Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IpmErh1B0swkeEnW7jgA6bkPM7Q.roa
File: IpmErh1B0swkeEnW7jgA6bkPM7Q.roa (raw, json)
Hash identifier: /94WCFK7KBt8BbGCdIlZ3qOrKURVnNqE7N7axMyqckY=
Subject key identifier: 22:99:84:AE:1D:41:D2:CC:24:78:49:D6:EE:38:00:E9:B9:0F:33:B4
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0AB51C69
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IpmErh1B0swkeEnW7jgA6bkPM7Q.roa
Signing time: Mon 09 May 2022 20:20:50 +0000
ROA not before: Mon 09 May 2022 20:20:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.116.236.0/24 maxlen: 24
89.116.234.0/24 maxlen: 24
89.116.244.0/24 maxlen: 24
89.116.241.0/24 maxlen: 24
84.46.170.0/24 maxlen: 24
89.117.218.0/24 maxlen: 24
89.117.15.0/24 maxlen: 24
89.117.35.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179641449 (0xab51c69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 9 20:20:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=229984ae1d41d2cc247849d6ee3800e9b90f33b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:b0:d1:cf:a6:89:cf:2b:3b:0a:b8:1b:52:
fc:07:11:64:05:f5:de:d8:26:5f:49:f2:61:e1:7c:
ed:2f:f5:ab:23:a0:dc:78:7e:31:42:54:28:1c:5e:
42:7b:a9:c2:43:41:f4:b8:d6:f2:57:ad:e8:5a:a4:
cc:ef:d4:e1:59:90:9f:57:bc:b2:2d:65:9e:1e:d4:
97:5c:3c:8b:4c:17:d6:29:e2:a1:1c:b4:ea:4e:e8:
7c:d1:9f:a2:31:17:d1:b8:26:c8:65:7d:29:9f:71:
00:ef:0d:6d:32:26:7c:d1:52:51:24:e7:d5:0a:2c:
50:b8:25:43:dd:1f:bf:b7:ed:0d:a1:15:93:95:df:
ed:ed:98:c3:d0:ac:30:e1:be:50:63:f6:f4:7a:95:
f7:07:38:32:91:0c:cf:46:8c:81:e3:bf:6e:c7:1d:
98:7b:de:1c:40:80:e2:c9:a6:98:52:ff:87:2b:72:
d9:9a:08:4f:9e:82:85:fc:2b:cb:09:6b:dd:ee:23:
b1:f6:dd:f4:d9:a9:01:b0:8d:bc:1f:95:44:aa:85:
c2:7d:92:f0:c8:94:3f:2b:50:36:26:95:91:ec:99:
f8:a7:af:be:3f:73:d6:ea:c3:5a:e0:a3:a5:c7:64:
b9:fe:53:70:40:69:13:73:43:61:6c:76:00:96:2a:
91:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:99:84:AE:1D:41:D2:CC:24:78:49:D6:EE:38:00:E9:B9:0F:33:B4
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IpmErh1B0swkeEnW7jgA6bkPM7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
89.116.102.0/24
89.116.234.0/24
89.116.236.0/24
89.116.241.0/24
89.116.244.0/24
89.117.15.0/24
89.117.35.0/24
89.117.218.0/24
Signature Algorithm: sha256WithRSAEncryption
70:28:03:fb:df:e1:7f:c1:15:e3:08:fe:10:27:87:c6:5f:f2:
63:aa:ea:81:96:ad:8b:b5:81:ee:6c:05:50:82:47:33:a2:33:
d8:df:15:7e:71:6d:a1:0e:87:86:99:9a:38:8f:96:df:29:f4:
68:f8:d6:ee:6d:e9:2c:65:37:39:24:04:90:a5:b7:a9:d3:dd:
71:82:ae:f5:f3:5d:9d:02:fb:73:3f:27:be:b8:10:23:2b:42:
15:fd:71:75:2d:9c:3d:2a:2b:93:26:b1:9f:b5:00:56:e5:02:
82:20:28:99:3f:1c:d1:c7:22:d8:cf:3a:66:0e:9c:43:b5:8c:
3d:e4:1e:a6:79:fd:9a:d7:87:fe:46:dc:5e:d8:0d:eb:d9:e9:
5c:04:50:b6:25:80:78:32:c0:30:bf:fe:12:3e:d4:d4:ff:18:
c3:21:cd:16:92:92:63:da:b5:7e:ee:31:bd:8e:f4:2d:b4:19:
bd:3e:e2:15:7f:c4:db:6b:a8:2a:c6:75:88:59:b9:14:31:96:
9c:24:b5:4c:bf:64:cd:fc:79:0c:e5:80:e2:5c:16:ee:05:ff:
d3:b9:d0:79:c1:87:24:79:ec:8e:80:f9:16:21:6b:23:4f:78:
ed:53:ad:a6:b7:14:3b:fb:9d:cf:1c:59:0c:6c:06:7a:1b:45:
40:87:39:65
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECrUcaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUw
OTIwMjA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI5OTg0YWUxZDQx
ZDJjYzI0Nzg0OWQ2ZWUzODAwZTliOTBmMzNiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc7sNHPponPKzsKuBtS/AcRZAX13tgmX0nyYeF87S/1qyOg
3Hh+MUJUKBxeQnupwkNB9LjW8let6FqkzO/U4VmQn1e8si1lnh7Ul1w8i0wX1ini
oRy06k7ofNGfojEX0bgmyGV9KZ9xAO8NbTImfNFSUSTn1QosULglQ90fv7ftDaEV
k5Xf7e2Yw9CsMOG+UGP29HqV9wc4MpEMz0aMgeO/bscdmHveHECA4smmmFL/hyty
2ZoIT56Chfwrywlr3e4jsfbd9NmpAbCNvB+VRKqFwn2S8MiUPytQNiaVkeyZ+Kev
vj9z1urDWuCjpcdkuf5TcEBpE3NDYWx2AJYqkdkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQimYSuHUHSzCR4SdbuOADpuQ8ztDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0lwbUVyaDFCMHN3a2VFblc3amdBNmJrUE03US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAFQuqgMEAFl0ZgMEAFl06gMEAFl0
7AMEAFl08QMEAFl09AMEAFl1DwMEAFl1IwMEAFl12jANBgkqhkiG9w0BAQsFAAOC
AQEAcCgD+9/hf8EV4wj+ECeHxl/yY6rqgZati7WB7mwFUIJHM6Iz2N8VfnFtoQ6H
hpmaOI+W3yn0aPjW7m3pLGU3OSQEkKW3qdPdcYKu9fNdnQL7cz8nvrgQIytCFf1x
dS2cPSorkyaxn7UAVuUCgiAomT8c0cci2M86Zg6cQ7WMPeQepnn9mteH/kbcXtgN
69npXARQtiWAeDLAML/+Ej7U1P8YwyHNFpKSY9q1fu4xvY70LbQZvT7iFX/E22uo
KsZ1iFm5FDGWnCS1TL9kzfx5DOWA4lwW7gX/07nQecGHJHnsjoD5FiFrI0947VOt
prcUO/udzxxZDGwGehtFQIc5ZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org