Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/bXEy4qOuJpZa9PwFQu1373L7p-Y.roa
File: bXEy4qOuJpZa9PwFQu1373L7p-Y.roa (raw, json)
Hash identifier: LWiQXIIvalsZet5iorf0h9H2A6UaAvf9lPrbaK0nur8=
Subject key identifier: 6D:71:32:E2:A3:AE:26:96:5A:F4:FC:05:42:ED:77:EF:72:FB:A7:E6
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183D063CE5C66DABAB8CE99DBE9BFA0BE86
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/bXEy4qOuJpZa9PwFQu1373L7p-Y.roa
Signing time: Thu 13 Oct 2022 08:09:05 +0000
ROA not before: Thu 13 Oct 2022 08:09:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:63:ce:5c:66:da:ba:b8:ce:99:db:e9:bf:a0:be:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 13 08:09:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d7132e2a3ae26965af4fc0542ed77ef72fba7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2d:19:39:83:23:3c:4c:01:0b:28:a3:5e:f5:
0b:12:d4:58:0f:34:8c:58:0f:38:bf:49:77:09:3c:
b6:35:97:ee:fe:5c:b6:f5:56:65:f8:08:84:9c:c0:
df:52:96:74:97:32:58:63:be:ce:3b:c1:bc:c0:a0:
49:4d:23:e7:94:4b:09:da:45:56:4b:1c:6c:b3:8d:
a5:72:34:d0:db:39:e6:09:46:e6:86:06:97:37:04:
49:4f:74:58:20:ca:fc:b6:36:02:e4:84:ff:c5:e6:
88:ca:8b:f6:58:87:22:72:f1:8b:93:d6:ba:86:da:
13:34:ed:8a:3c:32:b9:5d:fb:5a:c4:58:6b:3f:95:
b3:00:22:bd:81:09:8d:23:70:2b:e8:96:2a:e7:aa:
4a:5f:38:b6:b1:e3:c5:d4:ad:47:1e:0c:10:a7:8d:
5e:ad:8f:15:d8:99:ca:9d:94:1f:c1:d2:ff:4f:04:
c5:45:02:63:c1:b4:8c:3b:18:65:9c:d0:a9:2e:4f:
5d:98:d4:d2:4f:67:46:12:38:fa:07:ff:87:c3:91:
52:86:a1:8d:3a:08:ee:08:60:3f:e9:dc:9a:de:02:
87:76:0d:93:18:ac:76:c8:5c:b2:b2:aa:3f:53:c2:
7e:1b:ef:5f:20:98:7c:b7:6c:89:61:c7:d1:b6:e4:
d8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:71:32:E2:A3:AE:26:96:5A:F4:FC:05:42:ED:77:EF:72:FB:A7:E6
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/bXEy4qOuJpZa9PwFQu1373L7p-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.184.0/23
89.116.210.0/23
89.116.252.0/24
89.117.8.0/23
89.117.32.0/23
89.117.94.0/23
89.117.116.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
61:5f:ff:a9:00:05:3e:90:55:e6:54:70:30:40:20:28:8b:fe:
82:c3:21:69:55:1d:0c:32:c6:40:cb:5d:ac:96:6e:84:15:33:
0e:51:e8:a9:84:a7:35:85:4b:86:1e:12:07:70:88:e7:a2:d2:
e9:02:3b:f3:0f:f7:3c:56:dd:90:7c:9a:77:9f:95:d8:b3:ac:
40:ee:87:82:a3:9a:f5:c5:54:24:6e:6c:93:cc:04:53:9a:ef:
51:90:fc:51:45:03:d2:ac:61:2d:fa:88:27:7e:04:ab:62:ae:
da:bc:cc:87:6a:76:79:af:06:44:c9:50:48:ac:7a:fe:e4:53:
68:4f:01:45:ae:c4:7d:56:4b:c0:24:56:20:73:52:4c:cb:a7:
b0:51:f6:5d:e7:c1:c3:3b:f5:3f:dd:f1:07:97:7d:6f:ca:92:
1e:00:1f:f6:4c:32:36:43:a4:dc:f6:4a:e6:25:fe:dd:36:8d:
0a:f4:42:39:77:6e:63:59:63:23:54:ae:91:21:94:6b:63:7f:
6b:6d:c2:16:a3:a1:5a:4d:1f:3e:e5:b2:1e:8e:c6:95:cd:10:
43:96:63:9b:c4:0f:01:a1:6c:16:3e:70:bd:ab:bd:67:9f:33:
62:bf:b9:27:b7:61:74:bd:d4:9e:32:61:96:e4:ba:fd:c4:5a:
4a:c1:e2:67
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYPQY85cZtq6uM6Z2+m/oL6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDEzMDgwOTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDcxMzJlMmEzYWUyNjk2NWFmNGZjMDU0MmVkNzdlZjcyZmJhN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi0ZOYMjPEwBCyijXvULEtRYDzSM
WA84v0l3CTy2NZfu/ly29VZl+AiEnMDfUpZ0lzJYY77OO8G8wKBJTSPnlEsJ2kVW
Sxxss42lcjTQ2znmCUbmhgaXNwRJT3RYIMr8tjYC5IT/xeaIyov2WIcicvGLk9a6
htoTNO2KPDK5XftaxFhrP5WzACK9gQmNI3Ar6JYq56pKXzi2sePF1K1HHgwQp41e
rY8V2JnKnZQfwdL/TwTFRQJjwbSMOxhlnNCpLk9dmNTST2dGEjj6B/+Hw5FShqGN
OgjuCGA/6dya3gKHdg2TGKx2yFyysqo/U8J+G+9fIJh8t2yJYcfRtuTYaQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFG1xMuKjriaWWvT8BULtd+9y+6fmMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvYlhFeTRxT3VKcFphOVB3RlF1MTM3M0w3cC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAFW
JrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZdJYDBABZ
dKEDBABZdKMDBABZdKYDBAFZdLgDBAFZdNIDBABZdPwDBAFZdQgDBAFZdSADBAFZ
dV4DBAFZdXQDBABZdb4DBABZdd4DBAFZdeQDBABZdfUDBABZdfowDQYJKoZIhvcN
AQELBQADggEBAGFf/6kABT6QVeZUcDBAICiL/oLDIWlVHQwyxkDLXayWboQVMw5R
6KmEpzWFS4YeEgdwiOei0ukCO/MP9zxW3ZB8mnefldizrEDuh4KjmvXFVCRubJPM
BFOa71GQ/FFFA9KsYS36iCd+BKtirtq8zIdqdnmvBkTJUEisev7kU2hPAUWuxH1W
S8AkViBzUkzLp7BR9l3nwcM79T/d8QeXfW/Kkh4AH/ZMMjZDpNz2SuYl/t02jQr0
Qjl3bmNZYyNUrpEhlGtjf2ttwhajoVpNHz7lsh6OxpXNEEOWY5vEDwGhbBY+cL2r
vWefM2K/uSe3YXS91J4yYZbkuv3EWkrB4mc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org