Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gNoiJzEaPTvRj8VNjeO0VTBmFrM.roa
File: gNoiJzEaPTvRj8VNjeO0VTBmFrM.roa (raw, json)
Hash identifier: TkMfCdafNh/iA4gxYwp/CNHTzxTNOWrMnzgzkreIOx0=
Subject key identifier: 80:DA:22:27:31:1A:3D:3B:D1:8F:C5:4D:8D:E3:B4:55:30:66:16:B3
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182AFF6223A62AE7C23E7E9192D48D47A1A
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gNoiJzEaPTvRj8VNjeO0VTBmFrM.roa
Signing time: Thu 18 Aug 2022 07:58:39 +0000
ROA not before: Thu 18 Aug 2022 07:58:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.117.68.0/24 maxlen: 24
89.116.234.0/24 maxlen: 24
89.116.244.0/24 maxlen: 24
86.38.175.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.218.0/24 maxlen: 24
86.38.190.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:f6:22:3a:62:ae:7c:23:e7:e9:19:2d:48:d4:7a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 18 07:58:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80da2227311a3d3bd18fc54d8de3b455306616b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:72:67:7e:68:03:e1:81:d8:14:51:65:08:91:
a9:b2:c6:ba:47:57:e6:e7:c0:67:40:f0:56:d0:88:
04:37:d3:83:c7:a3:b7:37:39:b0:26:01:7f:64:d8:
67:e0:5e:93:3f:3f:86:85:33:5f:65:b8:b4:d7:3f:
c2:4c:ad:9d:58:3a:0f:d5:79:4f:ca:2a:95:bb:26:
bc:8f:35:c3:77:06:94:e4:6b:7f:78:5f:a0:ff:23:
00:29:f0:dc:65:12:f7:3b:82:90:b8:fd:dd:9b:8b:
71:91:ee:dc:e1:59:81:09:a6:0f:94:43:5e:e6:66:
ba:a7:a8:a7:22:1f:0f:6f:63:79:01:5a:0d:30:c7:
61:68:f8:87:49:c5:30:f3:4b:2b:6f:ef:1e:2c:ae:
31:15:7a:9b:d1:95:70:73:a0:dc:92:8d:f8:28:4c:
33:65:3b:53:24:2e:d1:16:fe:6e:42:d7:85:2e:30:
01:91:1f:9b:b3:4e:a3:60:8f:00:c6:f0:30:4c:d4:
27:ee:f4:be:77:86:74:7b:83:e9:32:5b:bb:16:09:
95:35:6b:19:27:5c:0c:5d:48:07:72:3f:81:2a:19:
32:d9:2c:83:43:70:bd:a8:ab:3c:de:01:93:bf:f2:
65:b8:16:ce:4b:ba:32:e3:f3:e4:4d:6c:53:2b:a6:
e0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DA:22:27:31:1A:3D:3B:D1:8F:C5:4D:8D:E3:B4:55:30:66:16:B3
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gNoiJzEaPTvRj8VNjeO0VTBmFrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.175.0/24
86.38.177.0/24
86.38.190.0/24
89.116.70.0/24
89.116.102.0/24
89.116.175.0/24
89.116.234.0/24
89.116.244.0/24
89.117.68.0/24
89.117.109.0/24
89.117.218.0/24
Signature Algorithm: sha256WithRSAEncryption
83:23:b6:d1:06:28:b4:d5:03:1a:5a:42:cc:60:03:e9:b1:47:
d6:1b:25:57:24:be:6d:f2:fe:8d:98:3c:d6:56:6d:b5:ac:ed:
33:58:69:bf:b2:af:2c:6b:8b:a8:70:36:a4:87:47:4a:fc:4f:
37:3d:b8:7c:78:b9:76:7f:49:31:d7:11:bb:a8:b2:45:d3:ab:
18:8c:55:c0:45:0d:7f:f0:44:29:80:0b:b5:19:e6:4c:d2:c3:
c4:74:c4:4b:00:47:56:2c:0f:09:fb:8a:3d:9b:97:3f:06:c6:
d6:a0:a4:2f:1e:18:13:d7:02:0a:3d:2e:cc:6c:45:4a:0d:5d:
a0:89:9b:b5:63:54:4f:04:3c:1e:b3:72:0e:15:5d:16:53:dc:
39:04:5d:0d:2e:a8:8e:47:d3:d4:f4:1f:2b:08:f0:bf:27:1f:
db:18:bc:d4:6d:f2:43:a7:b0:ea:70:1b:b2:91:0c:0f:9b:8d:
73:a0:14:43:42:25:3f:97:58:a5:50:c3:a6:a3:16:97:7d:49:
87:fd:a1:53:b3:60:fb:f1:86:60:50:67:2b:2d:ae:5d:eb:91:
da:e1:80:86:89:d8:84:56:01:59:b8:6d:64:dc:2b:eb:d1:8c:
89:9d:fd:e6:ce:c5:cb:0c:a5:88:1a:9a:91:32:b4:bc:20:7b:
e6:76:b6:0f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYKv9iI6Yq58I+fpGS1I1HoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE4MDc1ODM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRhMjIyNzMxMWEzZDNiZDE4ZmM1NGQ4ZGUzYjQ1NTMwNjYxNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HJnfmgD4YHYFFFlCJGpssa6R1fm
58BnQPBW0IgEN9ODx6O3NzmwJgF/ZNhn4F6TPz+GhTNfZbi01z/CTK2dWDoP1XlP
yiqVuya8jzXDdwaU5Gt/eF+g/yMAKfDcZRL3O4KQuP3dm4txke7c4VmBCaYPlENe
5ma6p6inIh8Pb2N5AVoNMMdhaPiHScUw80srb+8eLK4xFXqb0ZVwc6Dcko34KEwz
ZTtTJC7RFv5uQteFLjABkR+bs06jYI8AxvAwTNQn7vS+d4Z0e4PpMlu7FgmVNWsZ
J1wMXUgHcj+BKhky2SyDQ3C9qKs83gGTv/JluBbOS7oy4/PkTWxTK6bgJwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIDaIicxGj070Y/FTY3jtFUwZhazMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvZ05vaUp6RWFQVHZSajhWTmplTzBWVEJtRnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAViavAwQA
ViaxAwQAVia+AwQAWXRGAwQAWXRmAwQAWXSvAwQAWXTqAwQAWXT0AwQAWXVEAwQA
WXVtAwQAWXXaMA0GCSqGSIb3DQEBCwUAA4IBAQCDI7bRBii01QMaWkLMYAPpsUfW
GyVXJL5t8v6NmDzWVm21rO0zWGm/sq8sa4uocDakh0dK/E83Pbh8eLl2f0kx1xG7
qLJF06sYjFXARQ1/8EQpgAu1GeZM0sPEdMRLAEdWLA8J+4o9m5c/BsbWoKQvHhgT
1wIKPS7MbEVKDV2giZu1Y1RPBDwes3IOFV0WU9w5BF0NLqiOR9PU9B8rCPC/Jx/b
GLzUbfJDp7DqcBuykQwPm41zoBRDQiU/l1ilUMOmoxaXfUmH/aFTs2D78YZgUGcr
La5d65Ha4YCGidiEVgFZuG1k3Cvr0YyJnf3mzsXLDKWIGpqRMrS8IHvmdrYP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org