Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/pTb-4nNDoTCjuL5wPHgb-2gmN7A.roa
File: pTb-4nNDoTCjuL5wPHgb-2gmN7A.roa (raw, json)
Hash identifier: jPhSxc2kzMFpqL9QwaEyKEVtpAAjF9KaNZsZrjDzoDc=
Subject key identifier: A5:36:FE:E2:73:43:A1:30:A3:B8:BE:70:3C:78:1B:FB:68:26:37:B0
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182CA36AA681C14DD2F7E6D15D9B2CA6157
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/pTb-4nNDoTCjuL5wPHgb-2gmN7A.roa
Signing time: Tue 23 Aug 2022 10:19:16 +0000
ROA not before: Tue 23 Aug 2022 10:19:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:36:aa:68:1c:14:dd:2f:7e:6d:15:d9:b2:ca:61:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 23 10:19:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a536fee27343a130a3b8be703c781bfb682637b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:0e:dc:60:59:e0:4f:e2:e3:fa:6e:af:46:
bd:89:e3:36:ca:e9:be:c4:c8:a0:11:f0:af:62:a9:
51:a9:c3:b2:6f:97:91:31:2a:f6:b2:ca:79:fa:fc:
f8:f3:b4:a0:2b:a8:e4:f6:4a:b5:06:c4:d2:a5:a6:
6e:2a:2d:27:1e:72:67:8e:13:30:0c:de:35:ff:b2:
0d:1b:28:69:f0:f0:49:09:38:93:60:fa:62:11:e0:
61:f4:83:4f:5d:e4:2a:7a:da:4f:2d:b5:f1:84:c0:
bd:a4:ed:e6:b1:e6:98:7b:1f:7e:83:af:cc:82:67:
ce:06:3f:95:16:4c:73:31:03:8a:7c:f5:74:8d:88:
ad:dd:a9:62:37:17:97:00:a1:c1:9f:ba:1d:2a:4f:
83:49:f9:0f:53:b5:db:a0:f4:3f:93:d9:9d:12:eb:
24:6f:bb:49:ab:37:d8:36:f3:5b:11:e5:92:65:cb:
46:95:a8:a3:b9:8e:ab:63:88:10:2e:03:b1:09:c7:
af:9f:a3:8f:19:41:86:28:5f:71:06:64:39:6c:7f:
b0:99:81:f9:0f:02:9b:43:50:9d:72:ca:03:6f:b5:
50:00:2d:67:00:b2:d1:08:12:d9:45:85:4d:35:2c:
ed:3c:30:e3:57:e3:97:fe:71:a1:2f:4c:96:52:9b:
4b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:36:FE:E2:73:43:A1:30:A3:B8:BE:70:3C:78:1B:FB:68:26:37:B0
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/pTb-4nNDoTCjuL5wPHgb-2gmN7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.92.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.186.0/24
89.116.218.0/24
89.116.252.0/23
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:36:62:2f:3f:87:86:c9:3e:c4:c5:ae:eb:9f:b4:a9:c7:4d:
40:4b:56:b2:b3:0c:55:c0:04:dc:dc:5e:49:81:11:c8:3b:7c:
c3:2a:34:c3:9b:c1:23:92:d3:9c:72:3f:9e:ef:0d:b0:02:26:
26:c4:4d:5a:51:42:72:1a:51:74:a4:a5:6f:b4:a0:b6:d5:86:
e8:fc:67:42:9f:6f:3e:85:37:1e:7f:6d:74:50:51:60:4e:98:
1b:19:2e:9b:2a:1e:1d:81:89:89:63:9c:ef:99:6d:1d:da:b8:
97:08:e1:86:fe:4f:61:e8:d7:ef:f2:de:f7:1e:ba:de:ca:17:
0e:99:bf:8c:c7:dc:37:34:76:c7:dd:98:ea:75:de:9c:29:55:
bc:83:a8:18:57:d3:39:03:91:25:fc:74:a5:75:86:94:cf:89:
44:d2:1f:5e:ba:39:bc:94:c0:d3:f4:b3:3b:b0:12:d0:97:fe:
22:86:9d:2e:37:7b:eb:8e:b6:dc:75:25:d0:0e:0b:6e:61:27:
09:b8:8b:45:2a:9d:7a:5a:de:e2:5f:88:43:42:bb:1c:45:95:
45:5c:e8:2a:02:c3:6a:19:4d:c5:d7:02:5c:49:e0:a2:6c:78:
a3:97:9e:bf:a6:98:bd:72:e4:ee:4f:9b:95:e8:30:47:fa:9b:
0a:94:09:10
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYLKNqpoHBTdL35tFdmyymFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODIzMTAxOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTM2ZmVlMjczNDNhMTMwYTNiOGJlNzAzYzc4MWJmYjY4MjYzN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaoO3GBZ4E/i4/pur0a9ieM2yum+
xMigEfCvYqlRqcOyb5eRMSr2ssp5+vz487SgK6jk9kq1BsTSpaZuKi0nHnJnjhMw
DN41/7INGyhp8PBJCTiTYPpiEeBh9INPXeQqetpPLbXxhMC9pO3mseaYex9+g6/M
gmfOBj+VFkxzMQOKfPV0jYit3aliNxeXAKHBn7odKk+DSfkPU7XboPQ/k9mdEusk
b7tJqzfYNvNbEeWSZctGlaijuY6rY4gQLgOxCcevn6OPGUGGKF9xBmQ5bH+wmYH5
DwKbQ1CdcsoDb7VQAC1nALLRCBLZRYVNNSztPDDjV+OX/nGhL0yWUptLMwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKU2/uJzQ6Ewo7i+cDx4G/toJjewMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvcFRiLTRuTkRvVENqdUw1d1BIZ2ItMmdtTjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAWXRcAwQA
WXSEAwQAWXSHAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSxAwQAWXS6AwQA
WXTaAwQBWXT8AwQBWXUgAwQAWXVtAwQAWXWBAwQAWXW+AwQAWXXeMA0GCSqGSIb3
DQEBCwUAA4IBAQBfNmIvP4eGyT7Exa7rn7Spx01AS1ayswxVwATc3F5JgRHIO3zD
KjTDm8EjktOccj+e7w2wAiYmxE1aUUJyGlF0pKVvtKC21Ybo/GdCn28+hTcef210
UFFgTpgbGS6bKh4dgYmJY5zvmW0d2riXCOGG/k9h6Nfv8t73HrreyhcOmb+Mx9w3
NHbH3Zjqdd6cKVW8g6gYV9M5A5El/HSldYaUz4lE0h9eujm8lMDT9LM7sBLQl/4i
hp0uN3vrjrbcdSXQDgtuYScJuItFKp16Wt7iX4hDQrscRZVFXOgqAsNqGU3F1wJc
SeCibHijl56/ppi9cuTuT5uV6DBH+psKlAkQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org