Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Ib2yEJ76ESDkIb1S41u0rQ-taVk.roa
File: Ib2yEJ76ESDkIb1S41u0rQ-taVk.roa (raw, json)
Hash identifier: E6CE4vWgQNIpo9k5Ipxo3mCzCxzhp/xm5yJ+Us3JFeQ=
Subject key identifier: 21:BD:B2:10:9E:FA:11:20:E4:21:BD:52:E3:5B:B4:AD:0F:AD:69:59
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 08D21784
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Ib2yEJ76ESDkIb1S41u0rQ-taVk.roa
Signing time: Fri 07 Jan 2022 22:45:29 +0000
ROA not before: Fri 07 Jan 2022 22:45:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 89.117.190.0/24 maxlen: 24
86.38.151.0/24 maxlen: 24
86.38.156.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.117.245.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.96.0/24 maxlen: 24
86.38.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147986308 (0x8d21784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jan 7 22:45:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21bdb2109efa1120e421bd52e35bb4ad0fad6959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:a0:71:68:25:ab:d0:78:77:78:94:2b:20:
d8:fe:1a:4a:00:a5:a8:81:3b:b3:76:66:9e:98:10:
b4:e3:d2:5d:bd:c3:7a:f6:f7:ca:6b:30:20:b4:fa:
b3:a5:9c:42:c3:59:f5:e4:28:8f:77:1c:48:04:2c:
86:f8:43:7f:e3:8e:25:8f:bd:89:53:29:68:ad:8e:
fe:c1:ea:18:40:64:3d:31:62:c0:e3:c3:72:94:23:
c0:35:12:1e:ed:5a:01:6f:5d:04:2a:78:5d:09:74:
b5:ad:46:e7:40:08:f9:c4:5a:53:69:fb:cd:b9:f3:
6d:23:62:3d:16:12:79:47:f9:85:42:c9:62:a6:5b:
32:74:c4:e4:97:a4:a9:81:b7:18:ff:fc:7f:4c:d0:
3b:cf:ec:87:e4:2a:df:27:46:62:86:ff:b7:71:7b:
e0:b3:90:99:1d:db:fc:59:24:d7:2d:dc:05:29:c9:
f7:64:27:9c:bc:0b:f4:4b:ae:98:6c:f5:ec:1f:43:
5b:ee:2f:c3:36:03:69:04:48:86:75:c6:77:44:0c:
e9:0b:82:7f:36:d4:05:ed:8c:66:8a:47:25:b0:01:
83:92:4b:31:63:84:d1:c3:6b:a6:d1:e5:d9:bd:3a:
37:92:80:3f:39:d2:79:88:ac:4c:5b:2c:22:2e:9f:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:BD:B2:10:9E:FA:11:20:E4:21:BD:52:E3:5B:B4:AD:0F:AD:69:59
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Ib2yEJ76ESDkIb1S41u0rQ-taVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.151.0/24
86.38.156.0/24
86.38.235.0/24
89.116.96.0/24
89.116.137.0/24
89.116.193.0/24
89.117.190.0/24
89.117.245.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ce:86:82:d3:67:08:34:78:89:a2:23:73:f8:be:aa:30:58:
46:0e:e7:1c:cf:51:de:ae:60:75:ec:88:66:a5:24:8b:61:e1:
28:89:8f:27:5e:91:6c:e6:77:38:53:9a:08:09:47:29:9b:29:
1f:07:65:a8:c6:19:23:81:8b:3a:d0:e3:f1:bd:b3:a8:97:1c:
f1:23:a1:0b:99:5c:1b:7a:e4:b5:77:47:f8:78:05:fe:18:b6:
4c:c8:f0:ef:22:bd:1a:b3:4d:25:52:81:1b:9a:7b:bd:c8:34:
ab:ba:f8:ad:79:e4:57:a4:51:ca:c7:0c:16:6a:8e:92:c2:1e:
37:f0:b2:e9:a6:eb:45:10:7d:cb:8e:1f:3e:f3:0c:f4:28:cd:
45:96:a9:5c:9d:54:5b:49:70:ce:86:3e:a6:58:5b:d9:f3:49:
a2:fd:90:fd:c0:e8:54:db:91:ba:d4:a7:ab:70:89:57:1d:9a:
2b:15:55:bf:ea:aa:5c:a3:7b:b8:1c:2a:ef:c4:1e:0c:0d:5e:
75:5c:01:82:62:d4:41:b3:9b:9b:18:40:c1:dd:04:58:37:e5:
e2:66:fb:5f:50:f7:d3:39:55:32:8a:07:c5:1a:a6:f2:8e:f1:
c0:c8:b5:f0:cf:65:be:cf:79:d6:fd:d9:3e:55:3a:1e:3d:87:
0b:75:b1:bb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECNIXhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDEw
NzIyNDUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFiZGIyMTA5ZWZh
MTEyMGU0MjFiZDUyZTM1YmI0YWQwZmFkNjk1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0DoHFoJavQeHd4lCsg2P4aSgClqIE7s3ZmnpgQtOPSXb3D
evb3ymswILT6s6WcQsNZ9eQoj3ccSAQshvhDf+OOJY+9iVMpaK2O/sHqGEBkPTFi
wOPDcpQjwDUSHu1aAW9dBCp4XQl0ta1G50AI+cRaU2n7zbnzbSNiPRYSeUf5hULJ
YqZbMnTE5JekqYG3GP/8f0zQO8/sh+Qq3ydGYob/t3F74LOQmR3b/Fkk1y3cBSnJ
92QnnLwL9EuumGz17B9DW+4vwzYDaQRIhnXGd0QM6QuCfzbUBe2MZopHJbABg5JL
MWOE0cNrptHl2b06N5KAPznSeYisTFssIi6fJysCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQhvbIQnvoRIOQhvVLjW7StD61pWTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0liMnlFSjc2RVNEa0liMVM0MXUwclEtdGFWay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFYmlwMEAFYmnAMEAFYm6wMEAFl0
YAMEAFl0iQMEAFl0wQMEAFl1vgMEAFl19TANBgkqhkiG9w0BAQsFAAOCAQEATs6G
gtNnCDR4iaIjc/i+qjBYRg7nHM9R3q5gdeyIZqUki2HhKImPJ16RbOZ3OFOaCAlH
KZspHwdlqMYZI4GLOtDj8b2zqJcc8SOhC5lcG3rktXdH+HgF/hi2TMjw7yK9GrNN
JVKBG5p7vcg0q7r4rXnkV6RRyscMFmqOksIeN/Cy6abrRRB9y44fPvMM9CjNRZap
XJ1UW0lwzoY+plhb2fNJov2Q/cDoVNuRutSnq3CJVx2aKxVVv+qqXKN7uBwq78Qe
DA1edVwBgmLUQbObmxhAwd0EWDfl4mb7X1D30zlVMooHxRqm8o7xwMi18M9lvs95
1v3ZPlU6Hj2HC3Wxuw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org