Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/O06PGv7LDTebHKH8XGJqKR6064c.roa
File: O06PGv7LDTebHKH8XGJqKR6064c.roa (raw, json)
Hash identifier: rJjux0Voyr6Vc4TekIi/zEJaUz3X2sD9UQ+1WLorOSc=
Subject key identifier: 3B:4E:8F:1A:FE:CB:0D:37:9B:1C:A1:FC:5C:62:6A:29:1E:B4:EB:87
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 09B85B7A
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/O06PGv7LDTebHKH8XGJqKR6064c.roa
Signing time: Tue 22 Feb 2022 05:56:57 +0000
ROA not before: Tue 22 Feb 2022 05:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142617
IP address blocks: 89.117.101.0/24 maxlen: 24
89.116.248.0/24 maxlen: 24
89.117.111.0/24 maxlen: 24
89.116.44.0/22 maxlen: 24
89.116.48.0/22 maxlen: 24
89.117.15.0/24 maxlen: 24
89.117.144.0/21 maxlen: 24
89.117.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163076986 (0x9b85b7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 22 05:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b4e8f1afecb0d379b1ca1fc5c626a291eb4eb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:cc:ae:de:76:6d:06:2b:00:a9:7b:e7:b0:
85:a1:67:49:b8:7b:ea:65:5c:39:79:a5:f9:6f:7c:
2c:0d:41:9b:c2:c4:cd:78:08:7a:09:22:81:31:87:
90:46:dd:51:01:2c:96:82:76:17:17:ea:96:5a:d8:
43:81:50:c4:86:62:09:e9:b1:a9:70:18:a2:1c:a5:
6f:fa:46:2b:d7:ca:d0:af:e5:f9:54:89:74:70:da:
23:da:ad:9c:5f:d1:5a:ad:4e:ee:8d:f3:f3:71:1d:
e8:a7:03:12:b9:f2:b8:bc:03:32:96:57:b6:39:a1:
15:36:8c:c3:ba:8a:5a:89:81:65:56:e3:49:54:67:
52:09:90:77:e0:a1:14:ae:f4:c2:86:78:dd:27:bb:
8c:c8:51:a5:81:a6:af:57:55:fe:b9:eb:f0:01:56:
99:5a:93:43:50:5b:39:4d:e5:d0:11:6d:d7:75:c2:
3f:9f:24:ac:3d:be:f0:f2:6d:00:ed:4e:30:e0:fb:
62:97:04:58:2f:8f:b8:40:0a:87:cd:14:75:6f:cc:
da:13:16:a4:ab:da:b6:e6:c9:27:3c:ee:b2:2c:14:
d1:bc:50:ef:21:dd:e5:91:4a:d5:35:66:0e:76:76:
a9:bf:c6:93:53:80:d5:2a:49:69:b0:b4:86:0f:cb:
4d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:8F:1A:FE:CB:0D:37:9B:1C:A1:FC:5C:62:6A:29:1E:B4:EB:87
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/O06PGv7LDTebHKH8XGJqKR6064c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.44.0-89.116.51.255
89.116.248.0/24
89.117.15.0/24
89.117.35.0/24
89.117.101.0/24
89.117.111.0/24
89.117.144.0/21
Signature Algorithm: sha256WithRSAEncryption
26:58:b4:7c:9e:d1:7d:bc:51:10:b1:13:2a:6b:c0:c7:03:9b:
10:1b:f1:18:45:30:78:37:65:3e:2f:eb:b4:b0:3c:f7:3a:6d:
eb:b5:26:0c:38:0e:8b:b2:e5:9b:59:6f:5e:cb:ca:9c:33:bc:
60:88:b2:db:b7:59:db:e8:ab:13:96:64:5c:dd:fa:14:f9:91:
0e:50:5b:51:ca:e4:1a:41:6b:60:8c:82:74:d5:c4:80:a5:19:
b6:5f:0f:de:84:71:54:42:ad:af:20:ef:c3:34:b5:6c:64:5b:
bf:23:ca:d9:d3:32:40:6a:ad:0e:50:d3:8b:63:45:1a:85:b7:
83:28:ca:44:cb:39:83:27:a6:da:7f:5c:83:f4:96:e1:0e:af:
4b:8f:e9:a8:3e:61:3b:f5:c3:93:3c:b6:b2:92:41:85:da:f2:
84:93:37:60:87:66:df:1a:aa:b6:50:ca:48:8a:78:50:fa:39:
b6:35:ac:fe:1b:8b:3b:4a:69:ab:11:07:6a:08:7c:bb:f3:2d:
30:4c:0d:d5:8f:3a:04:1b:a2:11:f2:26:55:20:3b:fe:af:9b:
e5:94:f3:15:94:24:7c:a9:a1:e4:e4:43:c3:79:24:18:b5:db:
75:13:36:0c:cb:02:da:bf:2c:b6:c7:5b:40:7e:cb:ca:07:36:
d6:0a:07:1a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECbhbejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIy
MjA1NTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I0ZThmMWFmZWNi
MGQzNzliMWNhMWZjNWM2MjZhMjkxZWI0ZWI4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALItzK7edm0GKwCpe+ewhaFnSbh76mVcOXml+W98LA1Bm8LE
zXgIegkigTGHkEbdUQEsloJ2FxfqllrYQ4FQxIZiCemxqXAYohylb/pGK9fK0K/l
+VSJdHDaI9qtnF/RWq1O7o3z83Ed6KcDErnyuLwDMpZXtjmhFTaMw7qKWomBZVbj
SVRnUgmQd+ChFK70woZ43Se7jMhRpYGmr1dV/rnr8AFWmVqTQ1BbOU3l0BFt13XC
P58krD2+8PJtAO1OMOD7YpcEWC+PuEAKh80UdW/M2hMWpKvatubJJzzusiwU0bxQ
7yHd5ZFK1TVmDnZ2qb/Gk1OA1SpJabC0hg/LTRUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQ7To8a/ssNN5scofxcYmopHrTrhzAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L08wNlBHdjdMRFRlYkhLSDhYR0pxS1I2MDY0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMjAMAwQCWXQsAwQCWXQwAwQAWXT4AwQA
WXUPAwQAWXUjAwQAWXVlAwQAWXVvAwQDWXWQMA0GCSqGSIb3DQEBCwUAA4IBAQAm
WLR8ntF9vFEQsRMqa8DHA5sQG/EYRTB4N2U+L+u0sDz3Om3rtSYMOA6LsuWbWW9e
y8qcM7xgiLLbt1nb6KsTlmRc3foU+ZEOUFtRyuQaQWtgjIJ01cSApRm2Xw/ehHFU
Qq2vIO/DNLVsZFu/I8rZ0zJAaq0OUNOLY0UahbeDKMpEyzmDJ6baf1yD9JbhDq9L
j+moPmE79cOTPLaykkGF2vKEkzdgh2bfGqq2UMpIinhQ+jm2Naz+G4s7SmmrEQdq
CHy78y0wTA3VjzoEG6IR8iZVIDv+r5vllPMVlCR8qaHk5EPDeSQYtdt1EzYMywLa
vyy2x1tAfsvKBzbWCgca
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:26 2025 by rpki-client