Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/QMES0PMdOzCdLSboHYxAiXTVHiw.roa
File: QMES0PMdOzCdLSboHYxAiXTVHiw.roa (raw, json)
Hash identifier: Fefx5BiKBFAxft5OvagTG+IYedlrea99O9Qu/3f5djA=
Subject key identifier: 40:C1:12:D0:F3:1D:3B:30:9D:2D:26:E8:1D:8C:40:89:74:D5:1E:2C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0956B657
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/QMES0PMdOzCdLSboHYxAiXTVHiw.roa
Signing time: Fri 04 Feb 2022 05:58:21 +0000
ROA not before: Fri 04 Feb 2022 05:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 86.38.37.0/24 maxlen: 24
86.38.156.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
89.116.64.0/22 maxlen: 24
89.117.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156677719 (0x956b657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 4 05:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40c112d0f31d3b309d2d26e81d8c408974d51e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9e:4a:92:f0:91:7a:d1:fd:bb:74:c0:f1:48:
90:bc:96:fc:73:eb:77:5e:03:a1:41:d7:80:9c:ed:
b9:c1:aa:b5:8f:49:91:e1:ba:37:e3:37:6e:3d:b6:
32:66:11:93:d4:be:9a:aa:72:8a:87:26:53:fb:ad:
4d:f4:84:32:ea:b0:71:a5:f9:6b:ae:54:c1:fb:ff:
cb:19:f2:3c:4f:b3:60:19:80:93:ef:c7:65:ad:b7:
3b:88:e4:d8:5c:e4:6c:85:8a:c4:25:8b:e3:73:2a:
a0:37:09:ee:84:fe:b1:70:4a:b9:61:af:0f:d5:b8:
ff:ce:9d:4e:63:3a:9d:30:1b:e5:3f:49:e7:07:2c:
67:e2:31:e2:02:3d:7f:31:d5:76:e9:b1:78:ae:02:
69:48:16:8c:f2:88:ad:54:36:d9:56:d4:7f:10:c0:
d2:79:a3:8e:e2:03:05:f2:fa:55:05:8f:e2:c1:1b:
0f:59:8c:a3:22:71:aa:39:83:d5:17:93:70:39:16:
78:ae:7d:96:d0:a1:88:26:29:d0:09:bd:61:b8:7b:
a6:4c:71:e1:d8:78:7c:31:17:c7:a2:41:d8:15:1b:
b9:1b:dd:87:67:02:b6:39:7b:fe:dc:a2:9e:c1:1e:
56:6b:18:f0:62:11:b5:b3:b1:05:ae:dd:41:fa:13:
23:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C1:12:D0:F3:1D:3B:30:9D:2D:26:E8:1D:8C:40:89:74:D5:1E:2C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/QMES0PMdOzCdLSboHYxAiXTVHiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.37.0/24
86.38.156.0/24
86.38.177.0/24
89.116.64.0/22
89.117.172.0/22
Signature Algorithm: sha256WithRSAEncryption
98:16:54:a2:76:de:95:6b:c2:c5:5e:cb:5b:ea:c4:a0:57:6e:
a1:2a:6c:a3:2e:d2:8c:31:1f:6d:50:91:bf:3f:24:35:98:53:
81:18:da:23:d6:31:17:b9:4b:99:ab:6a:58:ce:ca:a7:c3:c3:
82:6e:29:ff:1f:60:2a:de:e4:cb:e4:bd:12:b5:92:b2:fe:61:
34:88:64:69:7f:5a:af:29:c4:3e:fb:cb:3f:ba:80:b7:6f:a9:
56:d9:a2:e3:8f:eb:08:15:07:e2:09:1e:d0:d8:12:79:8c:46:
b8:2e:0a:a0:20:03:1d:7b:c5:93:af:9c:20:b3:04:7d:80:ae:
63:c7:61:20:32:5d:c5:86:6b:3f:f2:b0:a9:33:e4:e7:e8:e1:
cf:2b:71:a7:65:e4:49:17:c5:e6:c9:d8:c6:a2:86:31:a4:8f:
7e:6d:79:12:e0:ff:d8:08:de:20:36:32:7e:29:57:20:64:39:
71:1d:a7:f1:5b:22:93:a0:8e:5a:32:cd:77:c2:a1:1a:d3:0e:
0e:36:55:16:2c:7d:f3:c1:7e:03:36:75:b0:29:d8:0a:d6:29:
9a:32:6c:df:a4:9f:79:e6:d7:03:fc:8e:77:7c:34:99:ca:a2:
8e:c9:ac:e4:9d:bb:75:7d:0a:16:88:83:8a:72:ab:55:01:07:
05:50:e3:6d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECVa2VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIw
NDA1NTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBjMTEyZDBmMzFk
M2IzMDlkMmQyNmU4MWQ4YzQwODk3NGQ1MWUyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCeSpLwkXrR/bt0wPFIkLyW/HPrd14DoUHXgJztucGqtY9J
keG6N+M3bj22MmYRk9S+mqpyiocmU/utTfSEMuqwcaX5a65Uwfv/yxnyPE+zYBmA
k+/HZa23O4jk2FzkbIWKxCWL43MqoDcJ7oT+sXBKuWGvD9W4/86dTmM6nTAb5T9J
5wcsZ+Ix4gI9fzHVdumxeK4CaUgWjPKIrVQ22VbUfxDA0nmjjuIDBfL6VQWP4sEb
D1mMoyJxqjmD1ReTcDkWeK59ltChiCYp0Am9Ybh7pkxx4dh4fDEXx6JB2BUbuRvd
h2cCtjl7/tyinsEeVmsY8GIRtbOxBa7dQfoTI50CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRAwRLQ8x07MJ0tJugdjECJdNUeLDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L1FNRVMwUE1kT3pDZExTYm9IWXhBaVhUVkhpdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFYmJQMEAFYmnAMEAFYmsQMEAll0
QAMEAll1rDANBgkqhkiG9w0BAQsFAAOCAQEAmBZUonbelWvCxV7LW+rEoFduoSps
oy7SjDEfbVCRvz8kNZhTgRjaI9YxF7lLmatqWM7Kp8PDgm4p/x9gKt7ky+S9ErWS
sv5hNIhkaX9arynEPvvLP7qAt2+pVtmi44/rCBUH4gke0NgSeYxGuC4KoCADHXvF
k6+cILMEfYCuY8dhIDJdxYZrP/KwqTPk5+jhzytxp2XkSRfF5snYxqKGMaSPfm15
EuD/2AjeIDYyfilXIGQ5cR2n8Vsik6COWjLNd8KhGtMODjZVFix988F+AzZ1sCnY
CtYpmjJs36SfeebXA/yOd3w0mcqijsms5J27dX0KFoiDinKrVQEHBVDjbQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org