Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iCFrnCmhvVEKvGCGu4Lcfr_i27w.roa
File: iCFrnCmhvVEKvGCGu4Lcfr_i27w.roa (raw, json)
Hash identifier: PJaOKPKtFd3+CzEUnjDcdQC7fkfohpy4v47V2oj4S6Y=
Subject key identifier: 88:21:6B:9C:29:A1:BD:51:0A:BC:60:86:BB:82:DC:7E:BF:E2:DB:BC
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0181E402324F8EC77F050E5ADDFC9476632F
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iCFrnCmhvVEKvGCGu4Lcfr_i27w.roa
Signing time: Sat 09 Jul 2022 17:29:17 +0000
ROA not before: Sat 09 Jul 2022 17:29:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.200.0/24 maxlen: 24
82.140.183.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.96.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.117.120.0/22 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
84.46.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:02:32:4f:8e:c7:7f:05:0e:5a:dd:fc:94:76:63:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 9 17:29:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88216b9c29a1bd510abc6086bb82dc7ebfe2dbbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:0b:e6:0f:94:ea:70:4c:20:9d:8e:df:79:
d3:0e:b8:37:ec:73:d9:16:93:d1:94:be:8d:1c:2a:
29:cb:4b:e2:43:c1:ac:69:54:a0:4f:02:85:4a:29:
b1:19:68:05:e6:59:f6:b4:94:68:7c:b7:48:20:4b:
4e:4a:a3:c5:e7:ad:eb:1c:d2:97:5a:86:b6:8c:a2:
5b:ba:ed:d7:4a:71:83:49:22:e9:1d:bf:f4:52:2b:
4b:3e:f7:ce:eb:cb:b0:38:c6:2e:8b:91:d6:c4:91:
b5:5b:45:dc:6f:a5:ba:65:06:cd:11:de:19:a9:27:
5a:15:34:4d:65:0a:e0:e7:a9:93:59:1f:2a:8e:27:
93:b2:bb:c1:9e:86:c9:37:99:5a:2e:0d:7c:06:f0:
a8:47:b3:b2:60:7d:92:78:6c:f6:1c:d3:02:62:12:
72:cd:87:25:6c:23:e7:4b:47:af:4c:24:9a:96:a5:
14:27:d9:18:9f:d0:4f:35:8c:4c:ab:f2:e1:4c:56:
07:8f:ab:64:b3:02:c1:6b:5a:74:3e:fa:7f:f4:3a:
0d:4c:3a:59:eb:83:5e:69:2a:35:64:ef:81:06:04:
3c:e8:d5:c3:de:0b:38:af:35:21:31:a6:be:d3:3b:
0f:a3:7d:53:dd:1d:13:23:c6:a8:f9:03:c2:51:cd:
d8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:21:6B:9C:29:A1:BD:51:0A:BC:60:86:BB:82:DC:7E:BF:E2:DB:BC
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iCFrnCmhvVEKvGCGu4Lcfr_i27w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.183.0/24
84.46.200.0/24
86.38.4.0/23
86.38.180.0/22
86.38.189.0/24
86.38.200.0/24
86.38.220.0/23
86.38.242.0/23
86.38.246.0/23
89.116.56.0/24
89.116.58.0/23
89.116.96.0/24
89.116.135.0/24
89.116.156.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0/20
89.117.109.0/24
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
75:70:f1:ef:51:b7:4d:3b:5c:fc:59:2c:dd:d4:6c:08:85:13:
e3:e9:e1:86:ee:05:97:dc:f0:db:2f:2c:d9:39:f4:83:5d:d0:
67:be:1d:e1:a1:5b:f3:89:d3:a3:05:36:40:aa:fd:2b:e3:6b:
a7:4e:06:82:9d:bb:e6:ad:6d:4d:a9:08:58:0b:6f:2d:57:df:
be:db:cf:d2:1a:9d:78:b2:11:5d:70:6f:b6:91:a9:6b:46:7b:
7d:78:2b:6b:55:21:f7:6a:51:c3:62:ed:8b:c0:60:95:8f:cb:
c4:c6:3b:79:98:79:a6:ad:45:bf:76:24:87:93:2c:0a:de:6d:
00:13:27:ff:27:7b:41:a1:c7:4d:25:02:17:4f:d2:b4:89:21:
11:b7:53:7e:57:78:e6:c9:6f:c1:d7:cb:80:ab:e0:a8:1a:f8:
f2:cf:b0:5d:59:e3:d7:4e:71:75:9d:f1:0f:ee:a5:60:28:9a:
cb:14:85:2a:9f:b7:d4:6e:30:d7:9e:37:82:40:61:7a:de:c4:
39:a1:b8:06:26:8b:67:c7:dc:b3:24:fa:59:1a:4b:77:d0:c9:
7b:bb:98:98:e9:8b:99:7b:8b:97:da:34:ac:e6:7f:f2:3a:ce:
a0:a4:48:47:84:a1:e1:ff:41:2e:85:86:54:96:10:c0:f4:7b:
64:d1:a9:ea
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYHkAjJPjsd/BQ5a3fyUdmMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzA5MTcyOTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODIxNmI5YzI5YTFiZDUxMGFiYzYwODZiYjgyZGM3ZWJmZTJkYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXgL5g+U6nBMIJ2O33nTDrg37HPZ
FpPRlL6NHCopy0viQ8GsaVSgTwKFSimxGWgF5ln2tJRofLdIIEtOSqPF563rHNKX
Woa2jKJbuu3XSnGDSSLpHb/0UitLPvfO68uwOMYui5HWxJG1W0Xcb6W6ZQbNEd4Z
qSdaFTRNZQrg56mTWR8qjieTsrvBnobJN5laLg18BvCoR7OyYH2SeGz2HNMCYhJy
zYclbCPnS0evTCSalqUUJ9kYn9BPNYxMq/LhTFYHj6tkswLBa1p0Pvp/9DoNTDpZ
64NeaSo1ZO+BBgQ86NXD3gs4rzUhMaa+0zsPo31T3R0TI8ao+QPCUc3Y4wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFIgha5wpob1RCrxghruC3H6/4tu8MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvaUNGcm5DbWh2VkVLdkdDR3U0TGNmcl9pMjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBABS
jLcDBABULsgDBAFWJgQDBAJWJrQDBABWJr0DBABWJsgDBAFWJtwDBAFWJvIDBAFW
JvYDBABZdDgDBAFZdDoDBABZdGADBABZdIcDBABZdJwDBABZdK8DBABZdLEDBABZ
dNoDBAFZdPIDBAFZdPYDBABZdQsDBARZdTADBABZdW0DBAJZdXgwDQYJKoZIhvcN
AQELBQADggEBAHVw8e9Rt007XPxZLN3UbAiFE+Pp4YbuBZfc8NsvLNk59INd0Ge+
HeGhW/OJ06MFNkCq/Svja6dOBoKdu+atbU2pCFgLby1X377bz9IanXiyEV1wb7aR
qWtGe314K2tVIfdqUcNi7YvAYJWPy8TGO3mYeaatRb92JIeTLArebQATJ/8ne0Gh
x00lAhdP0rSJIRG3U35XeObJb8HXy4Cr4Kga+PLPsF1Z49dOcXWd8Q/upWAomssU
hSqft9RuMNeeN4JAYXrexDmhuAYmi2fH3LMk+lkaS3fQyXu7mJjpi5l7i5faNKzm
f/I6zqCkSEeEoeH/QS6FhlSWEMD0e2TRqeo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org