Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hUttI_SxAUyZg7Lp1WWH_6KE4ek.roa
File: hUttI_SxAUyZg7Lp1WWH_6KE4ek.roa (raw, json)
Hash identifier: M5/SWMYD6QgvRMB2kJRrKgCwdmJin/U4mQ09ccyOYfQ=
Subject key identifier: 85:4B:6D:23:F4:B1:01:4C:99:83:B2:E9:D5:65:87:FF:A2:84:E1:E9
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01837F8030D9267195A96F2ADF62AD496614
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hUttI_SxAUyZg7Lp1WWH_6KE4ek.roa
Signing time: Tue 27 Sep 2022 15:10:51 +0000
ROA not before: Tue 27 Sep 2022 15:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.116.115.0/24 maxlen: 24
86.38.37.0/24 maxlen: 24
89.116.125.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
84.46.171.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
89.117.27.0/24 maxlen: 24
86.38.200.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
86.38.7.0/24 maxlen: 24
89.116.100.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:80:30:d9:26:71:95:a9:6f:2a:df:62:ad:49:66:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Sep 27 15:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=854b6d23f4b1014c9983b2e9d56587ffa284e1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c8:fd:2c:8c:54:7a:67:53:c2:3f:c2:7b:e1:
67:9f:db:c6:2b:06:78:f1:ee:a6:45:93:d1:48:b2:
2b:81:2f:99:cf:2d:d7:6f:80:45:49:07:a4:9d:3b:
47:2e:e0:54:59:10:7f:88:fc:e3:5a:aa:c7:cc:1e:
0d:4d:53:51:62:c2:ea:38:1e:6a:24:42:77:5d:60:
4e:66:f0:f9:61:40:be:73:d1:ea:db:5f:9f:c9:c6:
0b:f5:fd:7b:47:de:49:e0:a3:03:64:45:b4:55:24:
ae:75:27:cc:db:bd:c5:5f:ec:d4:b2:6a:00:31:a8:
94:e4:89:05:b4:06:e6:ef:04:97:3a:b1:d7:05:43:
33:56:15:65:23:21:f1:15:fc:d8:d1:2e:fa:73:ce:
4b:5f:34:66:72:f2:e8:62:48:8e:32:b3:81:ce:0d:
be:a7:62:db:d0:78:21:9f:ac:bc:46:9d:42:f2:e4:
99:ef:ed:f3:60:f5:d9:d8:12:28:f1:56:c9:ef:37:
a5:35:f1:e4:1c:be:69:a6:7f:1a:08:cb:e1:d0:dd:
a3:b7:50:54:7c:fb:c8:6a:6a:e5:e6:cc:81:dc:a2:
5d:75:0f:10:eb:ae:a7:c3:a6:fe:ce:93:bc:e7:fb:
4e:6c:cb:59:28:53:51:8f:09:51:0d:4b:65:8d:64:
09:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4B:6D:23:F4:B1:01:4C:99:83:B2:E9:D5:65:87:FF:A2:84:E1:E9
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/hUttI_SxAUyZg7Lp1WWH_6KE4ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.171.0/24
86.38.7.0/24
86.38.37.0/24
86.38.177.0/24
86.38.200.0/24
89.116.56.0/24
89.116.100.0/24
89.116.115.0/24
89.116.125.0/24
89.117.27.0/24
89.117.94.0/23
89.117.109.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:5b:b4:1c:27:af:92:70:f4:78:32:85:c2:d2:77:e1:9f:69:
5d:ee:d3:4c:a3:80:71:f8:2a:a7:91:9b:fb:1b:58:af:64:78:
a4:7c:10:97:94:d4:7a:1b:04:69:36:35:12:93:42:3c:60:4a:
e7:ca:63:f3:d1:db:bd:ba:09:c8:97:0f:b8:e0:2a:9b:38:2c:
37:db:3a:4b:3f:2b:f2:fc:90:37:f3:94:12:d1:59:e4:61:7c:
31:f5:29:6c:71:88:2d:e3:f1:46:0e:07:96:9d:2f:ae:e4:ae:
08:03:b2:73:17:3c:b2:3c:a0:b9:82:11:c0:8d:53:7c:e9:05:
d8:d6:1a:ac:84:c7:b1:61:ee:60:05:1e:48:11:f3:03:f7:ab:
44:2e:c5:8a:90:e7:c9:85:de:e9:c3:e4:4a:9d:30:ed:08:f8:
aa:46:1a:b9:d8:2a:13:1f:fc:cd:4f:71:d4:9d:86:8c:3d:63:
e3:75:32:e8:ec:78:7d:6c:5c:53:67:5b:b4:c1:b0:20:0d:d3:
ad:3a:c6:ed:88:a2:23:b1:3a:a1:78:e0:72:95:dd:2c:d1:a0:
54:58:9e:4f:b7:25:4f:f1:dc:1f:05:69:31:7f:1d:ce:b1:4d:
f2:67:99:dc:a0:52:7f:6d:7d:e6:c6:d0:6f:36:c5:10:a4:14:
25:91:ea:ae
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYN/gDDZJnGVqW8q32KtSWYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwOTI3MTUxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRiNmQyM2Y0YjEwMTRjOTk4M2IyZTlkNTY1ODdmZmEyODRlMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcj9LIxUemdTwj/Ce+Fnn9vGKwZ4
8e6mRZPRSLIrgS+Zzy3Xb4BFSQeknTtHLuBUWRB/iPzjWqrHzB4NTVNRYsLqOB5q
JEJ3XWBOZvD5YUC+c9Hq21+fycYL9f17R95J4KMDZEW0VSSudSfM273FX+zUsmoA
MaiU5IkFtAbm7wSXOrHXBUMzVhVlIyHxFfzY0S76c85LXzRmcvLoYkiOMrOBzg2+
p2Lb0Hghn6y8Rp1C8uSZ7+3zYPXZ2BIo8VbJ7zelNfHkHL5ppn8aCMvh0N2jt1BU
fPvIamrl5syB3KJddQ8Q666nw6b+zpO85/tObMtZKFNRjwlRDUtljWQJ8QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIVLbSP0sQFMmYOy6dVlh/+ihOHpMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvaFV0dElfU3hBVXlaZzdMcDFXV0hfNktFNGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAVC6rAwQA
ViYHAwQAViYlAwQAViaxAwQAVibIAwQAWXQ4AwQAWXRkAwQAWXRzAwQAWXR9AwQA
WXUbAwQBWXVeAwQAWXVtAwQAWXX6MA0GCSqGSIb3DQEBCwUAA4IBAQCwW7QcJ6+S
cPR4MoXC0nfhn2ld7tNMo4Bx+CqnkZv7G1ivZHikfBCXlNR6GwRpNjUSk0I8YErn
ymPz0du9ugnIlw+44CqbOCw32zpLPyvy/JA385QS0VnkYXwx9SlscYgt4/FGDgeW
nS+u5K4IA7JzFzyyPKC5ghHAjVN86QXY1hqshMexYe5gBR5IEfMD96tELsWKkOfJ
hd7pw+RKnTDtCPiqRhq52CoTH/zNT3HUnYaMPWPjdTLo7Hh9bFxTZ1u0wbAgDdOt
OsbtiKIjsTqheOByld0s0aBUWJ5PtyVP8dwfBWkxfx3OsU3yZ5ncoFJ/bX3mxtBv
NsUQpBQlkequ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:28 2025 by rpki-client