Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/novIzt-oUi515BMW5nV0xqp4bTk.roa
File: novIzt-oUi515BMW5nV0xqp4bTk.roa (raw, json)
Hash identifier: q7n8NsGSZi223xGwhlHmRnIVNhtERw53c+bKM+al/5I=
Subject key identifier: 9E:8B:C8:CE:DF:A8:52:2E:75:E4:13:16:E6:75:74:C6:AA:78:6D:39
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0B9C6D83
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/novIzt-oUi515BMW5nV0xqp4bTk.roa
Signing time: Sun 26 Jun 2022 12:37:23 +0000
ROA not before: Sun 26 Jun 2022 12:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 86.38.241.0/24 maxlen: 24
89.116.108.0/24 maxlen: 24
89.117.188.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
86.38.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194801027 (0xb9c6d83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jun 26 12:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e8bc8cedfa8522e75e41316e67574c6aa786d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:08:5c:06:c3:0d:3b:87:32:32:e7:d9:2e:b0:
74:34:ce:e7:d9:f8:14:33:9e:fb:11:66:38:99:af:
bd:a3:a1:df:34:4e:07:a6:41:32:f4:c3:dc:ca:6e:
9e:7a:89:78:b1:f0:cc:d5:d9:d1:46:ed:2c:55:b7:
56:3c:74:2e:c9:81:45:e2:48:fa:de:8e:0e:f6:68:
d2:96:cc:65:cf:63:c1:2a:e5:a0:c8:d8:43:a9:9f:
09:b4:be:23:0b:05:92:b8:82:f1:33:48:45:ba:ec:
f8:f9:d8:b9:0a:2e:54:08:e2:fb:2d:9f:a2:39:8a:
3a:ee:d7:1f:08:26:21:97:4e:9a:2d:d8:8f:67:cf:
94:95:c0:da:f1:01:bd:37:e1:96:9e:e9:46:d2:97:
af:0a:14:55:60:18:d4:e6:b9:eb:40:1f:08:d7:c5:
b4:d6:f8:d9:81:79:71:f3:31:c1:8d:46:d1:bf:2b:
7a:6f:58:78:bf:0c:ba:30:80:a6:32:4f:78:65:b8:
2f:99:d0:c1:e9:50:37:4c:f1:2a:16:9e:49:8f:4e:
05:2b:cc:1d:01:e5:92:ee:bd:65:70:cd:06:89:87:
e4:91:84:7b:66:eb:04:21:62:34:3f:3c:55:c7:3c:
f2:75:af:b8:ef:55:e1:7a:32:42:ff:8a:22:76:4f:
4f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8B:C8:CE:DF:A8:52:2E:75:E4:13:16:E6:75:74:C6:AA:78:6D:39
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/novIzt-oUi515BMW5nV0xqp4bTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.226.0/24
86.38.241.0/24
89.116.108.0/24
89.116.128.0/24
89.116.153.0-89.116.154.255
89.116.189.0-89.116.190.255
89.117.139.0/24
89.117.188.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e5:ba:f5:7f:b9:69:97:af:63:f3:a0:47:c1:e0:0d:54:56:
93:39:dc:71:85:f3:ff:ba:de:82:49:5d:50:13:82:99:b7:3b:
2b:38:3e:2a:a2:e7:54:28:5f:69:f5:47:d1:c7:2d:55:8b:bb:
35:16:4c:2e:e8:b4:3c:d6:b5:1b:2f:41:37:b9:c4:f8:e2:17:
39:3d:d5:b7:92:18:41:68:11:3e:5f:c5:8c:9c:f1:5e:18:8b:
0d:8b:ac:76:e4:46:0d:7e:26:e8:a0:61:f8:9e:c7:48:91:07:
e6:29:9a:4a:67:90:28:d0:19:72:40:39:d3:84:cc:f6:94:3b:
39:fd:b5:4d:08:63:ff:75:1f:16:f7:19:ec:4e:be:65:6e:e6:
b6:9a:47:f6:92:a0:76:6d:f6:27:73:0e:a4:b0:53:e4:5a:3c:
ad:c1:4a:e9:6a:fe:91:7b:8b:63:1f:ef:20:bd:27:f5:75:59:
b7:81:bb:87:dd:ad:e7:99:1a:9a:96:5c:5f:c8:88:3d:6a:c9:
5d:12:8a:3e:2a:9e:b0:42:f3:b9:be:c0:52:8b:cc:fb:ee:9f:
c0:cd:d8:5e:3f:47:b2:7e:68:57:02:25:2c:a7:2b:79:d1:95:
c3:ca:1d:34:b7:2a:f6:f9:58:df:4c:e4:79:ae:21:88:99:04:
45:95:a1:e3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEC5xtgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDYy
NjEyMzcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU4YmM4Y2VkZmE4
NTIyZTc1ZTQxMzE2ZTY3NTc0YzZhYTc4NmQzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIMIXAbDDTuHMjLn2S6wdDTO59n4FDOe+xFmOJmvvaOh3zRO
B6ZBMvTD3MpunnqJeLHwzNXZ0UbtLFW3Vjx0LsmBReJI+t6ODvZo0pbMZc9jwSrl
oMjYQ6mfCbS+IwsFkriC8TNIRbrs+PnYuQouVAji+y2fojmKOu7XHwgmIZdOmi3Y
j2fPlJXA2vEBvTfhlp7pRtKXrwoUVWAY1Oa560AfCNfFtNb42YF5cfMxwY1G0b8r
em9YeL8MujCApjJPeGW4L5nQwelQN0zxKhaeSY9OBSvMHQHlku69ZXDNBomH5JGE
e2brBCFiND88Vcc88nWvuO9V4XoyQv+KInZPTxUCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSei8jO36hSLnXkExbmdXTGqnhtOTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L25vdkl6dC1vVWk1MTVCTVc1blYweHFwNGJUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAFYm4gMEAFYm8QMEAFl0bAMEAFl0
gDAMAwQAWXSZAwQAWXSaMAwDBABZdL0DBABZdL4DBABZdYsDBABZdbwwDQYJKoZI
hvcNAQELBQADggEBAHPluvV/uWmXr2PzoEfB4A1UVpM53HGF8/+63oJJXVATgpm3
Oys4Piqi51QoX2n1R9HHLVWLuzUWTC7otDzWtRsvQTe5xPjiFzk91beSGEFoET5f
xYyc8V4Yiw2LrHbkRg1+JuigYfiex0iRB+YpmkpnkCjQGXJAOdOEzPaUOzn9tU0I
Y/91Hxb3GexOvmVu5raaR/aSoHZt9idzDqSwU+RaPK3BSulq/pF7i2Mf7yC9J/V1
WbeBu4fdreeZGpqWXF/IiD1qyV0Sij4qnrBC87m+wFKLzPvun8DN2F4/R7J+aFcC
JSynK3nRlcPKHTS3Kvb5WN9M5HmuIYiZBEWVoeM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org