Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ouQ6mcwZhm7_0qu4o-WdDaoEZKg.roa
File: ouQ6mcwZhm7_0qu4o-WdDaoEZKg.roa (raw, json)
Hash identifier: ksQRaBl80FGxFTei2zsdNcGPfkd3fE4GxjkCrjiOq54=
Subject key identifier: A2:E4:3A:99:CC:19:86:6E:FF:D2:AB:B8:A3:E5:9D:0D:AA:04:64:A8
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0A4D8DAB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ouQ6mcwZhm7_0qu4o-WdDaoEZKg.roa
Signing time: Wed 13 Apr 2022 08:31:54 +0000
ROA not before: Wed 13 Apr 2022 08:31:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.104.0/22 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.72.0/22 maxlen: 24
89.116.80.0/21 maxlen: 24
86.38.232.0/24 maxlen: 24
89.116.224.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.0.0/22 maxlen: 24
89.116.180.0/22 maxlen: 24
89.117.152.0/22 maxlen: 22
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172854699 (0xa4d8dab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Apr 13 08:31:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2e43a99cc19866effd2abb8a3e59d0daa0464a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f0:39:d7:0a:b0:4f:a2:8b:78:9d:7f:e3:12:
32:9a:a4:19:b7:37:85:19:5a:80:c5:f3:80:88:0f:
0e:ca:88:f8:dd:12:46:17:9b:f1:28:72:fb:df:71:
bf:26:2c:33:91:3c:7c:9c:75:b3:e3:85:bc:bb:94:
f4:57:7b:1e:32:58:5e:a6:bd:60:64:51:4e:24:cb:
98:de:a6:7a:66:a4:01:13:d2:4b:fe:a7:53:75:22:
7a:64:81:eb:e9:7e:23:07:bb:cb:6a:d8:4d:6b:c7:
d3:4c:51:0c:b2:d4:30:36:ec:97:59:2f:a8:01:92:
3d:81:8e:ff:af:67:0b:5d:72:c7:cf:9d:db:e8:c3:
e0:7c:fd:09:f4:eb:34:5a:d8:20:c3:7e:d3:db:9f:
dd:0f:e5:7b:71:4b:25:41:e5:55:b7:1b:22:77:62:
74:46:8a:c2:fb:72:b8:24:98:ce:34:91:86:d1:02:
fc:7d:65:a9:8e:c6:2d:18:04:86:8f:28:1b:fb:a6:
cc:68:b5:42:43:5c:a1:4f:f0:b2:3e:34:77:d4:6e:
7f:fc:35:d0:a3:a9:95:64:50:09:75:48:ee:df:7f:
f9:4a:47:f3:84:23:c7:66:8b:fd:ce:80:f6:7d:eb:
f0:b9:61:7e:f7:54:ec:96:30:80:9c:7f:af:f5:d6:
92:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:3A:99:CC:19:86:6E:FF:D2:AB:B8:A3:E5:9D:0D:AA:04:64:A8
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ouQ6mcwZhm7_0qu4o-WdDaoEZKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.232.0/24
89.116.72.0/22
89.116.80.0/21
89.116.180.0/22
89.116.212.0/22
89.116.224.0/21
89.116.237.0/24
89.117.0.0/22
89.117.16.0/21
89.117.104.0/22
89.117.152.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:2a:73:bd:95:57:b7:2a:ca:3f:a6:d9:81:63:93:af:dd:00:
60:21:96:7c:ba:f3:4a:ce:1e:ba:09:50:6c:92:e0:0e:9f:f6:
28:c0:6e:25:5f:03:33:ff:d1:c6:c5:05:de:c8:b1:e5:05:78:
aa:7f:28:39:8e:47:dc:a6:7b:c0:d9:ed:56:8f:f4:28:50:a8:
58:80:24:cd:cc:c5:dc:0a:73:21:8b:e4:3b:5e:2b:a0:c2:dd:
15:3f:04:ba:61:fb:8e:d6:a3:74:7a:c6:c7:75:2f:95:df:39:
6a:e4:45:e8:51:6e:e7:20:7c:8e:fc:af:46:95:27:ff:d6:49:
b0:dd:ab:e7:74:cd:b0:66:66:a4:6a:b1:43:f1:f5:de:0f:a2:
5e:34:3c:e1:6e:0a:fd:3d:fa:6c:68:1f:1e:b1:54:08:d9:38:
19:69:a5:53:49:4c:c6:92:93:02:9b:cb:b0:be:b0:06:d1:10:
e1:ad:62:5c:f6:60:d2:3e:5c:26:60:c7:ef:76:96:23:0f:24:
c4:38:d9:99:0d:12:1d:ea:33:ab:31:2f:de:84:c8:47:71:03:
56:a8:c8:b3:35:f7:b5:14:76:28:e5:79:2b:07:bc:6f:66:40:
23:01:84:03:e2:1e:48:31:ac:c3:bd:d2:2d:6b:5d:3a:d1:1a:
74:95:f2:52
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIECk2NqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQx
MzA4MzE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJlNDNhOTljYzE5
ODY2ZWZmZDJhYmI4YTNlNTlkMGRhYTA0NjRhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfwOdcKsE+ii3idf+MSMpqkGbc3hRlagMXzgIgPDsqI+N0S
Rheb8Shy+99xvyYsM5E8fJx1s+OFvLuU9Fd7HjJYXqa9YGRRTiTLmN6memakARPS
S/6nU3UiemSB6+l+Iwe7y2rYTWvH00xRDLLUMDbsl1kvqAGSPYGO/69nC11yx8+d
2+jD4Hz9CfTrNFrYIMN+09uf3Q/le3FLJUHlVbcbIndidEaKwvtyuCSYzjSRhtEC
/H1lqY7GLRgEho8oG/umzGi1QkNcoU/wsj40d9Ruf/w10KOplWRQCXVI7t9/+UpH
84Qjx2aL/c6A9n3r8LlhfvdU7JYwgJx/r/XWkikCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBSi5DqZzBmGbv/Sq7ij5Z0NqgRkqDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L291UTZtY3daaG03XzBxdTRvLVdkRGFvRVpLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAlQu7AMEAFYm6AMEAll0SAMEA1l0
UAMEAll0tAMEAll01AMEA1l04AMEAFl07QMEAll1AAMEA1l1EAMEAll1aAMEAll1
mAMEAFl1nQMEAFl1pAMEAFl1qzANBgkqhkiG9w0BAQsFAAOCAQEATSpzvZVXtyrK
P6bZgWOTr90AYCGWfLrzSs4euglQbJLgDp/2KMBuJV8DM//RxsUF3six5QV4qn8o
OY5H3KZ7wNntVo/0KFCoWIAkzczF3ApzIYvkO14roMLdFT8EumH7jtajdHrGx3Uv
ld85auRF6FFu5yB8jvyvRpUn/9ZJsN2r53TNsGZmpGqxQ/H13g+iXjQ84W4K/T36
bGgfHrFUCNk4GWmlU0lMxpKTApvLsL6wBtEQ4a1iXPZg0j5cJmDH73aWIw8kxDjZ
mQ0SHeozqzEv3oTIR3EDVqjIszX3tRR2KOV5Kwe8b2ZAIwGEA+IeSDGsw73SLWtd
OtEadJXyUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org