Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IOYvTJqxI_2TY6yUKUhJAidNsDU.roa
File: IOYvTJqxI_2TY6yUKUhJAidNsDU.roa (raw, json)
Hash identifier: ZNfEPdtv3pEySbYmuYFOnVKkweXNazS3Gmhn3cWOtoQ=
Subject key identifier: 20:E6:2F:4C:9A:B1:23:FD:93:63:AC:94:29:48:49:02:27:4D:B0:35
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182A668B222A3FDF12536C09664E5AD1642
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IOYvTJqxI_2TY6yUKUhJAidNsDU.roa
Signing time: Tue 16 Aug 2022 11:27:35 +0000
ROA not before: Tue 16 Aug 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:68:b2:22:a3:fd:f1:25:36:c0:96:64:e5:ad:16:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 16 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20e62f4c9ab123fd9363ac9429484902274db035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:81:7a:e6:d1:02:2c:be:a0:64:48:ab:34:5d:
8e:5b:20:03:78:ed:c9:e7:56:b8:2a:64:18:90:e3:
13:02:0d:8b:85:0b:c2:2e:8a:e8:b9:01:a4:75:2a:
d7:a9:58:90:c4:89:f3:82:fa:ee:4f:0a:6e:66:13:
8e:22:c1:83:d5:22:fc:eb:38:e8:dc:3a:cb:85:f3:
c1:d7:a8:c7:e8:b9:d0:c2:f9:d5:5e:0c:60:df:1e:
95:c7:60:6a:3e:41:6b:09:41:b1:3a:c7:e7:da:2e:
f3:6e:ea:03:27:e0:57:94:7f:82:2e:32:47:c3:3c:
9d:7c:c0:70:00:47:29:6b:73:88:59:e5:95:b5:51:
bf:4a:f5:08:f5:a8:9d:1b:ef:81:cc:7f:0b:05:f5:
01:e7:ae:1e:43:9f:08:10:76:a4:c7:f0:4d:d4:21:
b9:23:d8:e4:58:de:33:37:8e:81:33:ff:2a:3f:65:
2c:54:91:a4:94:90:e8:bc:44:a2:d0:65:05:41:b7:
dd:e8:d8:6b:3d:b4:cb:54:21:93:1a:a8:15:64:77:
b9:36:89:e0:5b:4e:40:a0:32:25:f3:61:63:55:c2:
1d:d4:02:4b:86:08:09:e1:6d:4b:db:7a:96:8c:cc:
ab:42:4a:83:1a:45:b2:d8:0d:91:8b:20:5a:ea:f4:
35:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E6:2F:4C:9A:B1:23:FD:93:63:AC:94:29:48:49:02:27:4D:B0:35
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IOYvTJqxI_2TY6yUKUhJAidNsDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.92.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.186.0/24
89.116.218.0/24
89.116.252.0/23
89.117.24.0/23
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:e6:f0:a3:47:65:31:24:4e:5a:33:7c:94:d1:f6:73:7a:e7:
78:82:dc:d7:2f:6d:91:d3:1a:b7:f7:ca:0d:e1:8a:6a:f2:8e:
75:0e:d5:ce:f6:8d:26:59:c7:a2:33:5c:e7:d8:78:66:13:5b:
b2:c1:8b:6f:e2:2f:0d:9c:cf:3f:33:0d:42:70:79:e3:ed:14:
e9:46:96:bc:cd:22:0c:2c:20:fe:59:33:e4:53:34:87:66:08:
dd:cd:9d:46:77:d0:00:a5:d5:1a:64:d1:9b:b0:2f:8f:97:8d:
c7:df:52:93:5d:1f:6c:c1:81:06:5b:cb:29:f1:c3:65:3f:c2:
c9:31:42:05:89:bc:50:c7:b1:19:37:35:c9:a2:77:92:90:36:
89:74:5d:6e:8e:0f:db:a7:d9:7a:82:19:40:4b:d4:54:c3:2e:
5f:57:ca:0c:28:51:9f:6a:ba:e3:22:c6:e2:d2:fd:fa:7b:ac:
72:c9:34:d5:aa:32:1a:af:e7:c7:09:f4:86:ba:2f:40:82:f2:
a0:ff:b9:ec:43:1c:02:5e:b7:88:1b:1f:fb:7d:b9:7e:4a:b2:
f6:ee:31:d7:5b:b8:56:6b:70:09:58:c2:60:2a:67:4f:4e:3f:
71:e4:9f:2e:3e:4d:57:b9:10:c5:d1:de:1e:5e:ad:00:0e:e1:
ff:f2:d8:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYKmaLIio/3xJTbAlmTlrRZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE2MTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU2MmY0YzlhYjEyM2ZkOTM2M2FjOTQyOTQ4NDkwMjI3NGRiMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIF65tECLL6gZEirNF2OWyADeO3J
51a4KmQYkOMTAg2LhQvCLorouQGkdSrXqViQxInzgvruTwpuZhOOIsGD1SL86zjo
3DrLhfPB16jH6LnQwvnVXgxg3x6Vx2BqPkFrCUGxOsfn2i7zbuoDJ+BXlH+CLjJH
wzydfMBwAEcpa3OIWeWVtVG/SvUI9aidG++BzH8LBfUB564eQ58IEHakx/BN1CG5
I9jkWN4zN46BM/8qP2UsVJGklJDovESi0GUFQbfd6NhrPbTLVCGTGqgVZHe5Nong
W05AoDIl82FjVcId1AJLhggJ4W1L23qWjMyrQkqDGkWy2A2RiyBa6vQ1oQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCDmL0yasSP9k2OslClISQInTbA1MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvSU9ZdlRKcXhJXzJUWTZ5VUtVaEpBaWROc0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAWXRcAwQA
WXSEAwQAWXSHAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSxAwQAWXS6AwQA
WXTaAwQBWXT8AwQBWXUYAwQBWXUgAwQAWXVtAwQAWXWBAwQAWXW+AwQAWXXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAt5vCjR2UxJE5aM3yU0fZzeud4gtzXL22R0xq398oN
4Ypq8o51DtXO9o0mWceiM1zn2HhmE1uywYtv4i8NnM8/Mw1CcHnj7RTpRpa8zSIM
LCD+WTPkUzSHZgjdzZ1Gd9AApdUaZNGbsC+Pl43H31KTXR9swYEGW8sp8cNlP8LJ
MUIFibxQx7EZNzXJoneSkDaJdF1ujg/bp9l6ghlAS9RUwy5fV8oMKFGfarrjIsbi
0v36e6xyyTTVqjIar+fHCfSGui9AgvKg/7nsQxwCXreIGx/7fbl+SrL27jHXW7hW
a3AJWMJgKmdPTj9x5J8uPk1XuRDF0d4eXq0ADuH/8tgn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org