Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VQWMzW7YgFp8yT4yy82UR3DeYPA.roa
File: VQWMzW7YgFp8yT4yy82UR3DeYPA.roa (raw, json)
Hash identifier: qn9PgEZn31IPTLnYyNxCukmYypNa59rDtYckFbC5f7I=
Subject key identifier: 55:05:8C:CD:6E:D8:80:5A:7C:C9:3E:32:CB:CD:94:47:70:DE:60:F0
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0184065D3A1F5D0A98245BFC69B7CABE2E02
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VQWMzW7YgFp8yT4yy82UR3DeYPA.roa
Signing time: Sun 23 Oct 2022 19:41:23 +0000
ROA not before: Sun 23 Oct 2022 19:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.200.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
84.46.200.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:06:5d:3a:1f:5d:0a:98:24:5b:fc:69:b7:ca:be:2e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 23 19:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55058ccd6ed8805a7cc93e32cbcd944770de60f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:67:ea:92:7f:97:d1:7b:92:74:36:af:eb:40:
c1:8b:70:8e:93:fd:51:0b:cc:e3:aa:08:00:ae:75:
d4:63:cd:13:70:13:e1:22:c3:aa:2b:ae:68:07:f7:
1d:fd:3c:89:06:18:d4:6c:4a:e6:fd:e9:79:83:02:
67:1f:fe:d9:a7:ef:53:d0:c4:2f:5a:37:91:19:3b:
7c:4a:8e:db:e3:1a:42:81:54:8c:df:68:7b:15:09:
2d:52:18:76:7c:21:69:2e:e8:ec:2c:b2:5e:81:5d:
5c:a4:25:86:12:c7:eb:30:2d:bc:45:77:1c:14:e7:
71:3f:80:4a:dd:80:ea:9a:2c:78:38:2f:1c:ac:d6:
f5:3f:29:da:9c:d2:46:72:4c:86:35:ed:67:98:40:
52:4a:c0:fb:0d:a9:06:4a:c3:fa:59:b6:15:ed:b3:
44:12:e4:a0:a9:74:21:2c:07:e6:ad:23:3b:43:33:
55:c6:38:b2:86:f5:48:6b:d7:ee:1c:71:4f:a9:9d:
c9:50:fe:69:18:9a:c8:89:92:0c:b8:7a:cb:84:57:
a2:b4:fe:a9:0e:72:9e:82:f8:44:6a:b5:d0:b1:89:
1f:20:ad:4e:65:8f:8c:61:42:d3:6d:e1:6f:e5:c8:
f2:4c:f9:d9:a5:2e:94:da:2a:92:3a:ec:0a:eb:52:
7d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:05:8C:CD:6E:D8:80:5A:7C:C9:3E:32:CB:CD:94:47:70:DE:60:F0
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/VQWMzW7YgFp8yT4yy82UR3DeYPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.200.0/24
86.38.4.0/23
86.38.180.0/22
86.38.189.0/24
86.38.200.0/24
86.38.220.0/23
86.38.242.0/23
86.38.246.0/23
89.116.56.0/24
89.116.135.0/24
89.116.156.0/24
89.116.175.0/24
89.116.177.0/24
89.116.189.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0/20
89.117.109.0/24
89.117.228.0/23
Signature Algorithm: sha256WithRSAEncryption
23:3c:95:bd:a9:0b:5f:e6:57:7c:ca:c2:91:07:c6:92:b3:61:
e1:46:8d:d9:fa:e5:f3:bf:f5:28:75:d7:e3:60:c2:fa:fc:3e:
49:a1:0b:ae:54:bf:cd:4e:5f:c9:92:ae:5a:2d:85:d0:8d:73:
b7:b7:51:35:aa:31:95:bb:27:48:8e:d8:49:a0:68:35:2f:b3:
9d:1b:7f:cd:35:1f:df:9a:b2:8a:a8:97:6e:a7:97:4c:8a:21:
de:5e:b5:e8:35:ac:58:9b:d1:9e:5e:06:14:17:96:54:0d:69:
ee:4a:75:70:b1:52:00:b5:12:91:0d:31:de:7e:ef:10:d1:65:
ee:c7:f7:6e:aa:4d:a9:6e:0e:af:11:f7:c3:c1:2e:7d:eb:98:
7e:f3:49:6d:39:4b:a5:b4:0e:4e:18:a3:76:ac:7d:75:34:2d:
c5:22:a9:54:37:68:cc:e8:be:19:4e:e9:fd:03:7a:45:17:40:
eb:18:88:01:a4:ff:a5:6e:fb:c3:8f:43:03:d3:cf:24:ac:5d:
44:35:3a:1c:60:90:30:d3:24:5e:3d:21:b8:f9:a9:6a:ab:ef:
e9:68:9e:0b:ca:d6:e7:96:e9:60:c7:81:52:92:1f:1f:9f:41:
cc:bb:5c:de:0b:7b:6a:50:4a:8b:b7:69:35:a4:9a:0d:b3:b1:
d4:21:a0:03
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYQGXTofXQqYJFv8abfKvi4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDIzMTk0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA1OGNjZDZlZDg4MDVhN2NjOTNlMzJjYmNkOTQ0NzcwZGU2MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWfqkn+X0XuSdDav60DBi3COk/1R
C8zjqggArnXUY80TcBPhIsOqK65oB/cd/TyJBhjUbErm/el5gwJnH/7Zp+9T0MQv
WjeRGTt8So7b4xpCgVSM32h7FQktUhh2fCFpLujsLLJegV1cpCWGEsfrMC28RXcc
FOdxP4BK3YDqmix4OC8crNb1PynanNJGckyGNe1nmEBSSsD7DakGSsP6WbYV7bNE
EuSgqXQhLAfmrSM7QzNVxjiyhvVIa9fuHHFPqZ3JUP5pGJrIiZIMuHrLhFeitP6p
DnKegvhEarXQsYkfIK1OZY+MYULTbeFv5cjyTPnZpS6U2iqSOuwK61J92QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFFUFjM1u2IBafMk+MsvNlEdw3mDwMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvVlFXTXpXN1lnRnA4eVQ0eXk4MlVSM0RlWVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAFQu
yAMEAVYmBAMEAlYmtAMEAFYmvQMEAFYmyAMEAVYm3AMEAVYm8gMEAVYm9gMEAFl0
OAMEAFl0hwMEAFl0nAMEAFl0rwMEAFl0sQMEAFl0vQMEAFl02gMEAVl08gMEAVl0
9gMEAFl1CwMEBFl1MAMEAFl1bQMEAVl15DANBgkqhkiG9w0BAQsFAAOCAQEAIzyV
vakLX+ZXfMrCkQfGkrNh4UaN2frl87/1KHXX42DC+vw+SaELrlS/zU5fyZKuWi2F
0I1zt7dRNaoxlbsnSI7YSaBoNS+znRt/zTUf35qyiqiXbqeXTIoh3l616DWsWJvR
nl4GFBeWVA1p7kp1cLFSALUSkQ0x3n7vENFl7sf3bqpNqW4OrxH3w8EufeuYfvNJ
bTlLpbQOThijdqx9dTQtxSKpVDdozOi+GU7p/QN6RRdA6xiIAaT/pW77w49DA9PP
JKxdRDU6HGCQMNMkXj0huPmpaqvv6WieC8rW55bpYMeBUpIfH59BzLtc3gt7alBK
i7dpNaSaDbOx1CGgAw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org