Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/M2-e9aJNQPOJcX6FE6EW7KlCEnA.roa
File: M2-e9aJNQPOJcX6FE6EW7KlCEnA.roa (raw, json)
Hash identifier: Sl42mpOn5tQNRN2jJsNtWl/BJEuWpDdEQxmq538os6s=
Subject key identifier: 33:6F:9E:F5:A2:4D:40:F3:89:71:7E:85:13:A1:16:EC:A9:42:12:70
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183D063C698F1A6364639E63642503E6BC3
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/M2-e9aJNQPOJcX6FE6EW7KlCEnA.roa
Signing time: Thu 13 Oct 2022 08:09:03 +0000
ROA not before: Thu 13 Oct 2022 08:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.80.0/22 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.104.0/22 maxlen: 24
89.116.32.0/21 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.180.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
89.117.40.0/21 maxlen: 24
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:63:c6:98:f1:a6:36:46:39:e6:36:42:50:3e:6b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 13 08:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=336f9ef5a24d40f389717e8513a116eca9421270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:1f:3d:e0:9d:d0:01:6d:99:2d:88:a6:78:
28:b5:52:81:57:54:c4:26:9b:b1:2f:f9:6d:fa:69:
6e:d0:0e:2e:6c:06:b1:d6:e6:47:95:03:35:1a:ef:
a4:f8:d1:0a:92:4c:6b:fe:ca:e4:85:4e:64:89:7d:
af:6a:46:b0:e8:c1:ac:39:f3:3e:6b:59:09:3f:33:
2d:61:37:71:4b:2a:09:84:9d:40:28:ee:d3:51:2d:
2f:7d:d9:e1:a9:3a:2d:77:6d:77:33:18:c4:00:86:
50:f0:4e:c2:37:bd:b6:8d:6c:2a:05:57:2d:fa:4f:
4c:da:d2:33:55:12:35:72:c4:59:ea:4f:98:24:d2:
3a:7c:78:2d:f7:93:c0:d9:b9:97:94:1d:10:a9:1d:
a8:97:91:53:88:7f:23:bc:e5:68:2c:d9:f4:08:68:
2b:8e:7d:44:76:4b:78:a6:8a:db:0d:46:8b:d4:9d:
38:45:5d:82:28:49:85:8c:5a:5c:2d:72:0e:8d:b5:
38:09:fe:d8:b6:45:41:bc:90:9b:b6:ab:dc:fa:ef:
50:02:b1:35:c7:ba:4b:bd:bf:67:63:c3:1a:d9:d6:
ed:f2:ba:65:1a:1c:5e:35:e7:19:cc:e7:7a:79:69:
b2:36:eb:0f:90:af:7e:dd:01:77:79:ea:88:17:a6:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6F:9E:F5:A2:4D:40:F3:89:71:7E:85:13:A1:16:EC:A9:42:12:70
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/M2-e9aJNQPOJcX6FE6EW7KlCEnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.32.0/21
89.116.80.0/21
89.116.180.0/22
89.116.237.0/24
89.117.16.0/21
89.117.40.0/21
89.117.80.0/22
89.117.104.0/22
89.117.157.0/24
89.117.164.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:b8:61:93:82:62:74:84:eb:95:b1:55:a1:1f:8e:fc:3c:ee:
45:b8:78:e6:f8:69:49:b2:e5:1d:b0:9b:dc:54:51:4f:c0:8d:
00:ca:c0:6a:6b:0d:15:b1:a2:2f:e7:b1:2e:a3:c3:ad:9d:d1:
ae:ce:99:f6:07:af:2c:e2:5b:c8:7f:7b:9b:cf:aa:68:fe:ea:
89:05:dd:ec:b5:ed:a3:a1:0f:cf:34:1d:5b:b6:27:71:89:cb:
df:f3:93:de:31:2f:b5:34:21:47:85:dd:00:0b:01:b3:58:7f:
ad:f9:7f:34:cd:8c:52:46:72:8c:e5:a5:90:36:51:6a:0d:9e:
ca:3c:52:bb:72:d4:8e:9a:3f:1a:3c:72:b5:68:e7:86:33:a2:
37:4c:0d:af:45:8d:e0:61:1c:f5:66:d3:32:71:ab:99:ba:88:
af:74:94:41:61:b7:6f:80:50:1b:d3:f0:8b:3d:b5:44:b4:a1:
6d:62:e3:81:52:06:31:89:d1:a9:9b:9c:6a:aa:5f:ea:0c:c4:
16:4e:5a:8b:5d:f9:01:76:03:03:f3:5f:c3:f3:f9:f6:3d:32:
95:ef:c1:6c:5a:85:57:c3:c6:49:84:dd:4f:a7:e7:86:8b:aa:
b8:98:56:a3:23:00:eb:8d:4b:f9:62:f7:e9:5b:ff:07:31:cb:
49:cb:90:36
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYPQY8aY8aY2RjnmNkJQPmvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDEzMDgwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZmOWVmNWEyNGQ0MGYzODk3MTdlODUxM2ExMTZlY2E5NDIxMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY8fPeCd0AFtmS2IpngotVKBV1TE
JpuxL/lt+mlu0A4ubAax1uZHlQM1Gu+k+NEKkkxr/srkhU5kiX2vakaw6MGsOfM+
a1kJPzMtYTdxSyoJhJ1AKO7TUS0vfdnhqTotd213MxjEAIZQ8E7CN722jWwqBVct
+k9M2tIzVRI1csRZ6k+YJNI6fHgt95PA2bmXlB0QqR2ol5FTiH8jvOVoLNn0CGgr
jn1Edkt4porbDUaL1J04RV2CKEmFjFpcLXIOjbU4Cf7YtkVBvJCbtqvc+u9QArE1
x7pLvb9nY8Ma2dbt8rplGhxeNecZzOd6eWmyNusPkK9+3QF3eeqIF6YRQwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDNvnvWiTUDziXF+hROhFuypQhJwMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvTTItZTlhSk5RUE9KY1g2RkU2RVc3S2xDRW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCVC7sAwQD
WXQgAwQDWXRQAwQCWXS0AwQAWXTtAwQDWXUQAwQDWXUoAwQCWXVQAwQCWXVoAwQA
WXWdAwQAWXWkMA0GCSqGSIb3DQEBCwUAA4IBAQCouGGTgmJ0hOuVsVWhH478PO5F
uHjm+GlJsuUdsJvcVFFPwI0AysBqaw0VsaIv57Euo8OtndGuzpn2B68s4lvIf3ub
z6po/uqJBd3ste2joQ/PNB1btidxicvf85PeMS+1NCFHhd0ACwGzWH+t+X80zYxS
RnKM5aWQNlFqDZ7KPFK7ctSOmj8aPHK1aOeGM6I3TA2vRY3gYRz1ZtMycauZuoiv
dJRBYbdvgFAb0/CLPbVEtKFtYuOBUgYxidGpm5xqql/qDMQWTlqLXfkBdgMD81/D
8/n2PTKV78FsWoVXw8ZJhN1Pp+eGi6q4mFajIwDrjUv5YvfpW/8HMctJy5A2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org