ac:b3:
69:b2:1f:1f:11:4e:22:6f:b9:03:99:18:e8:64:f7:d9:75:5c:
77:d7:6d:45:e5:e5:53:08:64:dc:93:ef:00:4d:a9:e1:ce:e0:
39:03:c5:07:72:61:f9:f1:72:d3:2c:6a:b7:d4:1f:57:a4:d5:
8c:ff:3a:1a:0d:4c:19:b7:4a:ea:2a:12:dd:de:b1:1a:5f:2c:
f0:76:62:7d:53:d0:68:8b:8a:63:ad:4a:69:5e:07:c6:84:2a:
08:59:34:0a:7e:28:30:d1:df:71:26:75:0e:9b:7c:38:88:8f:
6d:a1:a5:9f:a5:db:33:96:cd:7b:7b:f3:d7:04:05:a5:3b:4e:
1d:09:32:83
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYKvihh/tUp8Q+AErPCe3zovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE4MDYwMDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTI4MzI4NDVkZjVhOThjZWRlNmY3YmQyN2E5ZTgzZTZiYzM1OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDrVVwP/YZGPZNKvfi3fgdBkj1L7
64ZIqbPMpk/VzGb6QhPP27R0Xphr4aM+sHmilwTW43E+7ZHjFv2oL151gE8ZDluh
P+If3AOtJfmQLMdkk94/PUXWndG7jfnv9LQOgyO0GCAkRr/DpiqrtzmIBILbgWp5
pb79jHLI9NjWA7xtScHjJ7NuJxwZCD/Gc1A2dv3TxYVRpeLBdu6YrB3RNxI3BNPr
+V1T4SMLXDCtCJNi5UdwGnqzJEL3UCISBD47c79m9waqJ514RX2THxna04BejYZL
7RfFQXZ7aiW3JA3Tvt1gAvnGn3KWsncKhLDm/nCWqaKa71qABsekLH42SwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAkoMoRd9amM7eb3vSep6D5rw1nRMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvQ1NneWhGMzFxWXp0NXZlOUo2bm9QbXZEV2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAVC6qAwQA
VibWAwQAWXRmAwQAWXSeAwQAWXSjAwQAWXS+AwQAWXUbAwQAWXUjAwQAWXVlAwQA
WXVvAwQAWXWnAwQAWXXXMA0GCSqGSIb3DQEBCwUAA4IBAQATAx/f+7tzq7P2EOFq
i3rpcNQcBb8btNVKnHdklzRwacjHxFHo9IZTl5BUdeyjaYTBrrysDWVSFdg9fXs+
GUtC1rVLJGBjOeo75+xCYkrNzBEk+DIHd1ZzxLnsswvTL6GUPmMZNEzAPFS8EW4w
Nm+0NL2gvR+ws6J3kdx7rLNpsh8fEU4ib7kDmRjoZPfZdVx3121F5eVTCGTck+8A
TanhzuA5A8UHcmH58XLTLGq31B9XpNWM/zoaDUwZt0rqKhLd3rEaXyzwdmJ9U9Bo
i4pjrUppXgfGhCoIWTQKfigw0d9xJnUOm3w4iI9toaWfpdszls17e/PXBAWlO04d
CTKD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org