Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ivaDO70tBttmyxpOeqYPZ9jkVYg.roa
File: ivaDO70tBttmyxpOeqYPZ9jkVYg.roa (raw, json)
Hash identifier: GLi2SlrXsGjaLC2e3ZXdPQa4DHqokMSBwxSKNA+zxNk=
Subject key identifier: 8A:F6:83:3B:BD:2D:06:DB:66:CB:1A:4E:7A:A6:0F:67:D8:E4:55:88
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 018287B772C4C21B4A4EC40D64B60C242038
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ivaDO70tBttmyxpOeqYPZ9jkVYg.roa
Signing time: Wed 10 Aug 2022 12:25:22 +0000
ROA not before: Wed 10 Aug 2022 12:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 89.117.190.0/24 maxlen: 24
86.38.151.0/24 maxlen: 24
86.38.156.0/24 maxlen: 24
89.117.245.0/24 maxlen: 24
89.116.180.0/22 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.96.0/24 maxlen: 24
86.38.235.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:87:b7:72:c4:c2:1b:4a:4e:c4:0d:64:b6:0c:24:20:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 12:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8af6833bbd2d06db66cb1a4e7aa60f67d8e45588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:af:00:b3:2d:99:26:e8:89:0c:f5:22:cd:95:
24:a1:e8:03:39:db:5f:4d:60:40:8f:2e:2f:df:28:
7f:f0:3d:70:6f:48:2b:7e:bf:50:f6:79:58:71:8c:
93:1e:81:55:e9:c1:28:33:58:7e:5f:e9:6a:4e:45:
74:9a:be:c2:0e:43:e1:d9:8a:52:ba:82:79:68:9c:
29:e5:1c:97:07:08:e6:24:73:b1:60:66:2b:d2:3a:
59:da:07:fb:82:3f:15:50:4b:b9:6b:55:e0:71:04:
07:6a:db:7b:22:61:7e:bb:35:a0:63:ce:eb:7f:a7:
0c:fd:3e:e7:ea:aa:6a:b8:c8:9c:d4:1c:77:4b:2b:
a9:55:49:99:6c:6e:bf:b0:9f:f4:19:00:55:fa:21:
92:6c:c7:f4:ee:b1:73:db:c2:6f:75:91:56:dc:1d:
67:d0:bd:43:44:c9:8d:c5:80:88:e2:1e:0a:4f:61:
6a:17:1c:dd:85:b7:93:92:12:11:7b:cc:17:df:a6:
25:ac:57:0e:79:3d:71:d0:3f:bc:7f:f3:b2:79:a0:
ef:4d:4e:c5:ab:20:fe:c2:15:3d:3d:d6:e2:7d:d5:
0b:5b:3b:b6:4d:04:69:cf:ff:da:62:7c:93:bf:00:
71:91:f6:13:dd:1d:46:9a:6b:23:a9:47:5f:29:3a:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F6:83:3B:BD:2D:06:DB:66:CB:1A:4E:7A:A6:0F:67:D8:E4:55:88
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ivaDO70tBttmyxpOeqYPZ9jkVYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.151.0/24
86.38.156.0/24
86.38.235.0/24
89.116.96.0/24
89.116.180.0/22
89.117.190.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7a:73:7e:35:7c:a4:fb:e1:42:ec:a2:63:38:71:e4:2e:61:
1d:d5:9b:f5:83:02:f0:89:6d:68:6b:37:fb:f4:58:96:c5:c1:
82:1a:7b:6d:f3:cf:bc:be:93:0a:5a:0e:58:4e:37:49:79:05:
00:14:d6:b6:e8:34:ff:7d:91:58:c4:20:19:b2:7c:79:3b:d6:
73:03:9c:b0:0b:a7:fc:b1:46:88:61:1b:03:49:0a:73:7b:02:
b6:13:73:32:a6:21:d0:2d:b3:a9:38:5c:a0:0d:f4:a8:f5:1a:
f1:27:96:07:a7:01:4e:04:4b:49:89:eb:e3:d2:89:ab:e1:a9:
49:55:45:e8:3b:c2:f1:90:5c:b9:40:6c:a8:f3:88:04:9f:f2:
6d:5a:c6:47:80:00:81:b7:a7:04:f5:d1:c1:2b:1b:e7:b5:ab:
ac:c4:42:03:fc:d8:b6:fb:60:64:44:30:a5:34:84:73:83:44:
a0:64:ac:91:5b:20:19:4d:26:b4:48:7e:3e:bb:b8:e8:07:dd:
ef:58:9b:9c:18:bb:07:51:c4:cf:d9:4b:1e:c2:56:ef:74:4a:
6d:b0:1a:4b:75:1a:15:9e:89:90:44:17:c6:88:94:7e:81:68:
8e:a1:f1:4d:09:c3:56:85:4e:72:f6:24:e8:e0:56:80:a8:62:
dc:20:17:d6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYKHt3LEwhtKTsQNZLYMJCA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMTIyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY2ODMzYmJkMmQwNmRiNjZjYjFhNGU3YWE2MGY2N2Q4ZTQ1NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6a8Asy2ZJuiJDPUizZUkoegDOdtf
TWBAjy4v3yh/8D1wb0grfr9Q9nlYcYyTHoFV6cEoM1h+X+lqTkV0mr7CDkPh2YpS
uoJ5aJwp5RyXBwjmJHOxYGYr0jpZ2gf7gj8VUEu5a1XgcQQHatt7ImF+uzWgY87r
f6cM/T7n6qpquMic1Bx3SyupVUmZbG6/sJ/0GQBV+iGSbMf07rFz28JvdZFW3B1n
0L1DRMmNxYCI4h4KT2FqFxzdhbeTkhIRe8wX36YlrFcOeT1x0D+8f/OyeaDvTU7F
qyD+whU9PdbifdULWzu2TQRpz//aYnyTvwBxkfYT3R1GmmsjqUdfKTqfhQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIr2gzu9LQbbZssaTnqmD2fY5FWIMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvaXZhRE83MHRCdHRteXhwT2VxWVBaOWprVllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCVC7sAwQA
ViaXAwQAViacAwQAVibrAwQAWXRgAwQCWXS0AwQAWXW+AwQAWXX1AwQAWXX6MA0G
CSqGSIb3DQEBCwUAA4IBAQAkenN+NXyk++FC7KJjOHHkLmEd1Zv1gwLwiW1oazf7
9FiWxcGCGntt88+8vpMKWg5YTjdJeQUAFNa26DT/fZFYxCAZsnx5O9ZzA5ywC6f8
sUaIYRsDSQpzewK2E3MypiHQLbOpOFygDfSo9RrxJ5YHpwFOBEtJievj0omr4alJ
VUXoO8LxkFy5QGyo84gEn/JtWsZHgACBt6cE9dHBKxvntausxEID/Ni2+2BkRDCl
NIRzg0SgZKyRWyAZTSa0SH4+u7joB93vWJucGLsHUcTP2UsewlbvdEptsBpLdRoV
nomQRBfGiJR+gWiOofFNCcNWhU5y9iTo4FaAqGLcIBfW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org