Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/H9kfXVT32ooLA6DnZFJiZJKQdco.roa
File: H9kfXVT32ooLA6DnZFJiZJKQdco.roa (raw, json)
Hash identifier: xrRvwBXq7kTZNqrRcQ+/c7BOrCOFPqDDFKSe5iTWMKw=
Subject key identifier: 1F:D9:1F:5D:54:F7:DA:8A:0B:03:A0:E7:64:52:62:64:92:90:75:CA
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0AC06922
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/H9kfXVT32ooLA6DnZFJiZJKQdco.roa
Signing time: Tue 10 May 2022 07:09:32 +0000
ROA not before: Tue 10 May 2022 07:09:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.104.0/22 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.72.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
89.116.224.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.0.0/22 maxlen: 24
89.116.180.0/22 maxlen: 24
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180381986 (0xac06922)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 10 07:09:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fd91f5d54f7da8a0b03a0e764526264929075ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b4:d0:23:1e:02:c7:5c:95:95:a7:51:b3:10:
b5:45:49:18:b3:4b:78:4e:83:b9:2e:18:8b:b9:01:
1f:82:49:d1:f6:59:6f:b3:9a:d1:bb:c5:a8:f2:bc:
3d:45:d4:80:c5:65:16:dc:5d:a8:25:82:53:b2:a1:
39:d6:17:13:af:22:86:6d:47:31:f3:73:e7:d9:4f:
01:3c:68:eb:5d:bb:bc:77:13:1a:0e:ec:b2:f8:22:
9f:66:d8:f1:1a:03:6a:35:e0:5d:52:ca:89:48:c6:
32:b7:d2:14:6f:b8:1f:21:d4:9f:07:18:0f:bd:1b:
8b:d3:d1:9b:d7:01:1f:9c:4c:ce:dc:f1:ee:8a:47:
18:4b:c4:df:9c:48:4a:f3:ab:14:00:9d:be:c5:fc:
b9:18:5a:06:f3:7e:b9:0f:11:36:ca:0b:62:48:30:
6f:0d:78:86:d0:70:86:02:90:2a:d4:9f:cc:88:8b:
28:a5:60:9c:fc:a4:98:41:8c:a6:58:7c:db:43:a9:
ab:93:9a:6f:22:3a:60:89:5c:29:5b:dd:f2:a2:69:
4b:1c:20:6b:3f:95:27:46:37:79:9e:6b:16:42:cc:
15:75:24:13:17:9a:94:da:00:1f:2e:cb:05:7b:95:
40:8a:f1:6d:c5:48:3a:ea:36:56:64:47:e5:e6:e0:
c6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D9:1F:5D:54:F7:DA:8A:0B:03:A0:E7:64:52:62:64:92:90:75:CA
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/H9kfXVT32ooLA6DnZFJiZJKQdco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.72.0/22
89.116.80.0/21
89.116.180.0/22
89.116.212.0/22
89.116.224.0/21
89.116.237.0/24
89.117.0.0/22
89.117.16.0/21
89.117.104.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f3:6b:48:8f:ce:63:b6:c6:ce:a4:f3:c0:f0:35:6a:78:77:
ec:5f:4f:44:8d:70:4e:c9:c2:8e:8a:b4:b5:3c:b6:8d:ea:29:
90:5f:32:0d:dd:f0:00:e5:3e:e7:0a:8f:85:a5:02:4e:5f:30:
6c:46:5b:14:33:e4:49:cc:b9:17:33:ca:88:d3:8a:66:a4:ea:
8e:05:0e:a2:67:7c:e1:37:87:44:03:3d:c3:05:ad:c2:5d:2a:
07:98:1b:58:95:26:2a:2f:5b:1d:5e:dc:ac:3a:65:39:ad:d9:
48:06:61:8d:06:f6:75:13:f3:da:ad:48:63:7c:de:f0:ed:90:
cd:f4:54:21:64:7a:d0:b7:47:c5:55:42:c3:83:d6:61:c6:72:
0f:e5:d7:3d:e4:08:a0:d9:2b:58:01:06:7d:17:19:b4:dc:31:
e1:d3:29:5c:52:69:06:70:3e:be:ee:7d:e6:3b:b7:a3:9a:8a:
14:96:00:07:69:fd:65:a1:43:c6:3b:35:f3:7a:81:46:df:ef:
7e:ba:54:ab:8a:56:37:87:7a:cd:13:6a:0e:f3:45:59:d5:18:
59:f4:fc:fc:bc:8b:c5:1c:60:9c:b9:48:88:e0:1c:69:23:2f:
23:47:36:aa:9e:65:35:52:83:72:9d:37:da:3e:c5:71:be:b0:
0a:92:6c:88
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIECsBpIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MDA3MDkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZkOTFmNWQ1NGY3
ZGE4YTBiMDNhMGU3NjQ1MjYyNjQ5MjkwNzVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN600CMeAsdclZWnUbMQtUVJGLNLeE6DuS4Yi7kBH4JJ0fZZ
b7Oa0bvFqPK8PUXUgMVlFtxdqCWCU7KhOdYXE68ihm1HMfNz59lPATxo6127vHcT
Gg7ssvgin2bY8RoDajXgXVLKiUjGMrfSFG+4HyHUnwcYD70bi9PRm9cBH5xMztzx
7opHGEvE35xISvOrFACdvsX8uRhaBvN+uQ8RNsoLYkgwbw14htBwhgKQKtSfzIiL
KKVgnPykmEGMplh820Opq5OabyI6YIlcKVvd8qJpSxwgaz+VJ0Y3eZ5rFkLMFXUk
ExealNoAHy7LBXuVQIrxbcVIOuo2VmRH5ebgxjsCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBQf2R9dVPfaigsDoOdkUmJkkpB1yjAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0g5a2ZYVlQzMm9vTEE2RG5aRkppWkpLUWRjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAlQu7AMEAll0SAMEA1l0UAMEAll0
tAMEAll01AMEA1l04AMEAFl07QMEAll1AAMEA1l1EAMEAll1aAMEAFl1nQMEAFl1
pAMEAFl1qzANBgkqhkiG9w0BAQsFAAOCAQEAB/NrSI/OY7bGzqTzwPA1anh37F9P
RI1wTsnCjoq0tTy2jeopkF8yDd3wAOU+5wqPhaUCTl8wbEZbFDPkScy5FzPKiNOK
ZqTqjgUOomd84TeHRAM9wwWtwl0qB5gbWJUmKi9bHV7crDplOa3ZSAZhjQb2dRPz
2q1IY3ze8O2QzfRUIWR60LdHxVVCw4PWYcZyD+XXPeQIoNkrWAEGfRcZtNwx4dMp
XFJpBnA+vu595ju3o5qKFJYAB2n9ZaFDxjs183qBRt/vfrpUq4pWN4d6zRNqDvNF
WdUYWfT8/LyLxRxgnLlIiOAcaSMvI0c2qp5lNVKDcp032j7Fcb6wCpJsiA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org