Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/D0NufN5GSk5e5iFssohX66yIiUU.roa
File: D0NufN5GSk5e5iFssohX66yIiUU.roa (raw, json)
Hash identifier: 3/bzvhPlU/sSgTOxqY7oabLDktTBrQjSRdMQLFu0bnc=
Subject key identifier: 0F:43:6E:7C:DE:46:4A:4E:5E:E6:21:6C:B2:88:57:EB:AC:88:89:45
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 098C54FF
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/D0NufN5GSk5e5iFssohX66yIiUU.roa
Signing time: Mon 14 Feb 2022 11:01:57 +0000
ROA not before: Mon 14 Feb 2022 11:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.116.224.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.0.0/22 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.60.0/22 maxlen: 22
89.117.152.0/22 maxlen: 22
89.117.157.0/24 maxlen: 24
86.38.232.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160191743 (0x98c54ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 14 11:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f436e7cde464a4e5ee6216cb28857ebac888945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f8:fd:20:3f:f2:1c:a6:35:97:08:61:34:88:
70:cf:9f:fb:f8:80:10:c8:5c:88:1f:de:a3:f9:43:
ca:2f:90:5b:7f:b6:6d:55:f3:5d:08:cd:15:71:6d:
92:ec:e2:f7:82:8d:ab:e3:33:8f:49:f0:a8:a3:03:
49:7c:33:a5:e8:b0:43:66:31:06:b6:78:41:7b:d5:
1a:52:c7:28:12:a9:f7:d3:28:cd:53:11:a0:bc:2e:
11:a9:e3:13:9f:31:06:e1:02:95:cf:64:ec:99:53:
58:75:09:9c:42:e6:12:44:57:eb:9b:63:ee:db:ff:
1b:10:e0:00:a0:b6:76:cb:d2:44:bc:72:d2:06:b0:
51:cf:88:6e:3d:fa:3c:62:0f:2e:ef:c7:b2:d8:c5:
91:d6:8f:a1:bd:57:0a:68:9c:b9:6e:1b:fc:5d:3a:
00:7b:5f:f3:2e:88:f7:cb:4c:17:ec:1b:e4:96:9e:
10:0d:ac:5c:53:2c:48:d2:9d:f8:13:39:07:35:13:
c9:65:fe:4e:81:a5:f8:19:9b:fb:ea:32:e1:dd:ff:
c2:fc:30:74:64:4e:1c:88:d8:06:95:57:5a:c4:d5:
0a:37:18:27:49:b6:90:43:6a:61:75:ec:6d:df:10:
5e:8a:31:d6:de:70:44:40:06:28:74:04:2c:4a:4f:
4c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:43:6E:7C:DE:46:4A:4E:5E:E6:21:6C:B2:88:57:EB:AC:88:89:45
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/D0NufN5GSk5e5iFssohX66yIiUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.232.0/24
89.116.60.0/22
89.116.224.0/21
89.116.237.0/24
89.117.0.0/22
89.117.16.0/21
89.117.152.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
92:a1:ee:97:df:bc:c6:a0:42:7a:df:96:38:45:db:59:54:12:
2c:ba:82:2e:7b:7a:9a:97:91:cb:4c:62:db:a6:49:a9:96:d0:
ac:29:56:49:b5:1f:5f:46:0e:e7:31:b7:15:89:c9:51:5b:79:
38:f5:f7:f8:b1:41:a7:fd:a8:52:5b:56:c0:25:80:b3:75:92:
dc:7d:c7:2a:74:d7:a0:d3:7c:c0:e0:89:6e:50:51:ab:e2:58:
88:e8:b3:bf:c8:bf:9d:ed:7b:42:d0:a9:97:d5:81:45:ec:bd:
68:19:df:84:da:e2:a7:c0:86:05:15:38:3d:85:45:f2:2a:2b:
30:e1:1f:9e:35:a4:d1:69:45:fa:25:57:cd:d7:76:0f:f5:d2:
50:35:e4:76:72:d9:9e:66:dc:04:09:4a:11:f0:49:bf:d4:9a:
be:5f:4c:0e:f1:a4:4a:af:2b:20:a7:72:52:0f:62:e1:42:41:
df:bf:04:10:32:cc:cd:9d:87:82:64:82:83:79:23:4a:39:8b:
78:2e:54:55:fd:02:8a:48:3e:a0:53:e7:6d:33:45:d2:65:82:
fe:73:eb:08:1e:89:b9:d1:0a:42:56:cd:1b:f8:2c:f3:0c:79:
74:d6:b9:6e:f0:22:22:f8:4b:c3:f7:8d:9d:d6:54:6a:73:76:
a2:b2:19:80
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECYxU/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIx
NDExMDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY0MzZlN2NkZTQ2
NGE0ZTVlZTYyMTZjYjI4ODU3ZWJhYzg4ODk0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKT4/SA/8hymNZcIYTSIcM+f+/iAEMhciB/eo/lDyi+QW3+2
bVXzXQjNFXFtkuzi94KNq+Mzj0nwqKMDSXwzpeiwQ2YxBrZ4QXvVGlLHKBKp99Mo
zVMRoLwuEanjE58xBuEClc9k7JlTWHUJnELmEkRX65tj7tv/GxDgAKC2dsvSRLxy
0gawUc+Ibj36PGIPLu/HstjFkdaPob1XCmicuW4b/F06AHtf8y6I98tMF+wb5Jae
EA2sXFMsSNKd+BM5BzUTyWX+ToGl+Bmb++oy4d3/wvwwdGROHIjYBpVXWsTVCjcY
J0m2kENqYXXsbd8QXoox1t5wREAGKHQELEpPTO8CAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQPQ2583kZKTl7mIWyyiFfrrIiJRTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0QwTnVmTjVHU2s1ZTVpRnNzb2hYNjZ5SWlVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAlQu7AMEAFYm6AMEAll0PAMEA1l0
4AMEAFl07QMEAll1AAMEA1l1EAMEAll1mAMEAFl1nQMEAFl1pAMEAFl1qzANBgkq
hkiG9w0BAQsFAAOCAQEAkqHul9+8xqBCet+WOEXbWVQSLLqCLnt6mpeRy0xi26ZJ
qZbQrClWSbUfX0YO5zG3FYnJUVt5OPX3+LFBp/2oUltWwCWAs3WS3H3HKnTXoNN8
wOCJblBRq+JYiOizv8i/ne17QtCpl9WBRey9aBnfhNrip8CGBRU4PYVF8iorMOEf
njWk0WlF+iVXzdd2D/XSUDXkdnLZnmbcBAlKEfBJv9Savl9MDvGkSq8rIKdyUg9i
4UJB378EEDLMzZ2HgmSCg3kjSjmLeC5UVf0Cikg+oFPnbTNF0mWC/nPrCB6JudEK
QlbNG/gs8wx5dNa5bvAiIvhLw/eNndZUanN2orIZgA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org