Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kaMBDn6jXAPC-wK4TioqVuU9lx4.roa
File: kaMBDn6jXAPC-wK4TioqVuU9lx4.roa (raw, json)
Hash identifier: w89YJabCHy8dkKDzsOYfTe7TriIusr6hBDSqR9u7228=
Subject key identifier: 91:A3:01:0E:7E:A3:5C:03:C2:FB:02:B8:4E:2A:2A:56:E5:3D:97:1E
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0B845A68
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kaMBDn6jXAPC-wK4TioqVuU9lx4.roa
Signing time: Thu 23 Jun 2022 12:57:56 +0000
ROA not before: Thu 23 Jun 2022 12:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 89.117.104.0/22 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.160.0/22 maxlen: 24
89.117.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193223272 (0xb845a68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jun 23 12:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a3010e7ea35c03c2fb02b84e2a2a56e53d971e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:8a:18:43:4f:1e:6a:d0:d0:5e:84:c1:cb:
c4:a7:b4:0b:10:72:f5:1d:d1:b9:4b:50:c4:f9:f6:
1f:0e:ab:28:0b:a1:52:4b:6b:bb:93:fe:be:1d:f4:
71:58:e9:16:c7:9b:21:54:74:9e:ed:91:f3:78:3c:
f1:80:ea:3c:40:5b:c6:18:46:18:13:37:1b:da:d0:
ba:02:bf:c5:31:61:9c:c5:3c:af:bd:5f:de:6d:7d:
24:97:16:24:c1:62:80:28:24:7c:df:c8:d8:41:d3:
e2:e2:c0:b5:a4:c8:1a:93:0a:33:d0:0d:eb:fb:16:
10:7e:05:16:6a:74:56:f1:9f:7a:3a:bc:13:11:32:
20:34:91:05:1a:e3:2f:cb:b8:38:fa:57:d9:97:a1:
5a:00:f9:3a:1f:28:6b:5e:fb:5f:f0:50:00:ba:1d:
89:71:05:8c:6b:e4:29:c0:70:2c:cd:20:15:3e:15:
f4:df:be:00:77:6d:e5:45:0e:bc:72:fa:f1:5e:80:
4e:c9:be:4a:ef:bc:4d:e8:69:21:90:6a:26:7b:e0:
0c:11:89:f9:30:21:a4:76:48:a5:d2:e5:f0:e1:f6:
15:be:92:3d:c1:3f:5f:49:e7:67:0d:b2:d4:97:c1:
d4:ad:c3:e9:ab:3b:4e:d1:98:76:e2:a6:2d:bb:f7:
bd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A3:01:0E:7E:A3:5C:03:C2:FB:02:B8:4E:2A:2A:56:E5:3D:97:1E
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kaMBDn6jXAPC-wK4TioqVuU9lx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.117.64.0/22
89.117.104.0/22
89.117.132.0/22
89.117.160.0/22
Signature Algorithm: sha256WithRSAEncryption
78:c2:39:23:55:4a:c2:16:a4:34:5e:4d:42:bc:ce:2d:9a:2c:
a8:46:21:21:de:48:51:e9:a2:8b:c5:82:d9:1a:4b:da:9c:cc:
8a:7f:0c:4f:15:8e:d4:de:0d:0f:20:c2:b8:28:71:9f:1a:10:
af:86:dc:7a:7d:99:10:a6:e5:c2:ec:f4:04:51:31:ea:a4:39:
62:50:d3:3a:88:c5:fd:cc:f3:d6:ee:8b:01:af:8f:79:6f:3c:
bd:b9:2c:44:b1:3c:45:31:10:8f:d9:e8:3a:07:44:81:f8:86:
e6:cd:2f:0f:ec:dd:6a:9a:13:df:36:5a:86:3b:0d:78:38:ae:
5b:7a:80:5a:a6:d5:60:78:e9:a4:3c:1c:2b:de:6a:f3:dd:f8:
90:3b:c4:92:ac:90:a1:d9:b9:70:cd:e3:bc:78:43:0c:9a:6f:
c0:8c:77:3f:ce:82:6a:f8:92:81:4d:d9:46:c0:8a:f2:97:73:
5c:ea:e3:92:bf:e0:86:48:74:3e:99:a4:77:63:85:ff:08:64:
e0:6d:d4:2c:d4:5f:ab:b4:58:d0:b5:f7:40:9a:f4:d6:49:56:
ff:d9:6c:3e:c3:27:bb:8d:49:4b:37:84:d7:19:ef:60:75:bd:
ae:f7:f9:9d:80:8b:59:cd:e2:fa:61:8d:ff:0e:cb:49:81:5f:
97:ce:44:c8
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC4RaaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDYy
MzEyNTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFhMzAxMGU3ZWEz
NWMwM2MyZmIwMmI4NGUyYTJhNTZlNTNkOTcxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKweihhDTx5q0NBehMHLxKe0CxBy9R3RuUtQxPn2Hw6rKAuh
Uktru5P+vh30cVjpFsebIVR0nu2R83g88YDqPEBbxhhGGBM3G9rQugK/xTFhnMU8
r71f3m19JJcWJMFigCgkfN/I2EHT4uLAtaTIGpMKM9AN6/sWEH4FFmp0VvGfejq8
ExEyIDSRBRrjL8u4OPpX2ZehWgD5Oh8oa177X/BQALodiXEFjGvkKcBwLM0gFT4V
9N++AHdt5UUOvHL68V6ATsm+Su+8TehpIZBqJnvgDBGJ+TAhpHZIpdLl8OH2Fb6S
PcE/X0nnZw2y1JfB1K3D6as7TtGYduKmLbv3vcUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSRowEOfqNcA8L7ArhOKipW5T2XHjAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2thTUJEbjZqWEFQQy13SzRUaW9xVnVVOWx4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAll1QAMEAll1aAMEAll1hAMEAll1
oDANBgkqhkiG9w0BAQsFAAOCAQEAeMI5I1VKwhakNF5NQrzOLZosqEYhId5IUemi
i8WC2RpL2pzMin8MTxWO1N4NDyDCuChxnxoQr4bcen2ZEKblwuz0BFEx6qQ5YlDT
OojF/czz1u6LAa+PeW88vbksRLE8RTEQj9noOgdEgfiG5s0vD+zdapoT3zZahjsN
eDiuW3qAWqbVYHjppDwcK95q8934kDvEkqyQodm5cM3jvHhDDJpvwIx3P86CaviS
gU3ZRsCK8pdzXOrjkr/ghkh0Ppmkd2OF/whk4G3ULNRfq7RY0LX3QJr01klW/9ls
PsMnu41JSzeE1xnvYHW9rvf5nYCLWc3i+mGN/w7LSYFfl85EyA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org