Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hN-ZkZ-4peFbHC26k45P5SbfB-I.roa
File: hN-ZkZ-4peFbHC26k45P5SbfB-I.roa (raw, json)
Hash identifier: 0O+BOHneK4hWQNkSrpdqn/GvCl3MPkjpI46L8Ds2928=
Subject key identifier: 84:DF:99:91:9F:B8:A5:E1:5B:1C:2D:BA:93:8E:4F:E5:26:DF:07:E2
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D187DA9D9C032CA5C8ACE29DA74A9AF3
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hN-ZkZ-4peFbHC26k45P5SbfB-I.roa
Signing time: Wed 24 Aug 2022 20:25:17 +0000
ROA not before: Wed 24 Aug 2022 20:25:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.140.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.120.0/22 maxlen: 24
89.117.12.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.91.0/24 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d1:87:da:9d:9c:03:2c:a5:c8:ac:e2:9d:a7:4a:9a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 24 20:25:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84df99919fb8a5e15b1c2dba938e4fe526df07e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b3:80:57:10:ce:08:90:bd:a3:78:2c:cc:c6:
07:e9:8e:05:4b:ba:db:23:10:4d:86:ad:05:9b:f9:
23:48:12:e4:70:d4:e3:93:45:77:dd:13:19:19:68:
b5:e6:00:ca:0b:9c:79:e7:bf:8d:e2:f2:75:40:13:
86:e0:74:ab:82:84:38:25:f7:f0:68:c6:15:19:e0:
ac:db:1a:42:1e:bf:61:75:83:08:53:a3:61:3f:c4:
aa:94:df:0f:e5:39:89:02:8a:ad:78:31:40:53:f8:
f3:7e:2e:f5:79:a5:15:28:b6:09:a7:5d:88:43:61:
8b:0e:d0:f5:f2:6f:0c:7a:cc:f3:da:f8:a2:44:76:
fc:41:2c:bd:85:32:d5:5d:71:d6:0f:61:d6:12:4a:
f2:34:52:23:fe:79:59:19:f7:ca:61:0e:91:36:8a:
7f:8a:62:87:b7:64:37:2b:a7:32:3d:47:8d:0a:e8:
d4:e3:12:6a:bf:36:7a:24:66:52:71:c3:b9:4e:73:
92:b0:8f:f7:ad:62:ad:f8:14:a4:f8:25:52:80:63:
84:18:cd:49:48:16:6e:ae:e4:07:35:6a:3d:a4:32:
62:27:40:9c:f4:13:8e:94:20:4e:a1:98:04:42:89:
fc:94:10:0f:09:da:7c:fe:ba:a4:3c:3b:51:b7:05:
c6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DF:99:91:9F:B8:A5:E1:5B:1C:2D:BA:93:8E:4F:E5:26:DF:07:E2
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hN-ZkZ-4peFbHC26k45P5SbfB-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
89.116.76.0/24
89.116.91.0/24
89.116.123.0/24
89.116.140.0/24
89.116.212.0/22
89.116.250.0/24
89.117.12.0/23
89.117.72.0/21
89.117.88.0/22
89.117.112.0/22
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:82:09:87:b0:a0:71:33:29:10:48:8a:20:2c:90:3e:9b:94:
60:96:25:b0:34:e4:e9:06:65:31:20:84:06:a2:03:c1:70:a1:
a2:6d:30:a0:1b:77:e3:c1:fc:56:15:41:28:46:31:82:a7:b8:
2b:09:fd:60:d2:91:35:40:a0:8f:0f:bf:fa:ef:6d:66:f9:4a:
80:fe:da:d1:50:d4:64:90:39:df:4e:c0:55:0d:9f:13:37:d8:
e6:f6:54:5e:59:d0:12:84:f9:c1:0f:a4:a3:81:1e:44:c7:83:
12:c7:96:2e:54:3f:c9:7e:95:76:ea:37:f6:df:19:8c:ab:7f:
3c:d0:e3:8d:e4:b7:83:d9:7c:2d:a7:58:b3:3b:94:46:5d:6a:
b8:be:13:a6:a8:f2:3f:ed:2a:f5:15:ee:5d:e0:fd:bf:d6:bd:
0b:75:9d:56:1b:a4:8d:62:7b:1c:7a:e3:66:30:40:a9:c2:0d:
b5:73:10:1b:9f:b9:43:31:d8:44:a6:d6:24:08:09:11:3c:9d:
16:ff:80:64:42:43:72:63:e5:84:c2:c9:3a:13:39:9b:12:ad:
53:29:bf:ce:fa:38:9e:61:fd:e5:4a:ed:0c:f6:65:ec:42:dd:
9c:22:0e:2e:77:00:26:e4:aa:6b:94:2d:f6:45:51:41:4d:b5:
50:94:63:ea
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYLRh9qdnAMspcis4p2nSprzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI0MjAyNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRmOTk5MTlmYjhhNWUxNWIxYzJkYmE5MzhlNGZlNTI2ZGYwN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7OAVxDOCJC9o3gszMYH6Y4FS7rb
IxBNhq0Fm/kjSBLkcNTjk0V33RMZGWi15gDKC5x557+N4vJ1QBOG4HSrgoQ4Jffw
aMYVGeCs2xpCHr9hdYMIU6NhP8SqlN8P5TmJAoqteDFAU/jzfi71eaUVKLYJp12I
Q2GLDtD18m8Meszz2viiRHb8QSy9hTLVXXHWD2HWEkryNFIj/nlZGffKYQ6RNop/
imKHt2Q3K6cyPUeNCujU4xJqvzZ6JGZSccO5TnOSsI/3rWKt+BSk+CVSgGOEGM1J
SBZuruQHNWo9pDJiJ0Cc9BOOlCBOoZgEQon8lBAPCdp8/rqkPDtRtwXGBQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFITfmZGfuKXhWxwtupOOT+Um3wfiMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvaE4tWmtaLTRwZUZiSEMyNms0NVA1U2JmQi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCVibYAwQA
WXRMAwQAWXRbAwQAWXR7AwQAWXSMAwQCWXTUAwQAWXT6AwQBWXUMAwQDWXVIAwQC
WXVYAwQCWXVwAwQCWXV4MA0GCSqGSIb3DQEBCwUAA4IBAQA+ggmHsKBxMykQSIog
LJA+m5RgliWwNOTpBmUxIIQGogPBcKGibTCgG3fjwfxWFUEoRjGCp7grCf1g0pE1
QKCPD7/6721m+UqA/trRUNRkkDnfTsBVDZ8TN9jm9lReWdAShPnBD6SjgR5Ex4MS
x5YuVD/JfpV26jf23xmMq3880OON5LeD2Xwtp1izO5RGXWq4vhOmqPI/7Sr1Fe5d
4P2/1r0LdZ1WG6SNYnsceuNmMECpwg21cxAbn7lDMdhEptYkCAkRPJ0W/4BkQkNy
Y+WEwsk6EzmbEq1TKb/O+jieYf3lSu0M9mXsQt2cIg4udwAm5KprlC32RVFBTbVQ
lGPq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org