Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Xq7x5RT2w9VNCJP3v4ANWb-uPpM.roa
File: Xq7x5RT2w9VNCJP3v4ANWb-uPpM.roa (raw, json)
Hash identifier: g5uQIe5eYp5+YtNirg6J/njYaH6ZJ/OoZ9e6inYkt1c=
Subject key identifier: 5E:AE:F1:E5:14:F6:C3:D5:4D:08:93:F7:BF:80:0D:59:BF:AE:3E:93
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182FDCF13F81C1FE895C2C076E3233B6BC4
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Xq7x5RT2w9VNCJP3v4ANWb-uPpM.roa
Signing time: Fri 02 Sep 2022 10:46:22 +0000
ROA not before: Fri 02 Sep 2022 10:46:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
86.38.200.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.96.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
84.46.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:cf:13:f8:1c:1f:e8:95:c2:c0:76:e3:23:3b:6b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Sep 2 10:46:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eaef1e514f6c3d54d0893f7bf800d59bfae3e93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f8:a3:22:4e:92:dc:81:12:f7:27:f0:75:5c:
2e:00:ad:2e:1a:20:b0:f4:58:bc:0b:1e:8a:5b:1b:
6d:94:43:60:30:a5:b8:88:98:0c:04:7e:ad:1a:ce:
09:13:59:88:6f:48:29:1b:b9:6e:fc:35:07:3b:fd:
40:0c:c0:41:9d:74:d5:dc:70:6e:bf:ef:01:91:bc:
86:ec:dd:73:16:26:18:7a:02:68:aa:3a:61:d6:b3:
25:ab:38:68:7c:00:e2:8a:da:ec:9b:81:5f:da:66:
7b:50:77:6e:53:02:24:92:d8:be:52:8a:e9:49:88:
fc:0a:9f:67:65:31:94:06:03:79:e7:c4:83:af:ea:
b5:08:49:31:ff:ec:ce:f6:67:59:e4:c9:7b:05:2e:
89:a0:db:c4:2d:15:5d:2e:92:db:8f:a1:d9:5b:18:
57:f1:37:12:98:db:70:8d:36:b2:93:74:96:94:77:
61:7b:c9:26:65:56:c6:e8:f2:86:8f:ce:d0:5e:e7:
4f:0b:f0:3e:b0:4f:34:4c:7c:0c:3d:ce:1d:36:a0:
e4:3b:20:3a:23:07:74:96:23:79:96:96:48:74:21:
2e:f0:36:7b:ec:b1:5e:ee:a0:f1:23:37:80:47:03:
8d:34:45:32:da:85:f7:dd:78:65:73:38:0d:86:40:
0b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AE:F1:E5:14:F6:C3:D5:4D:08:93:F7:BF:80:0D:59:BF:AE:3E:93
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Xq7x5RT2w9VNCJP3v4ANWb-uPpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.200.0/24
86.38.4.0/23
86.38.180.0/22
86.38.189.0/24
86.38.200.0/24
86.38.220.0/23
86.38.242.0/23
86.38.246.0/23
89.116.56.0/24
89.116.96.0/24
89.116.135.0/24
89.116.156.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0/20
89.117.109.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:12:0d:bd:84:01:4c:8b:b9:45:77:7c:dc:15:05:2b:9c:fd:
61:55:60:fc:ce:dd:0d:c7:5b:68:94:89:ae:2e:e1:29:e3:58:
83:1d:72:dc:fe:31:02:62:0d:0d:da:01:35:63:82:f9:0f:d0:
f2:8b:2c:1a:0f:83:12:ab:d4:14:29:86:27:37:63:2c:a0:f2:
c8:0e:98:67:fc:46:3e:51:b4:7d:b0:7b:f8:6d:6b:8b:4d:1a:
10:6b:80:60:bc:6e:63:89:49:0f:f3:18:29:fe:19:ee:03:46:
fa:33:54:f7:cc:cb:ad:2c:4b:e8:0b:e8:d2:61:c9:87:cc:09:
f6:bc:3b:22:f6:90:08:ae:c8:bb:b7:d7:2e:54:af:2c:00:e4:
ef:ca:e8:5c:33:87:08:dc:8b:db:7f:8e:ef:ff:4a:7c:6c:ca:
60:53:b8:a2:15:df:b7:ab:db:79:06:6d:b2:45:d1:9c:3b:81:
e4:86:ea:9f:ee:1e:42:bf:80:9c:cc:cf:20:d4:c9:96:31:0a:
2f:35:b2:01:1b:91:a8:e8:15:cc:90:8c:a9:85:64:11:2d:75:
18:f9:f5:ec:c3:76:fd:07:04:ad:06:17:b8:a9:18:f6:b7:f2:
72:80:9f:58:b7:0c:d8:32:da:c8:b1:27:fc:0a:6b:b2:61:ac:
34:11:fe:d8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYL9zxP4HB/olcLAduMjO2vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwOTAyMTA0NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFlZjFlNTE0ZjZjM2Q1NGQwODkzZjdiZjgwMGQ1OWJmYWUzZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/ijIk6S3IES9yfwdVwuAK0uGiCw
9Fi8Cx6KWxttlENgMKW4iJgMBH6tGs4JE1mIb0gpG7lu/DUHO/1ADMBBnXTV3HBu
v+8BkbyG7N1zFiYYegJoqjph1rMlqzhofADiitrsm4Ff2mZ7UHduUwIkkti+Uorp
SYj8Cp9nZTGUBgN558SDr+q1CEkx/+zO9mdZ5Ml7BS6JoNvELRVdLpLbj6HZWxhX
8TcSmNtwjTayk3SWlHdhe8kmZVbG6PKGj87QXudPC/A+sE80THwMPc4dNqDkOyA6
Iwd0liN5lpZIdCEu8DZ77LFe7qDxIzeARwONNEUy2oX33XhlczgNhkALIwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFF6u8eUU9sPVTQiT97+ADVm/rj6TMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvWHE3eDVSVDJ3OVZOQ0pQM3Y0QU5XYi11UHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAVC7I
AwQBViYEAwQCVia0AwQAVia9AwQAVibIAwQBVibcAwQBVibyAwQBVib2AwQAWXQ4
AwQAWXRgAwQAWXSHAwQAWXScAwQAWXSvAwQAWXSxAwQAWXTaAwQBWXTyAwQBWXT2
AwQAWXULAwQEWXUwAwQAWXVtMA0GCSqGSIb3DQEBCwUAA4IBAQA+Eg29hAFMi7lF
d3zcFQUrnP1hVWD8zt0Nx1tolImuLuEp41iDHXLc/jECYg0N2gE1Y4L5D9Dyiywa
D4MSq9QUKYYnN2MsoPLIDphn/EY+UbR9sHv4bWuLTRoQa4BgvG5jiUkP8xgp/hnu
A0b6M1T3zMutLEvoC+jSYcmHzAn2vDsi9pAIrsi7t9cuVK8sAOTvyuhcM4cI3Ivb
f47v/0p8bMpgU7iiFd+3q9t5Bm2yRdGcO4Hkhuqf7h5Cv4CczM8g1MmWMQovNbIB
G5Go6BXMkIyphWQRLXUY+fXsw3b9BwStBhe4qRj2t/JygJ9YtwzYMtrIsSf8Cmuy
Yaw0Ef7Y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org