Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OcL8zIHHPho4QyoZIJ57-UGFDG8.roa
File: OcL8zIHHPho4QyoZIJ57-UGFDG8.roa (raw, json)
Hash identifier: Jkl5UnrS2ypgDImS0UChJknH/bbBRXwMOpohPrm8Wlc=
Subject key identifier: 39:C2:FC:CC:81:C7:3E:1A:38:43:2A:19:20:9E:7B:F9:41:85:0C:6F
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0A5EA2F1
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OcL8zIHHPho4QyoZIJ57-UGFDG8.roa
Signing time: Sun 17 Apr 2022 08:33:58 +0000
ROA not before: Sun 17 Apr 2022 08:33:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15419
IP address blocks: 82.140.178.0/24 maxlen: 24
82.140.189.0/24 maxlen: 24
86.38.3.0/24 maxlen: 24
86.38.8.0/21 maxlen: 21
89.116.4.0/22 maxlen: 22
89.116.1.0/24 maxlen: 24
89.116.2.0/23 maxlen: 23
89.116.8.0/22 maxlen: 22
217.9.241.0/24 maxlen: 24
89.116.15.0/24 maxlen: 24
89.116.12.0/23 maxlen: 23
89.116.16.0/23 maxlen: 23
217.9.242.0/24 maxlen: 24
89.116.19.0/24 maxlen: 24
89.116.20.0/22 maxlen: 22
217.9.254.0/23 maxlen: 23
89.116.41.0/24 maxlen: 24
89.116.42.0/23 maxlen: 23
185.149.152.0/22 maxlen: 22
89.116.112.0/23 maxlen: 23
89.116.116.0/22 maxlen: 22
89.116.220.0/23 maxlen: 23
82.140.131.0/24 maxlen: 24
89.116.168.0/23 maxlen: 23
2a02:2630::/29 maxlen: 29
2a02:2630::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173974257 (0xa5ea2f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Apr 17 08:33:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39c2fccc81c73e1a38432a19209e7bf941850c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:8f:c8:fa:f6:d8:71:a1:92:d1:32:ff:99:
d2:6d:59:a6:db:db:39:35:15:71:b1:16:48:cb:49:
4a:e0:a8:94:04:b5:61:9f:ca:61:4f:89:6d:5e:8e:
21:b0:85:8b:14:17:44:fd:d3:b2:09:8a:8c:aa:c6:
4f:48:ae:07:87:ff:c5:f0:9b:16:ec:82:7d:99:e8:
57:45:ea:85:47:1e:1e:b3:7c:3c:f8:43:75:87:b0:
07:2d:85:fe:88:da:8e:84:30:dd:12:b4:78:6e:e3:
3f:a2:0e:9f:bb:71:be:b6:2d:7b:5d:1e:66:4c:a9:
42:41:1a:c8:d3:16:ca:cf:78:3a:d6:3f:48:60:2e:
a3:67:8e:27:f7:4f:7f:b8:8d:d6:f8:ce:c1:3a:0d:
3e:11:0b:e0:c7:1f:5f:75:02:06:44:e4:19:bd:d5:
ed:c9:fe:7d:72:6a:9c:af:8e:42:68:36:38:ec:a6:
0e:14:98:47:f6:8d:86:0b:1c:2a:02:72:8e:b8:6a:
a0:d4:5c:f4:ce:d6:36:a1:9e:1e:3b:22:ec:aa:a4:
b1:e8:27:f0:0e:10:ad:86:18:47:8b:2d:e4:6d:42:
e2:51:ff:5c:02:91:4b:62:cb:4c:a1:08:ec:f8:69:
a5:d4:ca:e1:e1:22:29:98:06:ec:54:10:10:4d:54:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C2:FC:CC:81:C7:3E:1A:38:43:2A:19:20:9E:7B:F9:41:85:0C:6F
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OcL8zIHHPho4QyoZIJ57-UGFDG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.131.0/24
82.140.178.0/24
82.140.189.0/24
86.38.3.0/24
