Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/TMXCc8KFASu93Di79EKxdDd2x8E.roa
File: TMXCc8KFASu93Di79EKxdDd2x8E.roa (raw, json)
Hash identifier: j0y5UmH8W7XkEcUNqzDDYl9mQLd7K8kd0XW88e1OR0Y=
Subject key identifier: 4C:C5:C2:73:C2:85:01:2B:BD:DC:38:BB:F4:42:B1:74:37:76:C7:C1
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D8FDD8478674180C1AFE3229784D5D37
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/TMXCc8KFASu93Di79EKxdDd2x8E.roa
Signing time: Fri 26 Aug 2022 07:11:30 +0000
ROA not before: Fri 26 Aug 2022 07:11:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 89.116.106.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.117.104.0/22 maxlen: 24
89.116.44.0/22 maxlen: 24
89.116.48.0/22 maxlen: 24
89.116.60.0/22 maxlen: 24
89.117.152.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:fd:d8:47:86:74:18:0c:1a:fe:32:29:78:4d:5d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 26 07:11:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cc5c273c285012bbddc38bbf442b1743776c7c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3d:ae:0c:16:05:80:51:bb:d6:87:06:f1:2a:
4a:14:14:9c:80:49:33:52:f4:23:e9:22:9a:ef:91:
67:bb:fa:ab:4a:45:ba:9c:13:27:80:3c:0f:38:9b:
8a:88:09:b8:43:d3:d2:67:91:e2:c6:ac:79:62:70:
54:e2:d4:18:e6:95:ff:3c:fa:46:cf:98:02:ad:d1:
ae:43:85:59:bc:92:44:85:47:ef:e1:4e:01:1d:e4:
20:72:bd:e6:6a:9a:26:a8:06:25:69:64:f8:f3:87:
14:b7:4d:a1:37:72:f0:72:71:6a:42:5d:46:40:d6:
5c:44:df:3e:2b:ef:0b:cf:3c:82:54:03:91:c6:c0:
c9:a1:bc:c9:78:3e:de:1b:87:a6:22:86:74:51:d8:
4a:a8:19:a6:4a:5e:d0:a4:96:6e:c2:91:13:fa:07:
3d:dc:74:a8:c7:81:a9:fb:47:fe:de:01:2f:93:81:
39:2c:8c:54:58:09:67:31:4b:21:a8:27:d0:9d:87:
38:20:5c:40:10:bd:6f:e2:aa:70:5c:6c:5a:be:33:
0a:ae:f6:2d:3c:75:2c:fa:07:bd:e8:c8:8b:b0:f1:
cf:c1:b1:ea:eb:13:95:3b:8d:c5:ec:eb:3e:59:ef:
4e:d0:03:5f:18:61:41:74:e4:58:12:7e:69:a7:42:
1c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C5:C2:73:C2:85:01:2B:BD:DC:38:BB:F4:42:B1:74:37:76:C7:C1
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/TMXCc8KFASu93Di79EKxdDd2x8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.44.0-89.116.51.255
89.116.60.0/22
89.116.106.0/23
89.116.126.0/23
89.116.212.0/22
89.117.104.0/22
89.117.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:74:a1:7a:c9:67:e7:3d:18:03:18:e3:b0:c1:13:a0:98:e5:
de:81:da:4d:2a:20:76:7e:cb:96:d0:cb:55:ae:33:5b:cf:f1:
e1:07:5c:43:af:67:07:a8:a9:dc:75:b6:c7:b6:21:16:6d:18:
48:73:e6:a7:f5:57:2c:ea:d2:d7:3c:17:69:d3:97:74:6c:bf:
6d:dc:46:f3:c3:55:3f:aa:a6:fc:7c:a2:bb:0f:db:eb:42:86:
4c:f4:5a:29:78:0c:1d:d8:b5:14:e7:c7:d9:bf:6f:d1:62:75:
8e:16:90:0a:fc:e6:18:4c:5d:b9:da:3c:cc:84:ff:09:a5:5e:
2f:3f:48:f9:6a:14:a9:b7:06:9e:d4:ba:f6:ad:a0:8d:76:be:
fe:73:ee:e8:e4:0c:b4:d8:ee:01:d0:bd:e6:dc:de:cf:ab:cc:
f2:19:69:3c:ef:c7:3c:71:3c:35:8e:54:f1:ec:b7:77:ab:c9:
68:30:3d:2c:65:ce:9f:84:d9:10:81:24:42:35:a7:80:e0:eb:
db:18:98:aa:b5:59:7a:e1:2c:8b:ed:b8:11:13:2f:24:e1:0d:
dd:42:2b:95:dc:01:d0:93:1c:b6:08:dc:77:f7:f2:66:14:dc:
c8:4e:5a:fb:66:4d:3c:d7:0d:33:b2:eb:3d:4c:31:bb:77:e9:
62:1d:34:c0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYLY/dhHhnQYDBr+Mil4TV03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI2MDcxMTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M1YzI3M2MyODUwMTJiYmRkYzM4YmJmNDQyYjE3NDM3NzZjN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D2uDBYFgFG71ocG8SpKFBScgEkz
UvQj6SKa75Fnu/qrSkW6nBMngDwPOJuKiAm4Q9PSZ5Hixqx5YnBU4tQY5pX/PPpG
z5gCrdGuQ4VZvJJEhUfv4U4BHeQgcr3mapomqAYlaWT484cUt02hN3LwcnFqQl1G
QNZcRN8+K+8LzzyCVAORxsDJobzJeD7eG4emIoZ0UdhKqBmmSl7QpJZuwpET+gc9
3HSox4Gp+0f+3gEvk4E5LIxUWAlnMUshqCfQnYc4IFxAEL1v4qpwXGxavjMKrvYt
PHUs+ge96MiLsPHPwbHq6xOVO43F7Os+We9O0ANfGGFBdORYEn5pp0Ic+QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEzFwnPChQErvdw4u/RCsXQ3dsfBMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvVE1YQ2M4S0ZBU3U5M0RpNzlFS3hkRGQyeDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAJZdCwD
BAJZdDADBAJZdDwDBAFZdGoDBAFZdH4DBAJZdNQDBAJZdWgDBAJZdZgwDQYJKoZI
hvcNAQELBQADggEBAGx0oXrJZ+c9GAMY47DBE6CY5d6B2k0qIHZ+y5bQy1WuM1vP
8eEHXEOvZweoqdx1tse2IRZtGEhz5qf1Vyzq0tc8F2nTl3Rsv23cRvPDVT+qpvx8
orsP2+tChkz0Wil4DB3YtRTnx9m/b9FidY4WkAr85hhMXbnaPMyE/wmlXi8/SPlq
FKm3Bp7UuvatoI12vv5z7ujkDLTY7gHQvebc3s+rzPIZaTzvxzxxPDWOVPHst3er
yWgwPSxlzp+E2RCBJEI1p4Dg69sYmKq1WXrhLIvtuBETLyThDd1CK5XcAdCTHLYI
3Hf38mYU3MhOWvtmTTzXDTOy6z1MMbt36WIdNMA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org