Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/jXCNdCDaFniYs7-hUjD3sqI6Njc.roa
File: jXCNdCDaFniYs7-hUjD3sqI6Njc.roa (raw, json)
Hash identifier: N4G6BgyvcVFkl1ivJ/ynQnPLImI/qjSwmoG+OhgxCFE=
Subject key identifier: 8D:70:8D:74:20:DA:16:78:98:B3:BF:A1:52:30:F7:B2:A2:3A:36:37
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01841AB0981F6C6942A55623EAD8601D6BE2
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/jXCNdCDaFniYs7-hUjD3sqI6Njc.roa
Signing time: Thu 27 Oct 2022 18:24:51 +0000
ROA not before: Thu 27 Oct 2022 18:24:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.200.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1a:b0:98:1f:6c:69:42:a5:56:23:ea:d8:60:1d:6b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 27 18:24:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d708d7420da167898b3bfa15230f7b2a23a3637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:56:17:67:60:ec:b8:47:04:de:9b:47:0e:
6d:a6:30:c0:e6:c7:b9:e0:7a:b2:ae:e2:99:9c:22:
5f:6c:cc:ca:a5:1d:01:4b:8b:46:34:f3:03:cb:65:
06:de:66:94:6f:bd:e0:29:d3:d0:b6:dc:95:ba:3b:
59:e0:07:34:35:03:26:f6:76:01:0b:df:3f:44:d7:
37:e6:5c:81:ca:ec:0c:11:4f:1d:c3:5a:78:37:e4:
52:d1:a1:09:6d:3e:6c:b2:b0:ce:6f:e2:b8:ae:50:
a6:d2:ad:8e:33:7c:d5:a9:83:71:6e:38:cf:cb:32:
c0:9b:ce:ea:12:3f:cf:de:9d:11:a6:e5:c8:f7:c2:
2a:5e:92:e1:01:9a:98:6c:de:0d:b1:9b:05:1e:96:
60:1d:d1:8a:23:20:8a:50:2b:c4:67:27:5a:c9:97:
bd:82:c7:d9:97:ae:e5:4a:e6:36:bd:76:df:0c:c1:
6a:a3:b2:f6:9a:16:e7:3e:7f:63:9b:5c:4c:7b:19:
c7:35:58:a3:aa:2f:5d:f3:65:60:31:91:5c:fb:5f:
6d:f1:ed:f2:7a:ed:6d:3c:b2:2b:ae:98:3d:d7:32:
54:f5:91:2d:9f:50:de:95:1f:7e:c1:64:a6:74:f5:
be:dc:2d:c7:67:02:5f:d7:ca:4a:20:cc:59:d3:7a:
97:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:70:8D:74:20:DA:16:78:98:B3:BF:A1:52:30:F7:B2:A2:3A:36:37
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/jXCNdCDaFniYs7-hUjD3sqI6Njc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.4.0/23
86.38.180.0/22
86.38.189.0/24
86.38.200.0/24
86.38.220.0/23
86.38.242.0/23
86.38.246.0/23
89.116.56.0/24
89.116.135.0/24
89.116.156.0/24
89.116.175.0/24
89.116.177.0/24
89.116.189.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0/20
89.117.109.0/24
89.117.228.0/23
Signature Algorithm: sha256WithRSAEncryption
72:4a:1c:53:06:fd:c6:26:f5:a3:eb:95:37:71:d9:64:db:91:
92:24:08:47:d6:02:63:3b:47:91:e9:f5:9e:e9:2c:38:7f:8e:
5e:65:72:d8:4d:3b:57:a0:2a:19:9e:e6:87:0b:97:06:10:bb:
c1:ce:fd:3e:4b:b7:b2:d2:d4:7a:2d:e3:4d:23:6f:fa:ec:4d:
23:c9:36:dd:89:bf:27:e4:40:d3:31:a2:8b:7f:ff:41:ad:d0:
23:3d:65:03:fd:fd:b2:2c:97:ff:54:5c:d1:1a:01:3c:09:b3:
81:6e:7f:30:97:d4:33:fe:db:2a:cc:eb:fa:21:9d:a1:d2:d5:
c8:01:29:d0:e7:ab:6b:e9:2d:67:dd:ce:9f:e5:de:b4:06:34:
58:b8:4e:85:cf:51:65:33:39:d0:b7:5c:8f:bb:14:8c:93:1e:
89:99:4b:76:83:52:8b:76:d7:97:26:56:90:02:71:b7:68:7b:
e7:e3:b2:7e:55:9b:04:5c:6b:f3:b6:4f:5b:8b:d7:57:ba:53:
5a:33:27:d1:1c:7c:39:f8:e7:a5:eb:cc:c1:34:62:db:a4:3a:
e7:aa:8e:ac:af:1d:1f:a4:fd:d5:fa:02:b1:d4:4b:0b:84:b6:
52:08:76:97:57:b7:7d:9e:35:67:bc:fb:1c:7d:ed:b1:02:72:
e1:16:64:18
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYQasJgfbGlCpVYj6thgHWviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDI3MTgyNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDcwOGQ3NDIwZGExNjc4OThiM2JmYTE1MjMwZjdiMmEyM2EzNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2dWF2dg7LhHBN6bRw5tpjDA5se5
4HqyruKZnCJfbMzKpR0BS4tGNPMDy2UG3maUb73gKdPQttyVujtZ4Ac0NQMm9nYB
C98/RNc35lyByuwMEU8dw1p4N+RS0aEJbT5ssrDOb+K4rlCm0q2OM3zVqYNxbjjP
yzLAm87qEj/P3p0RpuXI98IqXpLhAZqYbN4NsZsFHpZgHdGKIyCKUCvEZydayZe9
gsfZl67lSuY2vXbfDMFqo7L2mhbnPn9jm1xMexnHNVijqi9d82VgMZFc+19t8e3y
eu1tPLIrrpg91zJU9ZEtn1DelR9+wWSmdPW+3C3HZwJf18pKIMxZ03qXEwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFI1wjXQg2hZ4mLO/oVIw97KiOjY3MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvalhDTmRDRGFGbmlZczctaFVqRDNzcUk2TmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQBViYE
AwQCVia0AwQAVia9AwQAVibIAwQBVibcAwQBVibyAwQBVib2AwQAWXQ4AwQAWXSH
AwQAWXScAwQAWXSvAwQAWXSxAwQAWXS9AwQAWXTaAwQBWXTyAwQBWXT2AwQAWXUL
AwQEWXUwAwQAWXVtAwQBWXXkMA0GCSqGSIb3DQEBCwUAA4IBAQByShxTBv3GJvWj
65U3cdlk25GSJAhH1gJjO0eR6fWe6Sw4f45eZXLYTTtXoCoZnuaHC5cGELvBzv0+
S7ey0tR6LeNNI2/67E0jyTbdib8n5EDTMaKLf/9BrdAjPWUD/f2yLJf/VFzRGgE8
CbOBbn8wl9Qz/tsqzOv6IZ2h0tXIASnQ56tr6S1n3c6f5d60BjRYuE6Fz1FlMznQ
t1yPuxSMkx6JmUt2g1KLdteXJlaQAnG3aHvn47J+VZsEXGvztk9bi9dXulNaMyfR
HHw5+Oel68zBNGLbpDrnqo6srx0fpP3V+gKx1EsLhLZSCHaXV7d9njVnvPscfe2x
AnLhFmQY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org