Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/nZnbnBQOACtmYyrI5G-EFcappzA.roa
File: nZnbnBQOACtmYyrI5G-EFcappzA.roa (raw, json)
Hash identifier: EKe08au6RcxzTWiT12Qwv931MFlU8IKBaXIlc94tZLg=
Subject key identifier: 9D:99:DB:9C:14:0E:00:2B:66:63:2A:C8:E4:6F:84:15:C6:A9:A7:30
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0181E40232CDFE7DBFE3AE4D6DC828510412
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/nZnbnBQOACtmYyrI5G-EFcappzA.roa
Signing time: Sat 09 Jul 2022 17:29:18 +0000
ROA not before: Sat 09 Jul 2022 17:29:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.140.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.91.0/24 maxlen: 24
86.38.232.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.117.120.0/22 maxlen: 24
89.116.202.0/24 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:02:32:cd:fe:7d:bf:e3:ae:4d:6d:c8:28:51:04:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 9 17:29:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d99db9c140e002b66632ac8e46f8415c6a9a730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6b:cb:d0:ed:b2:3c:7b:1f:58:02:7e:19:9c:
9c:43:55:e2:5a:a9:1b:67:d4:79:7e:42:77:a0:59:
8f:d3:b7:8f:79:09:b6:a7:e2:9d:28:59:d2:6a:79:
78:f6:65:c3:9f:24:ee:c1:d2:bc:ec:4a:3d:cf:c7:
62:be:5b:8e:7f:d9:28:6c:06:54:cd:17:ba:35:40:
24:e5:ed:cd:0e:b5:0d:de:8f:e7:ee:ae:3b:7d:5a:
fc:7a:95:ab:b6:9c:af:1e:74:9b:98:b2:70:7e:74:
7b:68:a8:82:64:be:ca:1f:49:93:5e:85:9c:13:76:
eb:0f:dc:2e:57:d3:3d:fe:ed:68:99:61:2b:16:e6:
a2:0a:c2:d0:53:62:9a:a6:2c:94:5d:56:74:ec:f1:
83:8b:1a:bc:39:7b:4b:3c:f1:42:ef:f6:0a:f8:c2:
86:5e:1c:06:d6:dd:9e:14:6d:4f:a6:68:ec:69:a8:
62:0a:5b:7c:75:39:ac:d4:70:b9:1a:54:ff:b4:12:
c4:eb:97:9c:7b:30:70:bc:b3:a5:92:72:84:d3:65:
7e:db:25:b1:19:4b:81:d8:6f:23:b9:62:7c:ce:57:
3a:54:91:db:64:91:9d:a5:6b:68:33:db:e6:6c:5c:
c2:9a:81:8a:aa:3a:41:7a:9c:65:13:8f:0e:37:e3:
19:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:99:DB:9C:14:0E:00:2B:66:63:2A:C8:E4:6F:84:15:C6:A9:A7:30
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/nZnbnBQOACtmYyrI5G-EFcappzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
86.38.232.0/24
89.116.76.0/24
89.116.91.0/24
89.116.123.0/24
89.116.140.0/24
89.116.202.0/24
89.116.212.0/22
89.116.250.0/24
89.117.12.0/23
89.117.24.0/23
89.117.72.0/21
89.117.88.0/22
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:5c:ab:5e:b3:67:06:36:ab:63:0f:74:de:06:15:70:40:92:
4d:98:8b:45:48:ae:88:9b:8c:44:50:93:8a:b0:db:ba:c8:cb:
af:44:56:ca:16:af:eb:a2:2a:98:fc:22:db:b8:02:32:16:ff:
40:47:2d:e0:4a:16:c4:24:db:bc:57:f3:1a:88:8b:3b:7b:0b:
b4:bf:1b:07:d8:55:4a:f0:d5:0d:28:23:4e:a3:34:ae:88:58:
eb:2e:8a:40:2a:5a:cf:81:17:18:01:36:86:a7:03:20:e6:24:
7f:90:92:6c:27:4b:83:7c:a9:bd:97:f5:ba:fb:08:43:81:0b:
4e:d0:c9:38:4f:0d:9e:b8:45:da:29:16:f2:35:6f:6c:2f:0d:
43:d0:43:d3:97:df:02:fb:72:54:97:bb:c7:98:02:80:da:87:
9c:47:51:89:6b:be:bd:d9:d8:00:25:07:70:c0:b6:60:c3:d5:
47:40:d3:71:a2:bd:d0:66:ad:c1:af:f7:a2:be:55:e4:ed:19:
68:69:76:03:95:6c:e6:16:a5:0c:58:5d:eb:78:bf:0f:88:3c:
d8:bc:8e:29:1d:14:19:e2:bc:84:b4:ae:e9:7c:2d:ed:26:57:
a6:9e:0c:69:4b:63:c3:25:bc:d6:b3:2f:49:26:b9:49:1a:03:
d5:c4:05:c8
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYHkAjLN/n2/465NbcgoUQQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzA5MTcyOTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk5ZGI5YzE0MGUwMDJiNjY2MzJhYzhlNDZmODQxNWM2YTlhNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32vL0O2yPHsfWAJ+GZycQ1XiWqkb
Z9R5fkJ3oFmP07ePeQm2p+KdKFnSanl49mXDnyTuwdK87Eo9z8divluOf9kobAZU
zRe6NUAk5e3NDrUN3o/n7q47fVr8epWrtpyvHnSbmLJwfnR7aKiCZL7KH0mTXoWc
E3brD9wuV9M9/u1omWErFuaiCsLQU2KapiyUXVZ07PGDixq8OXtLPPFC7/YK+MKG
XhwG1t2eFG1PpmjsaahiClt8dTms1HC5GlT/tBLE65ecezBwvLOlknKE02V+2yWx
GUuB2G8juWJ8zlc6VJHbZJGdpWtoM9vmbFzCmoGKqjpBepxlE48ON+MZsQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJ2Z25wUDgArZmMqyORvhBXGqacwMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvblpuYm5CUU9BQ3RtWXlySTVHLUVGY2FwcHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCVibYAwQA
ViboAwQAWXRMAwQAWXRbAwQAWXR7AwQAWXSMAwQAWXTKAwQCWXTUAwQAWXT6AwQB
WXUMAwQBWXUYAwQDWXVIAwQCWXVYAwQCWXV4MA0GCSqGSIb3DQEBCwUAA4IBAQAv
XKtes2cGNqtjD3TeBhVwQJJNmItFSK6Im4xEUJOKsNu6yMuvRFbKFq/roiqY/CLb
uAIyFv9ARy3gShbEJNu8V/MaiIs7ewu0vxsH2FVK8NUNKCNOozSuiFjrLopAKlrP
gRcYATaGpwMg5iR/kJJsJ0uDfKm9l/W6+whDgQtO0Mk4Tw2euEXaKRbyNW9sLw1D
0EPTl98C+3JUl7vHmAKA2oecR1GJa7692dgAJQdwwLZgw9VHQNNxor3QZq3Br/ei
vlXk7RloaXYDlWzmFqUMWF3reL8PiDzYvI4pHRQZ4ryEtK7pfC3tJlemngxpS2PD
JbzWsy9JJrlJGgPVxAXI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org