Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VLk0MiDDRlS_VYXCSC1KVy-XiBs.roa
File: VLk0MiDDRlS_VYXCSC1KVy-XiBs.roa (raw, json)
Hash identifier: HCgDVNTp82k0O6wZmgzwqt8QXLgwpb8CHsZjdNdVAc8=
Subject key identifier: 54:B9:34:32:20:C3:46:54:BF:55:85:C2:48:2D:4A:57:2F:97:88:1B
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182EEBD0C90B7E33D5CF38B00FB159DCAA8
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VLk0MiDDRlS_VYXCSC1KVy-XiBs.roa
Signing time: Tue 30 Aug 2022 12:32:22 +0000
ROA not before: Tue 30 Aug 2022 12:32:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ee:bd:0c:90:b7:e3:3d:5c:f3:8b:00:fb:15:9d:ca:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 30 12:32:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54b9343220c34654bf5585c2482d4a572f97881b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:66:a5:6a:5e:64:0c:7e:7c:d9:27:dd:ec:
58:2c:83:49:bb:a9:bf:94:eb:09:f7:71:d8:b1:05:
1c:75:f7:77:92:db:78:84:70:be:d8:f6:eb:64:af:
9e:db:cc:63:89:56:50:be:33:14:78:0c:ec:04:53:
40:f6:ad:c0:63:6a:15:f2:48:f9:ab:8f:96:8a:8f:
90:98:da:70:b7:01:3c:3b:cd:a0:6b:69:6a:a6:e1:
3d:7b:16:1f:cf:ad:d2:86:4c:1e:97:ac:d7:10:4e:
25:64:0f:12:80:b1:f1:03:0f:00:a3:13:5c:44:69:
2f:3c:38:87:66:7d:8a:51:02:35:b3:0a:56:a8:af:
18:cb:88:bb:a9:35:66:49:a0:5f:42:12:dd:30:ed:
fb:6a:6f:0e:94:6b:ce:07:00:44:e3:4c:c1:2e:93:
20:cb:17:76:d6:96:ae:ab:c2:6a:4e:81:5f:92:bd:
76:75:57:c1:d9:39:19:73:cc:84:7d:dc:5c:d7:a3:
69:23:ee:e0:94:f2:93:46:94:28:c2:78:0d:06:84:
32:6c:19:16:04:49:97:22:e6:a9:2b:17:2d:86:d3:
1d:f0:6c:3f:c2:85:0a:4f:13:a0:12:9d:f9:f8:4b:
44:a4:05:fa:87:7d:64:ac:57:a3:71:a6:c3:b9:9b:
75:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B9:34:32:20:C3:46:54:BF:55:85:C2:48:2D:4A:57:2F:97:88:1B
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VLk0MiDDRlS_VYXCSC1KVy-XiBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.252.0/24
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:e6:8e:5c:2d:10:e6:9d:bd:8f:b8:2a:1f:99:27:7a:01:42:
2b:f2:01:6a:5b:9e:12:ca:58:91:5d:e6:fa:6a:51:93:8b:8e:
f6:23:08:65:17:e3:87:1e:6c:26:67:83:55:dd:b2:55:90:52:
c5:39:92:eb:9a:56:d0:64:84:00:38:c4:08:3a:16:e0:76:29:
82:3e:0e:0d:d0:55:0c:f7:fe:94:49:8e:8b:92:ad:de:21:c9:
8e:b2:dd:00:9f:9a:8b:8d:8a:3e:a7:03:6a:ad:81:71:4b:10:
30:15:e1:56:1e:b0:ba:d0:65:6f:f5:40:5e:2e:41:39:b9:d0:
15:38:88:cf:d6:31:9e:1f:d3:d1:a5:d1:44:c5:d2:a9:65:e7:
94:2d:86:11:30:46:c4:1b:1b:72:29:eb:8c:86:5e:51:d4:da:
86:16:2d:d0:6f:7c:a2:0b:27:ac:8b:b6:f5:5c:3e:6c:3c:99:
d5:df:3a:2c:22:76:94:57:7e:5c:bd:76:b4:7a:9a:eb:2d:1c:
c6:a1:1c:0d:72:94:ff:fd:c7:1b:95:66:a1:4a:c4:95:a0:1e:
dd:42:a0:e8:23:6e:58:db:85:70:7e:85:da:c9:80:b4:80:b1:
b2:57:ee:8e:1e:5a:50:e7:5c:a1:90:b8:5a:1f:29:80:cc:00:
a7:63:14:98
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYLuvQyQt+M9XPOLAPsVncqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODMwMTIzMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI5MzQzMjIwYzM0NjU0YmY1NTg1YzI0ODJkNGE1NzJmOTc4ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVRmpWpeZAx+fNkn3exYLINJu6m/
lOsJ93HYsQUcdfd3ktt4hHC+2PbrZK+e28xjiVZQvjMUeAzsBFNA9q3AY2oV8kj5
q4+Wio+QmNpwtwE8O82ga2lqpuE9exYfz63Shkwel6zXEE4lZA8SgLHxAw8AoxNc
RGkvPDiHZn2KUQI1swpWqK8Yy4i7qTVmSaBfQhLdMO37am8OlGvOBwBE40zBLpMg
yxd21pauq8JqToFfkr12dVfB2TkZc8yEfdxc16NpI+7glPKTRpQowngNBoQybBkW
BEmXIuapKxcthtMd8Gw/woUKTxOgEp35+EtEpAX6h31krFejcabDuZt1NQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFS5NDIgw0ZUv1WFwkgtSlcvl4gbMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvVkxrME1pRERSbFNfVllYQ1NDMUtWeS1YaUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAWXSEAwQA
WXSHAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSxAwQAWXTaAwQAWXT8AwQB
WXUgAwQAWXVtAwQAWXWBAwQAWXW+AwQAWXXeMA0GCSqGSIb3DQEBCwUAA4IBAQCz
5o5cLRDmnb2PuCofmSd6AUIr8gFqW54SyliRXeb6alGTi472IwhlF+OHHmwmZ4NV
3bJVkFLFOZLrmlbQZIQAOMQIOhbgdimCPg4N0FUM9/6USY6Lkq3eIcmOst0An5qL
jYo+pwNqrYFxSxAwFeFWHrC60GVv9UBeLkE5udAVOIjP1jGeH9PRpdFExdKpZeeU
LYYRMEbEGxtyKeuMhl5R1NqGFi3Qb3yiCyesi7b1XD5sPJnV3zosInaUV35cvXa0
eprrLRzGoRwNcpT//ccblWahSsSVoB7dQqDoI25Y24VwfoXayYC0gLGyV+6OHlpQ
51yhkLhaHymAzACnYxSY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org