86.38.8.0/21
89.116.1.0-89.116.13.255
89.116.15.0-89.116.17.255
89.116.19.0-89.116.23.255
89.116.41.0-89.116.43.255
89.116.112.0/23
89.116.116.0/22
89.116.168.0/23
89.116.220.0/23
185.149.152.0/22
217.9.241.0-217.9.242.255
217.9.254.0/23
IPv6:
2a02:2630::/29
Signature Algorithm: sha256WithRSAEncryption
06:1e:b7:e1:8f:3f:3c:02:91:92:ef:21:c6:b2:84:b1:4c:37:
0e:73:6c:fe:17:49:00:d8:49:5e:c6:7c:6a:b4:f7:5d:92:4a:
4a:52:2f:c4:cb:53:12:12:60:b9:ed:54:78:7a:f6:c8:25:4b:
f6:ae:57:5b:68:67:23:2a:72:fb:8b:1e:21:e1:2c:5b:b1:dc:
46:2c:8b:ec:49:5d:2d:a5:41:b2:ad:13:d9:fd:f7:de:6f:38:
9b:61:23:f6:2e:7e:e8:a4:43:05:58:9d:82:01:81:ea:ef:67:
61:75:3f:71:86:41:43:39:71:30:f8:78:bd:ce:27:62:01:06:
13:44:65:03:5c:27:a6:36:63:08:4b:18:66:97:c8:0a:11:ae:
67:94:60:a1:fd:75:1c:b0:eb:31:22:dc:8c:81:3f:95:dc:3d:
44:6a:55:71:0c:58:f1:14:89:f4:bd:0e:9b:86:b1:56:50:29:
6c:46:cf:45:f5:64:b8:ca:e6:f0:83:95:37:fc:1a:f1:25:b0:
6c:84:3c:1a:0e:27:f2:64:18:5d:63:05:3d:b7:ce:f2:59:13:
7a:ff:e3:8e:e1:b2:80:02:73:1c:b2:8d:30:d7:25:66:c8:93:
f9:6d:0f:66:c8:e7:c1:50:87:fa:5b:ce:86:70:67:ae:26:c6:
10:07:7c:84
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIECl6i8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQx
NzA4MzM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzljMmZjY2M4MWM3
M2UxYTM4NDMyYTE5MjA5ZTdiZjk0MTg1MGM2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfjj8j69thxoZLRMv+Z0m1ZptvbOTUVcbEWSMtJSuColAS1
YZ/KYU+JbV6OIbCFixQXRP3TsgmKjKrGT0iuB4f/xfCbFuyCfZnoV0XqhUceHrN8
PPhDdYewBy2F/ojajoQw3RK0eG7jP6IOn7txvrYte10eZkypQkEayNMWys94OtY/
SGAuo2eOJ/dPf7iN1vjOwToNPhEL4McfX3UCBkTkGb3V7cn+fXJqnK+OQmg2OOym
DhSYR/aNhgscKgJyjrhqoNRc9M7WNqGeHjsi7Kqksegn8A4QrYYYR4st5G1C4lH/
XAKRS2LLTKEI7PhppdTK4eEiKZgG7FQQEE1UiR0CAwEAAaOCAp8wggKbMB0GA1Ud
DgQWBBQ5wvzMgcc+GjhDKhkgnnv5QYUMbzAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L09jTDh6SUhIUGhvNFF5b1pJSjU3LVVHRkRHOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tAYIKwYBBQUHAQcBAf8EgaQwgaEwgY8EAgABMIGIAwQAUoyDAwQAUoyyAwQAUoy9
AwQAViYDAwQDViYIMAwDBABZdAEDBAFZdAwwDAMEAFl0DwMEAVl0EDAMAwQAWXQT
AwQDWXQQMAwDBABZdCkDBAJZdCgDBAFZdHADBAJZdHQDBAFZdKgDBAFZdNwDBAK5
lZgwDAMEANkJ8QMEANkJ8gMEAdkJ/jANBAIAAjAHAwUDKgImMDANBgkqhkiG9w0B
AQsFAAOCAQEABh634Y8/PAKRku8hxrKEsUw3DnNs/hdJANhJXsZ8arT3XZJKSlIv
xMtTEhJgue1UeHr2yCVL9q5XW2hnIypy+4seIeEsW7HcRiyL7EldLaVBsq0T2f33
3m84m2Ej9i5+6KRDBVidggGB6u9nYXU/cYZBQzlxMPh4vc4nYgEGE0RlA1wnpjZj
CEsYZpfIChGuZ5Rgof11HLDrMSLcjIE/ldw9RGpVcQxY8RSJ9L0Om4axVlApbEbP
RfVkuMrm8IOVN/wa8SWwbIQ8Gg4n8mQYXWMFPbfO8lkTev/jjuGygAJzHLKNMNcl
ZsiT+W0PZsjnwVCH+lvOhnBnribGEAd8hA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org