Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/mhRzmROP3Z_bs-_-ta-CERLS2-g.roa
File: mhRzmROP3Z_bs-_-ta-CERLS2-g.roa (raw, json)
Hash identifier: VZWvLnFkOlYW5F4q+ZHca3jUZ9UYctpN3Goe03P/pgY=
Subject key identifier: 9A:14:73:99:13:8F:DD:9F:DB:B3:EF:FE:B5:AF:82:11:12:D2:DB:E8
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182866F17FA5FA2FDDA5F51532175C97203
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/mhRzmROP3Z_bs-_-ta-CERLS2-g.roa
Signing time: Wed 10 Aug 2022 06:26:43 +0000
ROA not before: Wed 10 Aug 2022 06:26:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:6f:17:fa:5f:a2:fd:da:5f:51:53:21:75:c9:72:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 06:26:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a147399138fdd9fdbb3effeb5af821112d2dbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:82:49:9d:a2:84:da:78:da:e8:3e:33:45:4c:
8f:d8:53:09:d5:ca:c3:e4:18:f2:41:02:e5:f8:02:
b3:32:ab:b5:22:15:a9:82:33:86:c5:70:21:b7:0d:
36:ad:24:c1:40:30:02:9e:72:f5:2a:ce:15:4c:28:
cf:ba:1a:a4:8e:84:4a:8d:c9:55:19:2c:d1:c5:89:
5e:e8:d4:02:44:77:4b:0d:35:ef:e8:cf:bb:d3:35:
d9:2e:c2:d0:6e:7f:06:2c:4b:ab:99:52:66:15:18:
23:e3:30:0e:1a:6b:ce:07:fa:aa:52:5e:e8:f6:e8:
eb:29:0f:88:d9:fe:8a:d9:d2:fb:75:3f:fc:b2:01:
18:93:11:71:94:35:48:66:55:da:39:c9:68:76:8f:
f9:7d:37:b7:f9:38:e0:6e:0c:e2:52:92:ba:fd:d0:
92:02:19:60:d0:08:ee:0a:8c:fa:03:fb:b0:e6:91:
5c:de:83:95:cc:b4:7b:cf:d2:6b:29:85:07:c1:7c:
f8:a5:14:7e:9d:d0:d9:74:54:73:41:34:4e:0a:fd:
ea:9a:ee:ff:bc:81:cc:db:9e:83:0f:7a:6f:2e:3b:
ef:8d:b9:95:6b:60:53:9f:f6:9c:0f:c4:5d:ac:7a:
72:c0:97:31:d6:97:e6:2c:c5:50:32:97:ed:a8:94:
ee:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:14:73:99:13:8F:DD:9F:DB:B3:EF:FE:B5:AF:82:11:12:D2:DB:E8
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/mhRzmROP3Z_bs-_-ta-CERLS2-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.92.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.179.0/24
89.116.186.0/24
89.116.218.0/24
89.116.252.0/23
89.116.255.0/24
89.117.24.0/23
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
70:18:57:3d:ad:09:c5:6b:b9:70:67:4e:da:49:ba:1c:d1:e3:
23:b3:86:03:d0:d7:c6:87:82:a9:a0:81:44:f4:a4:b4:43:11:
92:28:a8:dd:c0:95:38:d2:f2:88:c6:98:78:b7:0f:06:69:da:
7c:6b:11:02:6b:d0:87:8e:ee:0e:66:24:2e:8d:09:5d:6b:48:
1c:58:55:6c:97:0e:b3:2e:24:87:48:4c:83:b4:19:a1:7b:73:
63:7b:f3:9a:2d:8a:4a:60:10:c4:90:aa:5e:71:9e:02:b7:60:
3c:65:f9:39:90:13:46:03:b3:48:f6:06:b2:da:8c:06:85:1d:
3c:8a:d4:04:36:ee:16:e6:99:db:f5:28:f7:ab:a4:5d:22:8b:
ef:de:a2:a8:cb:9d:bc:73:8d:d9:80:fb:06:84:db:0e:f4:bb:
42:74:11:53:a0:16:df:0f:1e:2d:81:66:f6:68:30:9b:7c:ce:
c3:a3:cf:74:24:0f:03:df:bc:b7:ee:78:46:30:41:85:6b:67:
03:f0:80:38:ad:54:64:dc:35:41:32:a9:58:cd:d9:d4:80:9d:
9a:db:e6:de:07:38:52:33:d2:4e:63:ed:0d:9b:83:95:41:6e:
80:44:1b:1e:ce:a4:f3:b5:1d:2e:c6:a4:bf:b9:91:34:91:cf:
7c:2e:0b:99
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYKGbxf6X6L92l9RUyF1yXIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMDYyNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE0NzM5OTEzOGZkZDlmZGJiM2VmZmViNWFmODIxMTEyZDJkYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4JJnaKE2nja6D4zRUyP2FMJ1crD
5BjyQQLl+AKzMqu1IhWpgjOGxXAhtw02rSTBQDACnnL1Ks4VTCjPuhqkjoRKjclV
GSzRxYle6NQCRHdLDTXv6M+70zXZLsLQbn8GLEurmVJmFRgj4zAOGmvOB/qqUl7o
9ujrKQ+I2f6K2dL7dT/8sgEYkxFxlDVIZlXaOclodo/5fTe3+TjgbgziUpK6/dCS
Ahlg0AjuCoz6A/uw5pFc3oOVzLR7z9JrKYUHwXz4pRR+ndDZdFRzQTROCv3qmu7/
vIHM256DD3pvLjvvjbmVa2BTn/acD8RdrHpywJcx1pfmLMVQMpftqJTuLwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJoUc5kTj92f27Pv/rWvghES0tvoMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvbWhSem1ST1AzWl9icy1fLXRhLUNFUkxTMi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFl0XAME
AFl0hAMEAFl0hwMEAFl0lgMEAFl0owMEAFl0pgMEAFl0rwMEAFl0sQMEAFl0swME
AFl0ugMEAFl02gMEAVl0/AMEAFl0/wMEAVl1GAMEAVl1IAMEAFl1bQMEAFl1gQME
AFl1vgMEAFl13jANBgkqhkiG9w0BAQsFAAOCAQEAcBhXPa0JxWu5cGdO2km6HNHj
I7OGA9DXxoeCqaCBRPSktEMRkiio3cCVONLyiMaYeLcPBmnafGsRAmvQh47uDmYk
Lo0JXWtIHFhVbJcOsy4kh0hMg7QZoXtzY3vzmi2KSmAQxJCqXnGeArdgPGX5OZAT
RgOzSPYGstqMBoUdPIrUBDbuFuaZ2/Uo96ukXSKL796iqMudvHON2YD7BoTbDvS7
QnQRU6AW3w8eLYFm9mgwm3zOw6PPdCQPA9+8t+54RjBBhWtnA/CAOK1UZNw1QTKp
WM3Z1ICdmtvm3gc4UjPSTmPtDZuDlUFugEQbHs6k87UdLsakv7mRNJHPfC4LmQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org