Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/NBUmV20miuwG_YReO-h_chNuhHY.roa
File: NBUmV20miuwG_YReO-h_chNuhHY.roa (raw, json)
Hash identifier: gHylWyY6FCfzDBN9OaxR9vlJMGprf1SMF4pRsKnbA+o=
Subject key identifier: 34:15:26:57:6D:26:8A:EC:06:FD:84:5E:3B:E8:7F:72:13:6E:84:76
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182A09ACC11B3148AA5311299953FF021DB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/NBUmV20miuwG_YReO-h_chNuhHY.roa
Signing time: Mon 15 Aug 2022 08:24:35 +0000
ROA not before: Mon 15 Aug 2022 08:24:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.140.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
86.38.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a0:9a:cc:11:b3:14:8a:a5:31:12:99:95:3f:f0:21:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 15 08:24:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=341526576d268aec06fd845e3be87f72136e8476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:dc:64:62:00:73:3e:b6:b9:88:c1:3c:71:
a9:0d:c3:77:f8:4a:7b:d5:4b:96:10:79:40:2f:18:
5c:f7:51:b7:b5:f7:7f:75:88:0b:f5:c3:40:fe:c6:
f4:32:3c:11:b8:bf:42:f5:f9:1b:e1:33:38:f7:97:
7a:6d:c0:99:e4:26:90:db:98:65:79:ea:66:1f:e6:
a6:05:e7:3f:68:40:e5:0a:35:08:97:84:2e:8a:b8:
e2:90:74:18:16:24:38:2e:17:b8:34:65:3a:3f:9b:
63:02:9f:b7:53:7a:16:aa:93:cd:b7:e4:6d:43:9f:
37:39:75:35:64:4e:61:d2:b5:63:41:b8:e8:0d:97:
29:d7:e7:b0:0c:30:c5:b9:47:0d:f7:d8:2d:82:b3:
4f:22:56:bf:c4:83:d7:fc:6e:d2:14:52:07:1e:bf:
18:00:5e:56:41:c2:b5:35:e0:61:fb:4e:7a:e5:b1:
c0:11:da:1e:4c:eb:65:40:69:ab:d7:73:f2:19:cb:
fa:33:e1:d6:42:70:0e:11:a4:2f:6f:51:57:d5:f3:
b8:69:79:34:0b:3c:78:b7:6c:b8:b1:03:ae:ac:0a:
06:89:fb:7c:c4:7e:02:2d:1a:e5:77:b9:fe:a3:bc:
22:93:aa:48:bc:13:64:48:7f:0e:c5:aa:f7:24:b3:
05:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:15:26:57:6D:26:8A:EC:06:FD:84:5E:3B:E8:7F:72:13:6E:84:76
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/NBUmV20miuwG_YReO-h_chNuhHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.238.0/24
89.116.132.0/24
89.116.140.0/24
89.116.166.0/24
89.116.179.0/24
89.116.255.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:be:94:bb:5c:cb:e7:ba:bd:86:10:22:e7:71:38:61:9d:86:
9c:6f:c5:71:79:41:d8:87:ef:c0:d8:ed:9c:c4:53:17:2c:ac:
36:99:d0:28:88:36:4c:8a:79:db:8b:0f:b0:45:13:97:81:d8:
fb:55:55:78:89:9e:09:1c:3e:92:23:0c:64:cf:07:0c:a6:5e:
29:dd:10:aa:e7:11:dd:ff:06:36:9f:2f:cb:e4:ef:24:b0:81:
9f:ea:4e:4e:84:6b:fa:ff:9f:99:a8:2d:33:82:39:1b:1e:d6:
f4:7a:e8:06:18:13:27:77:89:ae:3f:3e:a2:e8:d0:05:4c:5e:
d8:91:60:c9:51:06:33:27:1f:7a:58:50:db:45:41:49:e0:52:
5b:f1:e9:8e:fb:09:0a:26:03:98:e2:90:7b:b9:7d:37:c8:69:
54:87:f2:e7:de:f4:49:c7:26:1b:d1:65:2c:90:14:35:b0:3d:
6c:4f:66:ef:54:01:76:c4:4e:b6:d0:c6:ec:4f:bd:5a:fc:e9:
9e:0d:b5:47:b6:81:b6:2f:98:a6:0b:e1:85:68:ce:15:4b:19:
9d:b7:82:f3:e5:e1:12:72:ea:77:c4:00:04:f6:ac:27:fd:bf:
eb:19:d3:5e:05:17:94:10:76:be:30:ed:42:62:f8:40:2b:ec:
96:ea:0f:49
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYKgmswRsxSKpTESmZU/8CHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE1MDgyNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE1MjY1NzZkMjY4YWVjMDZmZDg0NWUzYmU4N2Y3MjEzNmU4NDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqbcZGIAcz62uYjBPHGpDcN3+Ep7
1UuWEHlALxhc91G3tfd/dYgL9cNA/sb0MjwRuL9C9fkb4TM495d6bcCZ5CaQ25hl
eepmH+amBec/aEDlCjUIl4QuirjikHQYFiQ4Lhe4NGU6P5tjAp+3U3oWqpPNt+Rt
Q583OXU1ZE5h0rVjQbjoDZcp1+ewDDDFuUcN99gtgrNPIla/xIPX/G7SFFIHHr8Y
AF5WQcK1NeBh+0565bHAEdoeTOtlQGmr13PyGcv6M+HWQnAOEaQvb1FX1fO4aXk0
Czx4t2y4sQOurAoGift8xH4CLRrld7n+o7wik6pIvBNkSH8Oxar3JLMFCwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDQVJldtJorsBv2EXjvof3ITboR2MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvTkJVbVYyMG1pdXdHX1lSZU8taF9jaE51aEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVibuAwQA
WXSEAwQAWXSMAwQAWXSmAwQAWXSzAwQAWXT/AwQAWXXeMA0GCSqGSIb3DQEBCwUA
A4IBAQBrvpS7XMvnur2GECLncThhnYacb8VxeUHYh+/A2O2cxFMXLKw2mdAoiDZM
innbiw+wRROXgdj7VVV4iZ4JHD6SIwxkzwcMpl4p3RCq5xHd/wY2ny/L5O8ksIGf
6k5OhGv6/5+ZqC0zgjkbHtb0eugGGBMnd4muPz6i6NAFTF7YkWDJUQYzJx96WFDb
RUFJ4FJb8emO+wkKJgOY4pB7uX03yGlUh/Ln3vRJxyYb0WUskBQ1sD1sT2bvVAF2
xE620MbsT71a/OmeDbVHtoG2L5imC+GFaM4VSxmdt4Lz5eEScup3xAAE9qwn/b/r
GdNeBReUEHa+MO1CYvhAK+yW6g9J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:17 2025 by rpki-client