Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kUmt-Yt3ytnAcHSWrKkbbJl7gcc.roa
File: kUmt-Yt3ytnAcHSWrKkbbJl7gcc.roa (raw, json)
Hash identifier: 4S4pgGdDsG/P0EIQhHxEPxXmUvClxbzs8JqKbKkm/hE=
Subject key identifier: 91:49:AD:F9:8B:77:CA:D9:C0:70:74:96:AC:A9:1B:6C:99:7B:81:C7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 01824F2954B3CC2C5E4922125D91ED5BAEDB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kUmt-Yt3ytnAcHSWrKkbbJl7gcc.roa
Signing time: Sat 30 Jul 2022 12:51:24 +0000
ROA not before: Sat 30 Jul 2022 12:51:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 86.38.246.0/23 maxlen: 24
89.117.80.0/22 maxlen: 24
89.116.32.0/21 maxlen: 24
89.116.58.0/23 maxlen: 24
89.116.180.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4f:29:54:b3:cc:2c:5e:49:22:12:5d:91:ed:5b:ae:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 30 12:51:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9149adf98b77cad9c0707496aca91b6c997b81c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f6:71:2e:be:71:02:da:ae:11:b9:85:2f:0c:
78:e8:40:bb:f5:e8:31:e9:63:72:e3:f9:6b:af:ce:
25:ed:a7:3a:b6:e4:77:4d:50:65:bf:18:02:17:8b:
34:aa:90:90:b1:86:fa:b4:35:35:22:4f:d4:7c:54:
01:75:7b:93:4e:ec:a5:c3:4c:32:ac:88:a3:20:4b:
c9:bf:cb:11:e5:fa:c8:e6:27:c7:e7:24:65:53:28:
0e:a6:08:36:f4:91:92:5d:7f:85:01:fd:79:7b:c6:
f5:70:76:22:49:00:0a:9b:a6:b0:40:73:23:3b:24:
94:fe:80:e9:e5:56:1f:cb:d7:06:1b:35:5c:67:0e:
97:2c:42:a2:af:bc:55:f2:c1:d2:c1:fd:15:9c:64:
c4:b2:bf:6d:6a:b7:82:b2:5a:51:25:0b:6c:77:97:
65:16:a4:63:5b:34:67:f6:18:c9:9e:43:2d:6b:9f:
10:5d:e0:ed:c8:ee:f6:c8:6a:a5:be:94:67:d6:79:
82:28:9a:07:ca:7a:ff:49:4d:75:98:0e:32:d7:5f:
5e:d9:98:78:b9:7e:94:bb:48:ed:c7:ff:fd:55:dc:
77:28:66:cd:35:c9:b6:7f:15:db:49:32:f8:97:00:
8a:a2:eb:24:34:9c:f8:dc:c4:68:41:07:22:29:7d:
9d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:49:AD:F9:8B:77:CA:D9:C0:70:74:96:AC:A9:1B:6C:99:7B:81:C7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kUmt-Yt3ytnAcHSWrKkbbJl7gcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.246.0/23
89.116.32.0/21
89.116.58.0/23
89.116.180.0/22
89.117.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:e7:d5:7a:d7:00:2e:d0:f8:24:d4:69:08:aa:36:c6:a6:90:
39:e3:41:19:09:1d:0d:ec:3c:d4:9e:13:79:33:59:79:ed:3d:
9a:3e:41:cf:bb:02:ec:9c:b4:39:d5:f6:1c:78:75:21:4a:bc:
38:74:78:36:17:6a:08:e0:21:9e:f2:31:29:e3:49:aa:8e:e7:
98:9e:fc:eb:70:2e:f7:09:d7:3c:b0:84:9b:28:97:cb:0e:ca:
26:cc:35:e0:6e:dd:0b:08:90:d8:ae:f3:bf:1a:6f:b7:f0:d7:
74:62:73:cd:b6:c8:77:52:bc:b7:1d:0f:d2:46:56:d7:c4:41:
53:c7:06:92:ff:b7:f8:ae:84:00:17:05:46:dc:c3:bc:76:10:
9c:a7:d2:4f:29:ea:3b:f8:1e:33:be:b0:8e:47:62:4d:25:26:
b1:f2:c0:99:3f:93:a2:e0:6d:5f:53:9a:f8:9b:15:0f:51:3d:
3b:48:4d:7c:13:dc:89:9e:81:57:88:f7:5a:c6:5a:d3:bc:14:
e6:d6:8f:69:18:61:43:44:18:0b:38:d0:93:e8:a7:17:3a:cc:
c6:c6:32:70:aa:a6:7e:37:1c:e6:3e:64:d3:27:eb:1a:93:ed:
13:5e:d4:aa:c7:38:26:c1:47:c7:34:46:7c:0a:07:e9:4c:13:
9a:20:d7:ff
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYJPKVSzzCxeSSISXZHtW67bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzMwMTI1MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQ5YWRmOThiNzdjYWQ5YzA3MDc0OTZhY2E5MWI2Yzk5N2I4MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfZxLr5xAtquEbmFLwx46EC79egx
6WNy4/lrr84l7ac6tuR3TVBlvxgCF4s0qpCQsYb6tDU1Ik/UfFQBdXuTTuylw0wy
rIijIEvJv8sR5frI5ifH5yRlUygOpgg29JGSXX+FAf15e8b1cHYiSQAKm6awQHMj
OySU/oDp5VYfy9cGGzVcZw6XLEKir7xV8sHSwf0VnGTEsr9tareCslpRJQtsd5dl
FqRjWzRn9hjJnkMta58QXeDtyO72yGqlvpRn1nmCKJoHynr/SU11mA4y119e2Zh4
uX6Uu0jtx//9Vdx3KGbNNcm2fxXbSTL4lwCKouskNJz43MRoQQciKX2dsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJFJrfmLd8rZwHB0lqypG2yZe4HHMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEva1VtdC1ZdDN5dG5BY0hTV3JLa2JiSmw3Z2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVC7qAwQB
Vib2AwQDWXQgAwQBWXQ6AwQCWXS0AwQCWXVQMA0GCSqGSIb3DQEBCwUAA4IBAQB9
59V61wAu0Pgk1GkIqjbGppA540EZCR0N7DzUnhN5M1l57T2aPkHPuwLsnLQ51fYc
eHUhSrw4dHg2F2oI4CGe8jEp40mqjueYnvzrcC73Cdc8sISbKJfLDsomzDXgbt0L
CJDYrvO/Gm+38Nd0YnPNtsh3Ury3HQ/SRlbXxEFTxwaS/7f4roQAFwVG3MO8dhCc
p9JPKeo7+B4zvrCOR2JNJSax8sCZP5Oi4G1fU5r4mxUPUT07SE18E9yJnoFXiPda
xlrTvBTm1o9pGGFDRBgLONCT6KcXOszGxjJwqqZ+NxzmPmTTJ+sak+0TXtSqxzgm
wUfHNEZ8CgfpTBOaINf/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org