Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/q84lPreJhh08HTzVmVk4jPTb48o.roa
File: q84lPreJhh08HTzVmVk4jPTb48o.roa (raw, json)
Hash identifier: rxEBo6NVKexexs6jGkEPEcP8WEDIyK6JMEF0p/0TgjU=
Subject key identifier: AB:CE:25:3E:B7:89:86:1D:3C:1D:3C:D5:99:59:38:8C:F4:DB:E3:CA
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0181DA672C38580BB52A9EF7E704F44F7B78
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/q84lPreJhh08HTzVmVk4jPTb48o.roa
Signing time: Thu 07 Jul 2022 20:43:23 +0000
ROA not before: Thu 07 Jul 2022 20:43:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 89.117.104.0/22 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.28.0/22 maxlen: 24
89.116.72.0/22 maxlen: 24
89.117.160.0/22 maxlen: 24
89.117.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:67:2c:38:58:0b:b5:2a:9e:f7:e7:04:f4:4f:7b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 7 20:43:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abce253eb789861d3c1d3cd59959388cf4dbe3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:e9:5b:18:70:60:fa:f3:c0:d3:1e:bb:5b:
ab:6e:0d:3e:60:db:0d:5f:1c:ca:52:86:b9:16:e0:
96:22:ee:be:38:d1:e7:2c:d6:00:02:8b:76:f8:56:
55:55:d0:75:01:f7:33:5d:1b:fa:0e:ba:23:4c:1d:
21:6a:d0:d0:bd:38:7d:53:a4:10:d5:ac:a9:9c:76:
82:f6:ab:f4:ea:4d:54:99:76:ae:14:16:d1:05:1e:
b4:e0:1a:b1:20:2c:53:00:21:95:83:e0:1b:bd:69:
0d:fd:52:e8:ad:7d:d8:56:58:a6:23:d9:67:5c:31:
34:32:09:c7:c5:3e:a3:f8:e1:37:27:93:26:88:79:
64:b8:04:69:43:09:7f:75:bd:82:28:c0:ba:cd:9c:
c0:f0:54:77:63:ed:63:e8:20:2b:58:15:5c:20:44:
5a:77:a9:ec:f5:c6:6d:0d:a3:16:ea:d4:14:05:24:
54:b6:58:f9:62:c3:97:f3:bb:82:5e:24:ff:ed:15:
2c:12:24:ed:bc:75:41:bf:cf:a1:8c:3e:f4:1d:df:
e2:14:bf:9f:4a:cc:67:d2:ca:9b:94:12:b7:7d:f4:
b7:f1:00:02:ce:ec:c0:e2:72:4c:d6:97:54:01:83:
bc:8b:6e:2d:6b:32:48:d8:8a:68:06:f7:5f:69:4f:
e2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CE:25:3E:B7:89:86:1D:3C:1D:3C:D5:99:59:38:8C:F4:DB:E3:CA
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/q84lPreJhh08HTzVmVk4jPTb48o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.72.0/22
89.117.28.0/22
89.117.64.0/22
89.117.104.0/22
89.117.132.0/22
89.117.160.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:20:1c:83:24:34:a3:00:73:04:18:45:3a:b7:45:c5:b2:12:
02:1f:c0:1d:1f:23:d3:30:53:96:ff:8e:3f:cf:2a:cb:0b:d8:
af:88:9d:96:42:98:0b:5f:c1:35:e8:72:20:2b:c1:28:c9:31:
0c:98:7e:82:2b:71:31:7f:1d:ed:50:15:5b:3f:98:14:c8:e1:
d1:e0:41:5e:b6:7f:d2:67:a7:f7:d2:37:81:8b:41:aa:4e:2d:
0d:d4:13:dc:2f:81:dd:2d:03:0f:dc:d4:e8:38:51:80:ed:63:
43:80:a1:bb:fd:e2:76:0c:f2:14:12:6e:91:04:7b:bf:c8:69:
37:87:2d:b0:75:fc:ff:50:be:18:cf:aa:02:e9:5a:5a:1b:32:
f7:fd:6d:c7:47:ab:b4:c3:3f:7d:ad:b6:a0:4e:0e:6a:df:e1:
15:8c:09:1a:3c:e4:d6:3a:be:8c:95:e3:e5:4a:ee:67:db:06:
fc:22:c3:f3:83:be:90:29:29:c5:e7:84:57:31:5a:cc:72:f6:
de:c5:b4:fe:af:16:3c:3b:86:5e:74:fe:8f:ed:1f:41:5a:79:
17:38:e2:02:63:bb:4e:94:0b:a8:65:35:2f:45:ba:74:f6:dc:
ac:37:6f:e5:1e:bb:c9:64:f3:a4:36:02:04:2d:b1:bf:c0:ef:
18:c1:f5:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYHaZyw4WAu1Kp735wT0T3t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzA3MjA0MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmNlMjUzZWI3ODk4NjFkM2MxZDNjZDU5OTU5Mzg4Y2Y0ZGJlM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFbpWxhwYPrzwNMeu1urbg0+YNsN
XxzKUoa5FuCWIu6+ONHnLNYAAot2+FZVVdB1AfczXRv6DrojTB0hatDQvTh9U6QQ
1aypnHaC9qv06k1UmXauFBbRBR604BqxICxTACGVg+AbvWkN/VLorX3YVlimI9ln
XDE0MgnHxT6j+OE3J5MmiHlkuARpQwl/db2CKMC6zZzA8FR3Y+1j6CArWBVcIERa
d6ns9cZtDaMW6tQUBSRUtlj5YsOX87uCXiT/7RUsEiTtvHVBv8+hjD70Hd/iFL+f
Ssxn0sqblBK3ffS38QACzuzA4nJM1pdUAYO8i24tazJI2IpoBvdfaU/iPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKvOJT63iYYdPB081ZlZOIz02+PKMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvcTg0bFByZUpoaDA4SFR6Vm1WazRqUFRiNDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWXRIAwQC
WXUcAwQCWXVAAwQCWXVoAwQCWXWEAwQCWXWgMA0GCSqGSIb3DQEBCwUAA4IBAQAe
IByDJDSjAHMEGEU6t0XFshICH8AdHyPTMFOW/44/zyrLC9iviJ2WQpgLX8E16HIg
K8EoyTEMmH6CK3Exfx3tUBVbP5gUyOHR4EFetn/SZ6f30jeBi0GqTi0N1BPcL4Hd
LQMP3NToOFGA7WNDgKG7/eJ2DPIUEm6RBHu/yGk3hy2wdfz/UL4Yz6oC6VpaGzL3
/W3HR6u0wz99rbagTg5q3+EVjAkaPOTWOr6MlePlSu5n2wb8IsPzg76QKSnF54RX
MVrMcvbexbT+rxY8O4ZedP6P7R9BWnkXOOICY7tOlAuoZTUvRbp09tysN2/lHrvJ
ZPOkNgIELbG/wO8YwfVE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:36 2025 by rpki-client