Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/qQM1_KcKvFI22nCGZgECzTGkOMU.roa
File: qQM1_KcKvFI22nCGZgECzTGkOMU.roa (raw, json)
Hash identifier: pHF6LZYLgcKjYiWiznXpn20B6zZjSIARAW2cB8+cDdc=
Subject key identifier: A9:03:35:FC:A7:0A:BC:52:36:DA:70:86:66:01:02:CD:31:A4:38:C5
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182866F169A1909F0B271C3F07F1D56A163
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/qQM1_KcKvFI22nCGZgECzTGkOMU.roa
Signing time: Wed 10 Aug 2022 06:26:43 +0000
ROA not before: Wed 10 Aug 2022 06:26:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.200.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.96.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
86.38.180.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
84.46.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:6f:16:9a:19:09:f0:b2:71:c3:f0:7f:1d:56:a1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 06:26:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a90335fca70abc5236da7086660102cd31a438c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:07:c9:f5:93:1d:c1:9f:e8:2a:d9:6b:c5:13:
0f:cf:fa:4b:e2:96:19:23:ec:65:76:df:c6:8a:42:
1e:58:4e:77:32:56:b8:ef:1f:86:df:7b:c9:53:52:
22:eb:5a:dc:e3:71:8f:31:cf:7f:8d:5c:a1:d0:d8:
bc:8f:ae:ec:a0:0b:10:b0:90:3a:e5:0e:9a:2a:c9:
6b:56:82:95:36:8b:8c:9c:0d:e3:f9:36:2b:5a:0b:
e2:35:d1:c8:a6:13:d9:52:bd:5f:c8:da:bf:bb:56:
a5:4d:ce:c2:bc:d2:24:c3:04:80:f2:69:5d:8a:f5:
9f:ab:0e:dc:f8:d8:1f:2b:e9:b7:61:11:66:61:06:
9f:66:ab:a1:f6:12:5d:d9:56:e4:46:82:ff:0d:