Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PaPkcostc2tt_oLKnYfHYbL_4vc.roa
File: PaPkcostc2tt_oLKnYfHYbL_4vc.roa (raw, json)
Hash identifier: MTCtqP5ITe8C36rYdFGIOaq6KQ5v2Hjuf12YqC+7XeU=
Subject key identifier: 3D:A3:E4:72:8B:2D:73:6B:6D:FE:82:CA:9D:87:C7:61:B2:FF:E2:F7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0ACC5E79
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PaPkcostc2tt_oLKnYfHYbL_4vc.roa
Signing time: Thu 12 May 2022 07:52:03 +0000
ROA not before: Thu 12 May 2022 07:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.80.0/22 maxlen: 24
89.117.104.0/22 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.72.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
89.116.224.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.116.32.0/21 maxlen: 24
89.117.0.0/22 maxlen: 24
89.116.180.0/22 maxlen: 24
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181165689 (0xacc5e79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 12 07:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3da3e4728b2d736b6dfe82ca9d87c761b2ffe2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:40:58:3f:50:75:a6:bf:68:77:7c:93:da:
ec:4d:82:2b:86:e2:dc:94:b6:ab:1e:5c:90:47:a8:
f1:c5:b4:94:4e:b4:2b:21:fc:96:ab:52:a6:53:75:
50:40:a7:9f:2f:ce:dd:55:f8:3a:10:15:98:54:ec:
bc:4f:7e:3e:99:52:3e:45:c3:f9:d1:6c:bf:ce:66:
a2:44:32:47:e6:80:81:ea:24:29:4d:a6:7b:f1:f7:
0e:7b:cf:5b:e3:31:26:c0:25:9f:1b:09:bf:ca:a1:
fb:a9:4c:5f:3c:80:7e:90:cc:46:85:41:b5:02:29:
3d:8f:46:34:b1:9b:08:32:9e:28:3b:70:54:4d:63:
51:1d:44:24:e1:4e:1b:2d:b5:29:90:d2:f4:56:de:
cf:b1:67:0f:7f:3c:72:d9:e8:0f:ac:bc:77:b3:c1:
4b:ff:ff:fc:0f:fe:4c:83:8b:46:3b:10:10:41:22:
5b:95:59:39:0b:09:5b:70:1e:3e:94:5b:f3:8f:89:
7d:6c:d5:9e:dc:03:70:31:75:de:e7:8e:0c:0c:b4:
87:4a:df:d5:a4:44:36:3c:ff:15:05:3a:0f:e5:1b:
4d:50:a2:1f:ca:0e:73:c6:3b:ef:18:e5:92:b4:a0:
7a:29:33:4b:fe:97:7f:15:67:52:8a:71:de:38:80:
82:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A3:E4:72:8B:2D:73:6B:6D:FE:82:CA:9D:87:C7:61:B2:FF:E2:F7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PaPkcostc2tt_oLKnYfHYbL_4vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.32.0/21
89.116.72.0/22
89.116.80.0/21
89.116.180.0/22
89.116.212.0/22
89.116.224.0/21
89.116.237.0/24
89.117.0.0/22
89.117.16.0/21
89.117.80.0/22
89.117.104.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:fe:cb:4c:b3:42:0b:d5:1b:bb:65:df:cd:9a:cf:4d:ef:90:
8d:c3:29:1e:a2:a5:5d:7c:23:8d:51:cc:37:ed:d4:a0:e3:17:
17:30:01:73:d6:a3:4c:66:81:38:03:88:c8:06:81:19:b5:12:
8b:ab:ec:01:1a:0a:ef:49:a1:42:bc:ad:93:79:bd:58:71:0c:
55:d6:9c:d8:96:17:8c:60:ef:37:3a:63:41:50:a3:c7:8b:61:
ee:8d:98:5f:00:a2:aa:42:be:5d:93:1e:01:33:80:bb:97:63:
13:80:03:22:d1:54:04:98:fd:bf:2c:e4:a4:bd:cf:0b:c1:8f:
53:2e:0c:be:0b:21:3a:b7:b3:7b:af:c3:01:c7:93:00:8b:65:
38:26:15:8d:2a:6a:2a:6a:68:7f:9b:68:40:bb:d8:a2:21:88:
2f:90:a0:e9:18:e1:49:41:ba:2a:12:88:9f:65:e2:4c:74:8b:
21:eb:9b:86:e3:9a:81:ca:92:17:52:35:87:61:2d:60:d8:8d:
aa:8a:36:17:6c:62:a6:fe:34:10:fc:7a:57:78:ff:f4:09:ea:
b8:ec:aa:f8:06:4e:da:9a:b5:7c:9f:c2:b7:d8:c5:80:70:9d:
de:dd:61:c7:ed:82:c7:29:86:af:81:75:6f:80:f9:33:66:e0:
af:d9:e4:0d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIECsxeeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MjA3NTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RhM2U0NzI4YjJk
NzM2YjZkZmU4MmNhOWQ4N2M3NjFiMmZmZTJmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALj9QFg/UHWmv2h3fJPa7E2CK4bi3JS2qx5ckEeo8cW0lE60
KyH8lqtSplN1UECnny/O3VX4OhAVmFTsvE9+PplSPkXD+dFsv85mokQyR+aAgeok
KU2me/H3DnvPW+MxJsAlnxsJv8qh+6lMXzyAfpDMRoVBtQIpPY9GNLGbCDKeKDtw
VE1jUR1EJOFOGy21KZDS9Fbez7FnD388ctnoD6y8d7PBS////A/+TIOLRjsQEEEi
W5VZOQsJW3AePpRb84+JfWzVntwDcDF13ueODAy0h0rf1aRENjz/FQU6D+UbTVCi
H8oOc8Y77xjlkrSgeikzS/6XfxVnUopx3jiAgpsCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBQ9o+Ryiy1za23+gsqdh8dhsv/i9zAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L1BhUGtjb3N0YzJ0dF9vTEtuWWZIWWJMXzR2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAlQu7AMEA1l0IAMEAll0SAMEA1l0
UAMEAll0tAMEAll01AMEA1l04AMEAFl07QMEAll1AAMEA1l1EAMEAll1UAMEAll1
aAMEAFl1nQMEAFl1pAMEAFl1qzANBgkqhkiG9w0BAQsFAAOCAQEAqf7LTLNCC9Ub
u2XfzZrPTe+QjcMpHqKlXXwjjVHMN+3UoOMXFzABc9ajTGaBOAOIyAaBGbUSi6vs
ARoK70mhQrytk3m9WHEMVdac2JYXjGDvNzpjQVCjx4th7o2YXwCiqkK+XZMeATOA
u5djE4ADItFUBJj9vyzkpL3PC8GPUy4MvgshOreze6/DAceTAItlOCYVjSpqKmpo
f5toQLvYoiGIL5Cg6RjhSUG6KhKIn2XiTHSLIeubhuOagcqSF1I1h2EtYNiNqoo2
F2xipv40EPx6V3j/9AnquOyq+AZO2pq1fJ/Ct9jFgHCd3t1hx+2CxymGr4F1b4D5
M2bgr9nkDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org