Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Mo9NYjvieuA1aWyqWlXglAy47mE.roa
File: Mo9NYjvieuA1aWyqWlXglAy47mE.roa (raw, json)
Hash identifier: OLjEhcnQR0n496tLBmmUAyp1N0ridhWQuSdTMC9DfbE=
Subject key identifier: 32:8F:4D:62:3B:E2:7A:E0:35:69:6C:AA:5A:55:E0:94:0C:B8:EE:61
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 09F2B248
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Mo9NYjvieuA1aWyqWlXglAy47mE.roa
Signing time: Thu 17 Mar 2022 06:35:41 +0000
ROA not before: Thu 17 Mar 2022 06:35:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 86.38.151.0/24 maxlen: 24
89.116.144.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.124.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.117.136.0/24 maxlen: 24
89.117.38.0/24 maxlen: 24
86.38.7.0/24 maxlen: 24
89.116.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166900296 (0x9f2b248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Mar 17 06:35:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=328f4d623be27ae035696caa5a55e0940cb8ee61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a6:26:17:3e:25:12:ca:9b:46:75:0e:a9:94:
c6:96:06:bd:11:6f:d1:69:e6:cf:d6:03:64:2b:d0:
ad:9e:30:46:e1:2e:48:4d:23:53:6a:65:de:65:cf:
3a:50:8a:ba:7a:58:1c:30:cc:15:4a:ff:89:5d:18:
fc:37:73:f2:82:35:3f:e1:1d:26:f2:0d:3c:cf:f1:
20:f9:e6:4b:79:e3:8d:cb:69:32:1a:d1:30:97:e2:
74:9e:30:21:df:af:da:da:95:be:08:70:b8:50:5a:
71:90:77:fb:bf:40:96:5b:52:29:b4:43:72:94:d8:
4a:b8:99:5c:c1:8a:46:53:53:51:9c:23:68:ac:2a:
78:2e:a1:a0:30:e7:2b:c0:eb:74:37:45:7e:18:93:
6a:4d:e3:5f:38:4a:8e:16:8d:14:38:f2:05:9d:06:
27:42:f6:b4:47:64:24:3f:06:3d:00:80:c7:c1:52:
47:d6:4d:4f:a0:f9:f1:93:14:70:92:15:32:91:81:
ce:5f:db:ed:0e:fc:e9:e4:b5:a2:64:b6:07:a5:79:
e7:ee:88:60:d4:46:22:b5:bc:f0:a6:b1:08:ce:3b:
05:53:bc:c5:23:2c:d0:fe:89:48:57:cf:95:4a:c8:
c9:b7:5d:4c:2e:79:c6:3c:52:0f:b3:04:78:bb:a1:
5c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8F:4D:62:3B:E2:7A:E0:35:69:6C:AA:5A:55:E0:94:0C:B8:EE:61
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Mo9NYjvieuA1aWyqWlXglAy47mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.171.0/24
86.38.7.0/24
86.38.151.0/24
89.116.96.0/24
89.116.144.0/24
89.116.168.0/24
89.117.38.0/24
89.117.118.0/24
89.117.124.0/24
89.117.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:b3:3c:5d:a3:1e:ea:52:b3:f1:06:1f:5a:d8:64:62:67:9a:
45:9f:ca:cb:0c:e0:97:34:de:cb:9b:e7:17:39:5e:77:4c:06:
2f:fd:8c:84:97:02:1a:b4:63:8a:37:c0:bb:81:e8:26:e7:24:
db:7b:bf:ab:7a:0e:c3:da:a0:6e:1f:fe:51:e1:51:48:66:7f:
99:b1:24:21:49:a5:10:dc:8f:e1:1b:57:df:09:33:8f:60:7c:
87:86:d5:3c:b7:30:38:71:b0:18:a9:e3:42:99:fe:6f:f9:8d:
b2:59:68:67:9f:27:0c:f8:69:bf:31:46:1f:ae:81:a7:a0:73:
02:2b:14:16:0b:9f:73:db:a7:fc:72:2d:eb:e4:5a:45:2a:5a:
59:e9:a7:21:d0:8d:6a:57:02:3c:6a:7c:6b:2c:5b:c8:50:34:
94:07:f2:aa:50:17:37:57:57:86:6c:0d:0e:b7:10:7e:ce:01:
86:77:ec:71:56:72:c2:d1:d3:82:f1:e6:b0:18:66:a9:30:a7:
f7:cb:59:e8:06:6f:4d:66:4c:7f:64:61:c3:d6:4a:2b:5b:b7:
89:4a:d2:b7:94:91:20:5e:60:b4:80:44:4d:fb:a5:92:0c:ae:
2d:45:c0:8e:07:45:40:4d:a3:0e:49:ee:ab:3a:e4:c0:da:d6:
da:3a:3e:9f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECfKySDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDMx
NzA2MzU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI4ZjRkNjIzYmUy
N2FlMDM1Njk2Y2FhNWE1NWUwOTQwY2I4ZWU2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANamJhc+JRLKm0Z1DqmUxpYGvRFv0Wnmz9YDZCvQrZ4wRuEu
SE0jU2pl3mXPOlCKunpYHDDMFUr/iV0Y/Ddz8oI1P+EdJvINPM/xIPnmS3njjctp
MhrRMJfidJ4wId+v2tqVvghwuFBacZB3+79AlltSKbRDcpTYSriZXMGKRlNTUZwj
aKwqeC6hoDDnK8DrdDdFfhiTak3jXzhKjhaNFDjyBZ0GJ0L2tEdkJD8GPQCAx8FS
R9ZNT6D58ZMUcJIVMpGBzl/b7Q786eS1omS2B6V55+6IYNRGIrW88KaxCM47BVO8
xSMs0P6JSFfPlUrIybddTC55xjxSD7MEeLuhXHMCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBQyj01iO+J64DVpbKpaVeCUDLjuYTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L01vOU5ZanZpZXVBMWFXeXFXbFhnbEF5NDdtRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFQuqwMEAFYmBwMEAFYmlwMEAFl0
YAMEAFl0kAMEAFl0qAMEAFl1JgMEAFl1dgMEAFl1fAMEAFl1iDANBgkqhkiG9w0B
AQsFAAOCAQEAjLM8XaMe6lKz8QYfWthkYmeaRZ/KywzglzTey5vnFzled0wGL/2M
hJcCGrRjijfAu4HoJuck23u/q3oOw9qgbh/+UeFRSGZ/mbEkIUmlENyP4RtX3wkz
j2B8h4bVPLcwOHGwGKnjQpn+b/mNslloZ58nDPhpvzFGH66Bp6BzAisUFgufc9un
/HIt6+RaRSpaWemnIdCNalcCPGp8ayxbyFA0lAfyqlAXN1dXhmwNDrcQfs4Bhnfs
cVZywtHTgvHmsBhmqTCn98tZ6AZvTWZMf2Rhw9ZKK1u3iUrSt5SRIF5gtIBETful
kgyuLUXAjgdFQE2jDknuqzrkwNrW2jo+nw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org