Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/LgKcoI31O3IQfQSTv8Vhge19rsk.roa
File: LgKcoI31O3IQfQSTv8Vhge19rsk.roa (raw, json)
Hash identifier: y/1EXI3yIaKzNaT3tzB0eC7hRsNwvm5tOFEO/sKUVzU=
Subject key identifier: 2E:02:9C:A0:8D:F5:3B:72:10:7D:04:93:BF:C5:61:81:ED:7D:AE:C9
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0B5BDACC
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/LgKcoI31O3IQfQSTv8Vhge19rsk.roa
Signing time: Sun 12 Jun 2022 14:18:03 +0000
ROA not before: Sun 12 Jun 2022 14:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 89.116.108.0/24 maxlen: 24
89.117.188.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190569164 (0xb5bdacc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jun 12 14:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e029ca08df53b72107d0493bfc56181ed7daec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b5:70:6b:b8:b0:c9:80:a6:e6:97:7b:a5:39:
9e:c1:1e:b8:60:2d:b3:82:90:b3:91:0b:62:7a:a9:
a8:84:5b:de:86:c8:4c:84:54:fc:db:10:2e:09:1b:
49:a6:ec:df:e8:35:a4:c9:02:51:1f:35:64:df:33:
83:26:e7:09:08:d4:a6:cb:1c:90:f2:a7:9e:80:9d:
de:92:cc:b4:71:b0:0b:b2:0a:ca:0c:ef:51:c8:ff:
86:05:49:dc:0c:01:a1:54:c5:1d:fd:f3:ea:f7:c5:
3e:fb:c1:83:38:49:e9:c5:51:81:88:6a:53:de:1b:
b1:54:03:6d:01:b1:c5:cb:e3:e6:d0:28:af:48:00:
ee:e0:15:51:e7:f4:43:98:34:33:40:ba:e6:2c:45:
8f:22:41:70:12:c0:ff:9c:f4:44:96:4e:ef:38:ca:
21:63:70:9d:f9:50:d6:8f:54:66:3c:65:88:95:3d:
18:d3:12:c3:47:ae:88:aa:81:c0:28:f9:d5:52:a4:
82:70:b5:b0:d9:22:78:0d:d1:01:0e:42:73:84:e0:
1f:87:bb:99:79:fa:78:9b:95:b4:c6:bd:7b:79:52:
89:c0:a4:44:f3:8f:2b:93:40:3b:2b:c3:78:88:85:
e8:a3:20:91:70:e0:12:43:4d:e7:49:51:b7:ba:19:
3b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:02:9C:A0:8D:F5:3B:72:10:7D:04:93:BF:C5:61:81:ED:7D:AE:C9
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/LgKcoI31O3IQfQSTv8Vhge19rsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.108.0/24
89.116.128.0/24
89.116.153.0-89.116.154.255
89.117.139.0/24
89.117.188.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f8:4c:f3:8a:af:c6:1b:51:36:fc:4b:b7:db:32:50:a6:ae:
6c:3c:51:ea:72:75:71:53:bb:f4:f1:0e:10:06:be:28:25:5f:
d6:5e:cd:5e:81:f0:97:d7:52:12:c8:62:81:b4:26:35:3d:10:
93:1c:4b:50:81:61:04:4c:25:54:f0:3a:90:dd:9b:c7:31:11:
71:e2:0a:cd:07:e2:84:c7:b8:18:01:3e:b0:0e:0a:80:4d:08:
bc:43:47:38:a1:79:90:8f:23:60:2f:31:6b:bc:a4:a9:8b:fd:
7c:65:d7:02:df:ac:c1:e9:84:a5:53:0c:86:36:5c:9b:52:bd:
b7:ef:6c:69:7b:3c:15:ba:ed:db:5c:5a:52:df:b4:57:2e:23:
22:10:6e:50:49:fa:ad:d9:78:c1:f5:f3:02:3c:18:3f:a9:c8:
2a:62:b0:8a:da:d8:9b:c6:b5:ac:15:8a:35:8d:cd:f1:15:e8:
9a:13:0d:a3:87:c8:8a:d6:6b:86:98:8c:6d:c0:40:80:38:5d:
da:16:b2:e8:b6:e8:f7:e9:35:b2:5b:a0:83:ba:d9:7f:3d:64:
a9:7c:fa:cc:c9:22:b9:02:f8:6f:52:a1:d6:e5:40:52:d5:0b:
bf:4d:fa:a9:14:d0:28:44:f0:13:f6:73:e0:fd:7e:1e:e6:14:
54:c8:69:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEC1vazDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDYx
MjE0MTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwMjljYTA4ZGY1
M2I3MjEwN2QwNDkzYmZjNTYxODFlZDdkYWVjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJm1cGu4sMmApuaXe6U5nsEeuGAts4KQs5ELYnqpqIRb3obI
TIRU/NsQLgkbSabs3+g1pMkCUR81ZN8zgybnCQjUpssckPKnnoCd3pLMtHGwC7IK
ygzvUcj/hgVJ3AwBoVTFHf3z6vfFPvvBgzhJ6cVRgYhqU94bsVQDbQGxxcvj5tAo
r0gA7uAVUef0Q5g0M0C65ixFjyJBcBLA/5z0RJZO7zjKIWNwnflQ1o9UZjxliJU9
GNMSw0euiKqBwCj51VKkgnC1sNkieA3RAQ5Cc4TgH4e7mXn6eJuVtMa9e3lSicCk
RPOPK5NAOyvDeIiF6KMgkXDgEkNN50lRt7oZO70CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQuApygjfU7chB9BJO/xWGB7X2uyTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0xnS2NvSTMxTzNJUWZRU1R2OFZoZ2UxOXJzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAFl0bAMEAFl0gDAMAwQAWXSZAwQA
WXSaAwQAWXWLAwQAWXW8MA0GCSqGSIb3DQEBCwUAA4IBAQAk+Ezziq/GG1E2/Eu3
2zJQpq5sPFHqcnVxU7v08Q4QBr4oJV/WXs1egfCX11ISyGKBtCY1PRCTHEtQgWEE
TCVU8DqQ3ZvHMRFx4grNB+KEx7gYAT6wDgqATQi8Q0c4oXmQjyNgLzFrvKSpi/18
ZdcC36zB6YSlUwyGNlybUr2372xpezwVuu3bXFpS37RXLiMiEG5QSfqt2XjB9fMC
PBg/qcgqYrCK2tibxrWsFYo1jc3xFeiaEw2jh8iK1muGmIxtwECAOF3aFrLotuj3
6TWyW6CDutl/PWSpfPrMySK5AvhvUqHW5UBS1Qu/TfqpFNAoRPAT9nPg/X4e5hRU
yGlu
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org