Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/FDyEjMmd3lyXwrSflF2hBFGZx10.roa
File: FDyEjMmd3lyXwrSflF2hBFGZx10.roa (raw, json)
Hash identifier: hYtwFtzX2B5m09tYvPW5p/UBA+wJ5wf3BxHNvA+KaAU=
Subject key identifier: 14:3C:84:8C:C9:9D:DE:5C:97:C2:B4:9F:94:5D:A1:04:51:99:C7:5D
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 018281767DE9CC26C54912CA2387A31915EB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/FDyEjMmd3lyXwrSflF2hBFGZx10.roa
Signing time: Tue 09 Aug 2022 07:16:42 +0000
ROA not before: Tue 09 Aug 2022 07:16:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.46.170.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.117.27.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
86.38.214.0/24 maxlen: 24
89.117.167.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:76:7d:e9:cc:26:c5:49:12:ca:23:87:a3:19:15:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 9 07:16:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=143c848cc99dde5c97c2b49f945da1045199c75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:27:06:4e:87:9d:b7:c2:44:4e:9d:ea:53:fb:
1e:40:dc:a5:bd:98:f8:fd:85:07:42:e0:9a:bd:5e:
08:05:c5:59:31:de:5d:ac:32:3f:86:23:bb:3e:b0:
ff:45:20:a2:c4:eb:78:22:3b:12:91:bc:64:71:a6:
67:72:f7:96:32:db:db:7b:14:04:4c:90:b6:6a:7c:
57:9f:1b:5f:bd:72:9a:93:98:cb:24:82:48:8d:d7:
ad:81:a9:cf:50:8e:6a:90:b8:8f:08:0c:4e:6a:34:
0f:76:99:95:64:d1:41:c2:63:32:8e:4a:44:d0:a7:
40:ab:9b:4c:5a:81:09:d4:5d:15:2c:62:bf:a8:e7:
a4:20:87:60:41:90:5c:04:28:13:d4:46:64:45:83:
fd:98:65:53:36:1f:1f:05:be:92:cd:87:00:00:d0:
80:7d:17:f7:a5:71:0a:77:56:5c:0a:01:20:a5:a6:
9e:aa:db:ac:89:6e:b2:d0:82:8a:f7:c0:d5:e8:d8:
a4:a4:62:25:fb:b1:0e:31:cc:48:a7:c6:f9:b6:df:
fe:b4:8b:d0:bf:23:af:34:05:2c:a4:9f:69:6a:6b:
57:77:3c:46:2c:c9:83:68:f7:9d:a1:05:51:31:29:
f7:9a:35:a3:da:50:7c:26:30:e5:53:ef:7e:25:70:
b0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3C:84:8C:C9:9D:DE:5C:97:C2:B4:9F:94:5D:A1:04:51:99:C7:5D
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/FDyEjMmd3lyXwrSflF2hBFGZx10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
86.38.214.0/24
89.116.102.0/24
89.116.163.0/24
89.116.190.0/24
89.117.27.0/24
89.117.101.0/24
89.117.111.0/24
89.117.167.0/24
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
30:5d:7c:ae:1a:55:33:81:a8:0d:df:c3:f7:40:98:29:c7:ba:
f0:76:04:ee:e6:63:47:0c:e6:25:8d:59:b4:c8:76:e0:b8:82:
14:f5:7d:4b:66:9e:b1:6b:5a:1f:11:d3:24:88:9f:32:fd:2b:
2a:37:17:a4:d4:5c:1e:f0:1e:ce:b3:10:64:66:19:0b:70:f2:
da:f6:be:15:56:6f:e6:c7:ce:9c:f2:bc:50:d4:fe:e8:36:d3:
26:32:e5:9e:aa:56:ff:f4:8a:32:6c:73:f3:93:a5:fb:2b:d8:
36:75:12:87:01:cd:9e:e6:f8:bb:01:ad:7b:d9:ba:c0:a6:a2:
c2:ea:8d:dc:b3:eb:9d:7a:80:6c:67:8f:4d:2f:3b:05:c8:a8:
0b:35:a0:fb:8d:fe:9b:ab:e5:f1:90:f5:8f:89:77:6a:26:dd:
4b:00:7f:b8:ed:79:55:f4:a4:cb:2c:63:ae:d1:50:8f:68:c1:
19:47:8f:61:7e:92:d3:89:41:9b:de:5b:f4:21:f5:2c:a2:c0:
26:04:17:bc:7c:fc:44:99:4b:f1:36:32:01:60:24:c0:21:2c:
29:31:22:90:56:18:97:27:57:b9:5d:4d:fb:73:70:69:8c:c6:
5c:92:2e:3d:d5:0d:3e:9a:37:6b:1a:6f:8b:41:4f:0b:4e:9c:
2a:a7:ee:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYKBdn3pzCbFSRLKI4ejGRXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODA5MDcxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNjODQ4Y2M5OWRkZTVjOTdjMmI0OWY5NDVkYTEwNDUxOTljNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzycGToedt8JETp3qU/seQNylvZj4
/YUHQuCavV4IBcVZMd5drDI/hiO7PrD/RSCixOt4IjsSkbxkcaZncveWMtvbexQE
TJC2anxXnxtfvXKak5jLJIJIjdetganPUI5qkLiPCAxOajQPdpmVZNFBwmMyjkpE
0KdAq5tMWoEJ1F0VLGK/qOekIIdgQZBcBCgT1EZkRYP9mGVTNh8fBb6SzYcAANCA
fRf3pXEKd1ZcCgEgpaaeqtusiW6y0IKK98DV6NikpGIl+7EOMcxIp8b5tt/+tIvQ
vyOvNAUspJ9pamtXdzxGLMmDaPedoQVRMSn3mjWj2lB8JjDlU+9+JXCwXwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBQ8hIzJnd5cl8K0n5RdoQRRmcddMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvRkR5RWpNbWQzbHlYd3JTZmxGMmhCRkdaeDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVC6qAwQA
VibWAwQAWXRmAwQAWXSjAwQAWXS+AwQAWXUbAwQAWXVlAwQAWXVvAwQAWXWnAwQA
WXXXMA0GCSqGSIb3DQEBCwUAA4IBAQAwXXyuGlUzgagN38P3QJgpx7rwdgTu5mNH
DOYljVm0yHbguIIU9X1LZp6xa1ofEdMkiJ8y/SsqNxek1Fwe8B7OsxBkZhkLcPLa
9r4VVm/mx86c8rxQ1P7oNtMmMuWeqlb/9IoybHPzk6X7K9g2dRKHAc2e5vi7Aa17
2brApqLC6o3cs+udeoBsZ49NLzsFyKgLNaD7jf6bq+XxkPWPiXdqJt1LAH+47XlV
9KTLLGOu0VCPaMEZR49hfpLTiUGb3lv0IfUsosAmBBe8fPxEmUvxNjIBYCTAISwp
MSKQVhiXJ1e5XU37c3BpjMZcki491Q0+mjdrGm+LQU8LTpwqp+6A
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org