Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Q8yxVgR8E5lB9UFQC1td8U41k2w.roa
File: Q8yxVgR8E5lB9UFQC1td8U41k2w.roa (raw, json)
Hash identifier: AcKS4ojkLAZoHNunaEPNd1wLQADnlU+QARrqQeFTpAs=
Subject key identifier: 43:CC:B1:56:04:7C:13:99:41:F5:41:50:0B:5B:5D:F1:4E:35:93:6C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182E3D0371972387D38D4B75DBD684EC58D
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Q8yxVgR8E5lB9UFQC1td8U41k2w.roa
Signing time: Sun 28 Aug 2022 09:37:29 +0000
ROA not before: Sun 28 Aug 2022 09:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:d0:37:19:72:38:7d:38:d4:b7:5d:bd:68:4e:c5:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 28 09:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43ccb156047c139941f541500b5b5df14e35936c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f8:42:04:c0:45:2d:08:1d:66:40:e5:2d:35:
d2:28:4f:83:b6:64:5c:90:0d:89:b3:fc:2a:70:fc:
5b:6d:6b:9e:c2:fe:bf:c0:cd:e3:bb:54:55:c1:0f:
ed:d6:17:16:f3:32:84:c1:76:e2:97:e7:ac:d6:35:
ee:ba:a3:01:3d:ad:07:e4:71:21:26:52:3a:90:b8:
cb:13:8d:69:a7:b8:93:9a:2b:b6:8f:e1:0d:7c:5c:
af:1b:88:b2:a9:55:22:d3:31:65:a3:1e:42:5b:4f:
b1:44:fb:7d:af:c3:4b:01:ee:e7:5e:2c:6e:47:18:
a5:3f:9c:cc:ea:8c:52:13:36:cb:97:45:f8:28:92:
2c:bb:43:c8:8b:84:9b:35:64:75:e2:f5:f7:17:d5:
0d:12:bc:8e:68:d9:3b:03:2f:f9:87:ba:67:0f:eb:
67:13:06:bf:c2:62:ab:15:7a:0e:68:08:cc:9e:a1:
90:00:4b:5f:7d:f1:11:11:de:ad:99:da:14:d5:c0:
54:12:fb:3b:cd:a9:ad:d0:b3:fa:48:03:ba:95:94:
63:50:81:08:22:e5:34:f2:34:c6:88:65:55:b1:ab:
bd:a0:4b:78:1f:ea:d3:d6:d1:87:8c:95:d5:c0:0e:
ec:fe:63:d6:05:7d:a7:44:94:be:08:f9:f8:aa:de:
93:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:B1:56:04:7C:13:99:41:F5:41:50:0B:5B:5D:F1:4E:35:93:6C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Q8yxVgR8E5lB9UFQC1td8U41k2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.92.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.252.0/24
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
39:79:3c:bc:b0:63:1c:26:bb:c5:fd:73:ac:0e:39:e4:8d:3d:
10:56:b5:ad:ef:1f:d4:3e:38:ef:fa:48:e0:81:d7:c2:dd:3c:
88:fc:6b:9c:60:4e:b2:1f:53:17:98:07:35:b5:21:d0:79:7e:
f7:45:8f:75:37:d4:85:0d:2b:23:e0:b1:3d:3a:e7:9c:4f:93:
42:54:0c:27:cf:2c:2d:10:c7:76:4c:e4:f9:42:ee:98:ce:e5:
a5:63:bb:4c:ae:2c:7a:21:d4:de:2a:de:72:1f:b3:5e:31:03:
68:b9:8c:4e:80:24:6f:0b:46:ee:88:5e:66:1a:41:b6:f5:d4:
f7:9e:43:4d:80:81:bc:16:a1:68:55:aa:9e:56:fc:52:60:f2:
77:c8:d4:8f:9a:f9:d7:19:cb:ed:73:a6:b2:62:53:55:89:c9:
d2:bc:5e:0b:8a:97:e6:42:21:b4:6c:a2:25:10:65:71:5e:02:
03:89:42:b5:77:2c:df:b0:a2:c0:84:51:7c:74:25:d8:6b:f3:
6b:23:c6:1d:8a:d9:45:85:a6:c5:95:a7:90:7e:2b:f7:72:a0:
0a:68:8c:53:b4:7f:cf:68:6a:ed:9e:64:5f:64:52:96:89:db:
55:a4:fd:bc:54:ec:2c:d3:b3:9d:7b:f8:20:5d:f6:c0:5d:71:
01:09:52:75
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYLj0DcZcjh9ONS3Xb1oTsWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI4MDkzNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NjYjE1NjA0N2MxMzk5NDFmNTQxNTAwYjViNWRmMTRlMzU5MzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfhCBMBFLQgdZkDlLTXSKE+DtmRc
kA2Js/wqcPxbbWuewv6/wM3ju1RVwQ/t1hcW8zKEwXbil+es1jXuuqMBPa0H5HEh
JlI6kLjLE41pp7iTmiu2j+ENfFyvG4iyqVUi0zFlox5CW0+xRPt9r8NLAe7nXixu
RxilP5zM6oxSEzbLl0X4KJIsu0PIi4SbNWR14vX3F9UNEryOaNk7Ay/5h7pnD+tn
Ewa/wmKrFXoOaAjMnqGQAEtfffEREd6tmdoU1cBUEvs7zamt0LP6SAO6lZRjUIEI
IuU08jTGiGVVsau9oEt4H+rT1tGHjJXVwA7s/mPWBX2nRJS+CPn4qt6TBwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEPMsVYEfBOZQfVBUAtbXfFONZNsMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvUTh5eFZnUjhFNWxCOVVGUUMxdGQ4VTQxazJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAWXRcAwQA
WXSEAwQAWXSHAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSxAwQAWXTaAwQA
WXT8AwQBWXUgAwQAWXVtAwQAWXWBAwQAWXW+AwQAWXXeMA0GCSqGSIb3DQEBCwUA
A4IBAQA5eTy8sGMcJrvF/XOsDjnkjT0QVrWt7x/UPjjv+kjggdfC3TyI/GucYE6y
H1MXmAc1tSHQeX73RY91N9SFDSsj4LE9OuecT5NCVAwnzywtEMd2TOT5Qu6YzuWl
Y7tMrix6IdTeKt5yH7NeMQNouYxOgCRvC0buiF5mGkG29dT3nkNNgIG8FqFoVaqe
VvxSYPJ3yNSPmvnXGcvtc6ayYlNVicnSvF4LipfmQiG0bKIlEGVxXgIDiUK1dyzf
sKLAhFF8dCXYa/NrI8YditlFhabFlaeQfiv3cqAKaIxTtH/PaGrtnmRfZFKWidtV
pP28VOws07Ode/ggXfbAXXEBCVJ1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org