Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OM7XAC4vesNsLhSBLhcplThXIJw.roa
File: OM7XAC4vesNsLhSBLhcplThXIJw.roa (raw, json)
Hash identifier: MZvJoOmqLx1jfH+SDHBmm5TkkNbeju2OibyD2qGbNuo=
Subject key identifier: 38:CE:D7:00:2E:2F:7A:C3:6C:2E:14:81:2E:17:29:95:38:57:20:9C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183B1D6580C03B68298353C6FA43C91B7C1
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OM7XAC4vesNsLhSBLhcplThXIJw.roa
Signing time: Fri 07 Oct 2022 09:45:57 +0000
ROA not before: Fri 07 Oct 2022 09:45:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.80.0/22 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.104.0/22 maxlen: 24
89.116.32.0/21 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.180.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
89.117.40.0/21 maxlen: 24
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:d6:58:0c:03:b6:82:98:35:3c:6f:a4:3c:91:b7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 7 09:45:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38ced7002e2f7ac36c2e14812e1729953857209c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:47:e9:4e:2f:d5:31:4c:ed:4e:fa:d8:c6:2a:
d4:70:a0:12:cc:41:70:32:fc:9d:ca:44:95:c3:ce:
bb:43:29:00:76:92:77:be:b5:12:6e:47:02:a2:19:
11:77:c6:c6:65:69:de:9d:51:74:06:e3:94:99:f3:
53:5b:ae:dd:83:53:75:e2:de:e2:7f:3f:86:6d:8d:
3f:f7:01:c2:98:82:f1:7b:0c:f6:8f:ef:ce:35:e0:
d6:47:08:48:75:43:ae:18:b9:18:b9:d1:4e:6b:7c:
51:3b:40:d7:5b:79:03:cf:45:a2:c7:45:cc:56:ec:
b8:86:f5:ce:fb:0a:87:e2:28:f3:73:99:66:a9:ec:
6a:18:5d:fd:77:37:f4:b5:a4:34:1b:cf:07:f9:6f:
50:bb:f0:12:5f:aa:5c:b5:25:e0:1d:2d:99:a8:79:
6d:ae:b4:85:09:e2:d9:6a:d2:42:9b:9e:8a:15:f1:
ff:5f:69:45:76:42:2e:41:48:37:0c:62:d9:5b:66:
ba:30:f1:88:b4:f8:2e:d9:54:de:2e:28:ae:ad:2e:
e7:a1:97:26:de:9d:a7:6d:36:bc:ef:8e:40:b0:8f:
6c:37:7e:15:96:f6:c5:a1:05:6c:fe:de:83:3f:71:
82:97:1f:01:de:9e:90:71:49:02:08:55:44:17:bf:
ef:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CE:D7:00:2E:2F:7A:C3:6C:2E:14:81:2E:17:29:95:38:57:20:9C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OM7XAC4vesNsLhSBLhcplThXIJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.32.0/21
89.116.80.0/21
89.116.180.0/22
89.116.237.0/24
89.117.16.0/21
89.117.40.0/21
89.117.80.0/22
89.117.104.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:08:ea:b2:c6:c1:2d:fd:43:ef:f6:cc:2f:01:9b:8f:5f:ce:
dc:cb:63:1d:fc:a9:28:f4:cf:5d:24:9d:63:bf:60:2e:1d:20:
3d:c1:fd:ea:87:a3:71:22:67:54:af:37:6f:c8:f9:e1:04:d4:
cc:86:79:91:48:92:37:95:9c:4d:0d:5e:1e:c5:fd:f1:61:c3:
27:5c:47:47:be:91:1b:4d:42:4d:f6:95:e8:44:04:93:3c:52:
aa:fc:9c:a7:ea:32:a8:79:ba:60:4d:69:6f:da:d6:ac:5d:7f:
bc:7a:b6:b0:64:35:1d:52:f7:49:25:c4:e6:6c:7c:47:27:cd:
ed:e5:15:05:fb:35:30:82:29:5b:6b:e2:0b:a6:53:ff:ce:a9:
ef:c1:b3:d5:06:82:db:7e:da:7e:00:8f:e8:05:2c:32:7e:69:
c2:2a:0f:66:07:1b:4c:a2:b8:94:60:12:0b:e5:2b:74:87:2e:
a2:9b:a0:88:7c:73:ab:d5:72:36:0a:d5:c6:f2:66:56:f8:23:
5b:c5:df:83:77:08:80:72:d3:20:98:13:18:50:c1:37:d3:8a:
c5:ea:83:61:7e:4f:36:e9:aa:ff:86:89:72:c1:4f:c3:2e:91:
d3:98:b2:23:64:3b:5b:c0:c3:f2:ff:ff:91:f6:e6:9b:ab:ff:
a5:7a:45:83
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYOx1lgMA7aCmDU8b6Q8kbfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDA3MDk0NTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNlZDcwMDJlMmY3YWMzNmMyZTE0ODEyZTE3Mjk5NTM4NTcyMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00fpTi/VMUztTvrYxirUcKASzEFw
MvydykSVw867QykAdpJ3vrUSbkcCohkRd8bGZWnenVF0BuOUmfNTW67dg1N14t7i
fz+GbY0/9wHCmILxewz2j+/ONeDWRwhIdUOuGLkYudFOa3xRO0DXW3kDz0Wix0XM
Vuy4hvXO+wqH4ijzc5lmqexqGF39dzf0taQ0G88H+W9Qu/ASX6pctSXgHS2ZqHlt
rrSFCeLZatJCm56KFfH/X2lFdkIuQUg3DGLZW2a6MPGItPgu2VTeLiiurS7noZcm
3p2nbTa8745AsI9sN34VlvbFoQVs/t6DP3GClx8B3p6QcUkCCFVEF7/vIwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDjO1wAuL3rDbC4UgS4XKZU4VyCcMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvT003WEFDNHZlc05zTGhTQkxoY3BsVGhYSUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCVC7sAwQD
WXQgAwQDWXRQAwQCWXS0AwQAWXTtAwQDWXUQAwQDWXUoAwQCWXVQAwQCWXVoAwQA
WXWdAwQAWXWkAwQAWXWrMA0GCSqGSIb3DQEBCwUAA4IBAQA8COqyxsEt/UPv9swv
AZuPX87cy2Md/Kko9M9dJJ1jv2AuHSA9wf3qh6NxImdUrzdvyPnhBNTMhnmRSJI3
lZxNDV4exf3xYcMnXEdHvpEbTUJN9pXoRASTPFKq/Jyn6jKoebpgTWlv2tasXX+8
erawZDUdUvdJJcTmbHxHJ83t5RUF+zUwgilba+ILplP/zqnvwbPVBoLbftp+AI/o
BSwyfmnCKg9mBxtMoriUYBIL5St0hy6im6CIfHOr1XI2CtXG8mZW+CNbxd+DdwiA
ctMgmBMYUME304rF6oNhfk826ar/holywU/DLpHTmLIjZDtbwMPy//+R9uabq/+l
ekWD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org