Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/EwNDR9_oiqYK-L-OldO3c4VmrzQ.roa
File: EwNDR9_oiqYK-L-OldO3c4VmrzQ.roa (raw, json)
Hash identifier: qSJZ42Y0sNArqyzWrTwJmlXKEmGq9Wj3eCnsiIc1ceA=
Subject key identifier: 13:03:43:47:DF:E8:8A:A6:0A:F8:BF:8E:95:D3:B7:73:85:66:AF:34
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01841AB0998C669C0424CB2E9355C84A594A
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/EwNDR9_oiqYK-L-OldO3c4VmrzQ.roa
Signing time: Thu 27 Oct 2022 18:24:52 +0000
ROA not before: Thu 27 Oct 2022 18:24:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.80.0/22 maxlen: 24
89.117.104.0/22 maxlen: 24
89.116.32.0/21 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.180.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
89.117.40.0/21 maxlen: 24
84.46.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1a:b0:99:8c:66:9c:04:24:cb:2e:93:55:c8:4a:59:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 27 18:24:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13034347dfe88aa60af8bf8e95d3b7738566af34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7e:b5:d4:a5:04:d8:e4:15:48:1b:ea:c6:fc:
91:11:b4:ff:60:ae:c3:09:88:ce:38:56:3f:98:1a:
2a:6b:6a:66:e5:ab:0d:f5:7f:28:12:de:6a:e0:82:
43:77:59:5f:73:9c:6b:78:4b:85:98:8b:76:56:13:
97:78:97:b3:18:04:cd:cd:2a:81:e3:bf:99:be:6e:
76:61:17:9f:b2:80:ce:00:93:bf:51:c5:5b:c6:bf:
29:8a:dd:3b:fb:1e:fc:c5:88:d3:ab:94:d7:c9:e8:
ba:03:ce:02:00:f3:a8:56:86:17:e9:aa:72:98:45:
1f:fe:b2:c8:a8:a2:29:41:38:1b:c8:dc:07:3a:89:
eb:b9:4d:33:94:dd:82:cf:47:47:29:1f:39:a9:30:
b3:3f:af:d7:b8:82:af:f9:a7:b4:1a:57:85:c9:49:
4e:00:af:14:52:34:c6:d5:e5:e3:12:66:f7:53:a3:
14:ed:34:b9:68:a3:4c:f9:06:30:42:1c:b5:4f:1a:
61:4c:f6:7f:63:c4:66:26:3e:6c:99:c7:cc:b8:9e:
e4:5d:7e:fa:5b:e4:8e:2a:81:dc:d4:ba:17:6d:5d:
a8:88:8e:32:e3:00:c1:12:13:ed:a0:53:fd:1e:cf:
97:24:98:f2:44:f7:e0:fb:a6:99:a1:8b:0a:26:ab:
4f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:03:43:47:DF:E8:8A:A6:0A:F8:BF:8E:95:D3:B7:73:85:66:AF:34
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/EwNDR9_oiqYK-L-OldO3c4VmrzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.32.0/21
89.116.80.0/21
89.116.180.0/22
89.117.16.0/21
89.117.40.0/21
89.117.80.0/22
89.117.104.0/22
Signature Algorithm: sha256WithRSAEncryption
39:35:8a:d3:0f:2e:85:eb:28:41:fa:2d:12:e0:79:04:fe:23:
82:0d:c6:ba:31:31:4a:e6:8b:d5:0e:99:fd:8b:9c:5b:32:c8:
ad:ba:f9:aa:38:37:f4:92:5c:76:41:59:a6:3d:ff:88:fe:05:
8b:2e:80:98:22:4e:62:a1:60:e3:ad:8d:7c:a1:fa:2c:0e:69:
59:9d:35:1b:d3:4a:0f:19:e7:59:04:bb:1f:f7:6b:dc:c2:c3:
9a:e0:11:1a:da:32:9e:a0:d3:9e:3a:2b:f4:27:be:0d:6b:d4:
8c:e6:b1:31:45:28:f9:17:c8:26:71:05:b0:6f:9f:2a:e0:e7:
04:6f:21:48:c2:4a:bb:8e:01:f5:58:77:48:08:1b:a5:f0:15:
41:dc:dd:a2:67:e7:fe:19:ab:ab:8f:93:d7:60:b1:7c:ee:63:
f8:02:19:dd:5f:1b:d4:d0:50:e4:8e:ba:e0:e1:1d:af:08:f2:
8c:06:88:da:9f:68:f3:9e:ca:18:ba:19:91:33:8e:14:00:5f:
b2:3e:4d:c1:85:07:2e:4e:92:17:ba:e6:9c:a3:db:cc:af:4c:
dd:48:bf:82:0f:53:ec:ed:02:76:a1:57:64:15:90:72:08:b2:
f5:d1:91:81:c2:8a:93:9b:49:54:78:2e:fe:f1:81:e0:05:eb:
1d:29:14:39
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYQasJmMZpwEJMsuk1XISllKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDI3MTgyNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzAzNDM0N2RmZTg4YWE2MGFmOGJmOGU5NWQzYjc3Mzg1NjZhZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn611KUE2OQVSBvqxvyREbT/YK7D
CYjOOFY/mBoqa2pm5asN9X8oEt5q4IJDd1lfc5xreEuFmIt2VhOXeJezGATNzSqB
47+Zvm52YRefsoDOAJO/UcVbxr8pit07+x78xYjTq5TXyei6A84CAPOoVoYX6apy
mEUf/rLIqKIpQTgbyNwHOonruU0zlN2Cz0dHKR85qTCzP6/XuIKv+ae0GleFyUlO
AK8UUjTG1eXjEmb3U6MU7TS5aKNM+QYwQhy1TxphTPZ/Y8RmJj5smcfMuJ7kXX76
W+SOKoHc1LoXbV2oiI4y4wDBEhPtoFP9Hs+XJJjyRPfg+6aZoYsKJqtPCQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBMDQ0ff6IqmCvi/jpXTt3OFZq80MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvRXdORFI5X29pcVlLLUwtT2xkTzNjNFZtcnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVC7sAwQD
WXQgAwQDWXRQAwQCWXS0AwQDWXUQAwQDWXUoAwQCWXVQAwQCWXVoMA0GCSqGSIb3
DQEBCwUAA4IBAQA5NYrTDy6F6yhB+i0S4HkE/iOCDca6MTFK5ovVDpn9i5xbMsit
uvmqODf0klx2QVmmPf+I/gWLLoCYIk5ioWDjrY18ofosDmlZnTUb00oPGedZBLsf
92vcwsOa4BEa2jKeoNOeOiv0J74Na9SM5rExRSj5F8gmcQWwb58q4OcEbyFIwkq7
jgH1WHdICBul8BVB3N2iZ+f+Gaurj5PXYLF87mP4AhndXxvU0FDkjrrg4R2vCPKM
Bojan2jznsoYuhmRM44UAF+yPk3BhQcuTpIXuuaco9vMr0zdSL+CD1Ps7QJ2oVdk
FZByCLL10ZGBwoqTm0lUeC7+8YHgBesdKRQ5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:43 2025 by rpki-client