Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gnkCw6-rsPuy4s4TmJFQd9NeEGs.roa
File: gnkCw6-rsPuy4s4TmJFQd9NeEGs.roa (raw, json)
Hash identifier: AYcxEZMzMIxxU3lPprMHkBlviv+zLuRjE6JEQxgJJss=
Subject key identifier: 82:79:02:C3:AF:AB:B0:FB:B2:E2:CE:13:98:91:50:77:D3:5E:10:6B
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01828295F934B4AA3A213C129D2EFFCC0D39
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gnkCw6-rsPuy4s4TmJFQd9NeEGs.roa
Signing time: Tue 09 Aug 2022 12:30:42 +0000
ROA not before: Tue 09 Aug 2022 12:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.140.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.91.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.117.120.0/22 maxlen: 24
89.116.202.0/24 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:95:f9:34:b4:aa:3a:21:3c:12:9d:2e:ff:cc:0d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 9 12:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=827902c3afabb0fbb2e2ce1398915077d35e106b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:19:10:80:aa:72:34:d4:d3:22:47:53:c7:fc:
fb:1a:c4:aa:da:28:5a:64:b0:08:1e:f5:97:6d:20:
ed:5c:61:75:c9:c4:95:52:ba:9b:f3:4e:90:2d:e9:
b7:50:5b:60:f0:c1:21:18:2a:75:6f:90:b2:5b:15:
73:76:8d:79:36:62:a8:7e:e1:35:36:96:cf:d0:a8:
3e:ed:2d:9d:10:b8:77:51:2d:ae:a2:68:13:3a:a7:
f7:a6:11:31:20:7c:cb:d3:cf:c6:90:4a:b0:f1:e5:
d6:db:9f:fb:d9:82:8c:f2:eb:2c:5d:7e:f5:13:e9:
77:52:03:dc:3d:9d:8f:3f:62:d6:be:43:ce:d9:77:
3a:ad:15:83:58:07:33:76:f6:c9:a8:46:8d:14:6b:
92:5a:22:4f:63:28:01:c6:6d:65:91:4f:1d:cb:29:
85:2e:12:7e:3e:e5:c1:85:0c:b2:b6:5b:76:7a:00:
f4:45:0f:29:ad:4d:70:8f:cf:a2:da:6a:f9:0b:88:
ef:c0:e7:fa:7f:2c:18:6d:c0:05:99:22:45:b4:31:
54:ed:a3:b2:c0:c3:6b:69:9c:dc:dc:09:34:3f:57:
40:34:48:3c:cd:c4:b9:2c:2a:97:24:51:30:a1:3b:
fb:e3:f8:b4:78:a9:78:5f:2a:c0:ab:2f:41:ca:b7:
52:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:79:02:C3:AF:AB:B0:FB:B2:E2:CE:13:98:91:50:77:D3:5E:10:6B
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/gnkCw6-rsPuy4s4TmJFQd9NeEGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
89.116.76.0/24
89.116.91.0/24
89.116.123.0/24
89.116.140.0/24
89.116.202.0/24
89.116.212.0/22
89.116.250.0/24
89.117.12.0/23
89.117.24.0/23
89.117.72.0/21
89.117.88.0/22
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
08:1a:44:89:96:63:4c:64:12:ba:62:05:1f:2e:6a:96:cd:7d:
c4:8c:a0:4f:03:f5:11:af:98:f4:43:c9:e7:66:e6:54:a7:56:
b2:69:74:4f:dd:26:cd:00:e9:d9:aa:e9:c2:d6:52:5f:1a:30:
23:91:80:65:8a:c0:e9:4b:10:d1:fd:3a:b8:73:b7:d7:40:45:
b1:1e:7a:ea:6a:32:c4:a9:8e:0a:27:2a:ba:01:98:b3:63:b4:
34:7b:a0:eb:3a:d9:c5:53:ae:2b:03:0d:d5:4e:46:47:a4:84:
be:ed:88:f6:c0:c1:6f:0b:e2:b3:b5:8c:ad:d8:d9:df:cc:bc:
96:fc:a3:05:70:fd:e7:8d:f9:29:7b:f6:d3:23:84:5f:36:76:
3a:37:a5:e1:54:1e:a1:9a:1d:41:7a:05:fc:9f:da:cc:69:7c:
de:ae:70:08:af:15:ee:c0:08:7f:d4:fb:1c:55:4e:b7:07:b2:
a3:c8:04:f4:35:0f:7c:5c:42:d2:ae:36:bd:db:46:ca:a0:3d:
20:a1:b9:43:49:bd:da:84:bb:2f:e5:37:19:ee:a0:a1:d6:99:
6b:4e:55:fa:4d:b2:b6:9f:80:f3:b8:d9:aa:21:af:e8:32:73:
a4:da:74:aa:e4:d7:41:a0:03:83:11:b6:73:86:0c:0a:a5:1f:
ff:bd:33:3e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYKClfk0tKo6ITwSnS7/zA05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODA5MTIzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc5MDJjM2FmYWJiMGZiYjJlMmNlMTM5ODkxNTA3N2QzNWUxMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxkQgKpyNNTTIkdTx/z7GsSq2iha
ZLAIHvWXbSDtXGF1ycSVUrqb806QLem3UFtg8MEhGCp1b5CyWxVzdo15NmKofuE1
NpbP0Kg+7S2dELh3US2uomgTOqf3phExIHzL08/GkEqw8eXW25/72YKM8ussXX71
E+l3UgPcPZ2PP2LWvkPO2Xc6rRWDWAczdvbJqEaNFGuSWiJPYygBxm1lkU8dyymF
LhJ+PuXBhQyytlt2egD0RQ8prU1wj8+i2mr5C4jvwOf6fywYbcAFmSJFtDFU7aOy
wMNraZzc3Ak0P1dANEg8zcS5LCqXJFEwoTv74/i0eKl4XyrAqy9ByrdSKwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIJ5AsOvq7D7suLOE5iRUHfTXhBrMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvZ25rQ3c2LXJzUHV5NHM0VG1KRlFkOU5lRUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCVibYAwQA
WXRMAwQAWXRbAwQAWXR7AwQAWXSMAwQAWXTKAwQCWXTUAwQAWXT6AwQBWXUMAwQB
WXUYAwQDWXVIAwQCWXVYAwQCWXV4MA0GCSqGSIb3DQEBCwUAA4IBAQAIGkSJlmNM
ZBK6YgUfLmqWzX3EjKBPA/URr5j0Q8nnZuZUp1ayaXRP3SbNAOnZqunC1lJfGjAj
kYBlisDpSxDR/Tq4c7fXQEWxHnrqajLEqY4KJyq6AZizY7Q0e6DrOtnFU64rAw3V
TkZHpIS+7Yj2wMFvC+KztYyt2NnfzLyW/KMFcP3njfkpe/bTI4RfNnY6N6XhVB6h
mh1BegX8n9rMaXzernAIrxXuwAh/1PscVU63B7KjyAT0NQ98XELSrja920bKoD0g
oblDSb3ahLsv5TcZ7qCh1plrTlX6TbK2n4DzuNmqIa/oMnOk2nSq5NdBoAODEbZz
hgwKpR//vTM+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org