Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/_CJ2VXbv8Pg0DK_ewSCFDhTFNPc.roa
File: _CJ2VXbv8Pg0DK_ewSCFDhTFNPc.roa (raw, json)
Hash identifier: 4DVpdP91HSGPXfi+R1vdAroesf9VaTOZ0132w+i4Kl8=
Subject key identifier: FC:22:76:55:76:EF:F0:F8:34:0C:AF:DE:C1:20:85:0E:14:C5:34:F7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01835AD8F35BCE8FF6578BDD56F00905907E
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/_CJ2VXbv8Pg0DK_ewSCFDhTFNPc.roa
Signing time: Tue 20 Sep 2022 12:21:50 +0000
ROA not before: Tue 20 Sep 2022 12:21:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 86.38.246.0/23 maxlen: 24
89.116.224.0/21 maxlen: 24
89.117.80.0/22 maxlen: 24
89.116.32.0/21 maxlen: 24
86.38.204.0/23 maxlen: 24
89.116.180.0/22 maxlen: 24
89.116.200.0/24 maxlen: 24
84.46.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:d8:f3:5b:ce:8f:f6:57:8b:dd:56:f0:09:05:90:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Sep 20 12:21:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc22765576eff0f8340cafdec120850e14c534f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:0a:61:62:c8:46:9a:ff:33:6a:44:52:c8:
4b:f6:61:06:59:a4:b4:72:9f:12:ba:3f:05:78:1d:
0e:e4:b8:b6:1e:cd:df:f9:60:38:a1:2b:5b:64:2e:
c6:cd:91:f5:b8:2a:7d:2d:07:84:ce:e5:44:02:d7:
36:50:bf:64:23:ca:9e:ea:80:d5:ac:de:15:92:9d:
83:4e:36:c9:17:10:7c:1c:bd:05:60:49:25:3b:e4:
86:64:98:f7:9b:c1:01:c7:a0:5d:c0:18:c8:05:e1:
e8:aa:41:e8:d8:24:1b:fb:ea:aa:84:55:d1:55:61:
50:bb:2a:d2:36:72:e8:96:8a:eb:f2:38:b7:f7:21:
34:dd:b1:26:c6:d7:79:ba:e8:d1:3a:87:5e:2d:78:
e3:0a:d4:3e:81:13:d2:ab:73:7e:ab:6a:86:88:82:
ac:1f:05:8a:fa:e3:f8:06:9b:a1:75:c3:29:3e:67:
4c:d5:64:ae:5a:ee:8a:84:8e:8c:f7:ee:82:4b:0c:
c1:92:a4:8e:10:70:98:0c:36:4f:bc:ea:06:68:55:
83:bb:45:fe:53:77:77:4e:b0:44:43:33:74:7a:8d:
40:27:4a:ad:46:c5:26:14:88:04:d7:82:c2:ac:b8:
68:a6:99:5c:bd:26:09:73:79:f9:0c:88:61:69:21:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:22:76:55:76:EF:F0:F8:34:0C:AF:DE:C1:20:85:0E:14:C5:34:F7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/_CJ2VXbv8Pg0DK_ewSCFDhTFNPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.204.0/23
86.38.246.0/23
89.116.32.0/21
89.116.180.0/22
89.116.200.0/24
89.116.224.0/21
89.117.80.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:6a:28:95:90:00:d3:26:7c:3f:71:f1:24:f1:ad:f2:26:ba:
90:f1:b4:9a:6e:6d:32:7d:81:6d:d1:26:47:4d:23:54:3e:a3:
67:54:45:90:d7:f4:28:a3:9e:24:54:da:b5:00:6c:82:9e:fd:
49:0b:25:85:1b:d8:68:b7:74:15:4f:67:2f:ca:ac:23:32:80:
14:cf:2e:4f:ed:e3:b1:7e:bb:7c:a5:6a:fa:bc:da:b3:3e:dd:
d6:14:de:22:1b:2c:72:d3:f6:8b:3a:53:ba:1c:e1:81:c1:69:
b8:db:7b:a9:db:a2:30:d5:c1:1b:cf:26:df:bb:3d:92:75:e9:
16:58:97:89:7d:02:ff:96:a7:17:4b:b0:78:a7:99:8b:be:ff:
3f:ca:7f:89:70:a6:f8:de:58:66:10:17:0f:f4:f4:e7:74:52:
c9:80:fe:56:19:0f:4c:d2:8d:6c:7d:41:6d:fb:ed:e4:5d:fa:
9c:65:0d:39:75:d4:4a:ff:d6:30:9a:47:3d:be:aa:a3:9c:2d:
29:91:6e:04:19:aa:82:ee:79:44:4c:32:98:90:a7:40:05:fa:
5c:7f:da:a9:21:a5:2e:f2:b2:31:0c:45:b2:fa:80:d8:a8:e8:
bc:93:4d:c1:79:15:1f:3c:b7:e1:5a:2c:5d:22:30:b5:95:e9:
ef:8a:99:40
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYNa2PNbzo/2V4vdVvAJBZB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwOTIwMTIyMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIyNzY1NTc2ZWZmMGY4MzQwY2FmZGVjMTIwODUwZTE0YzUzNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE8KYWLIRpr/M2pEUshL9mEGWaS0
cp8Suj8FeB0O5Li2Hs3f+WA4oStbZC7GzZH1uCp9LQeEzuVEAtc2UL9kI8qe6oDV
rN4Vkp2DTjbJFxB8HL0FYEklO+SGZJj3m8EBx6BdwBjIBeHoqkHo2CQb++qqhFXR
VWFQuyrSNnLolorr8ji39yE03bEmxtd5uujROodeLXjjCtQ+gRPSq3N+q2qGiIKs
HwWK+uP4BpuhdcMpPmdM1WSuWu6KhI6M9+6CSwzBkqSOEHCYDDZPvOoGaFWDu0X+
U3d3TrBEQzN0eo1AJ0qtRsUmFIgE14LCrLhopplcvSYJc3n5DIhhaSFnNwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPwidlV27/D4NAyv3sEghQ4UxTT3MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvX0NKMlZYYnY4UGcwREtfZXdTQ0ZEaFRGTlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBVC7qAwQB
VibMAwQBVib2AwQDWXQgAwQCWXS0AwQAWXTIAwQDWXTgAwQCWXVQMA0GCSqGSIb3
DQEBCwUAA4IBAQCjaiiVkADTJnw/cfEk8a3yJrqQ8bSabm0yfYFt0SZHTSNUPqNn
VEWQ1/Qoo54kVNq1AGyCnv1JCyWFG9hot3QVT2cvyqwjMoAUzy5P7eOxfrt8pWr6
vNqzPt3WFN4iGyxy0/aLOlO6HOGBwWm423up26Iw1cEbzybfuz2SdekWWJeJfQL/
lqcXS7B4p5mLvv8/yn+JcKb43lhmEBcP9PTndFLJgP5WGQ9M0o1sfUFt++3kXfqc
ZQ05ddRK/9Ywmkc9vqqjnC0pkW4EGaqC7nlETDKYkKdABfpcf9qpIaUu8rIxDEWy
+oDYqOi8k03BeRUfPLfhWixdIjC1lenviplA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org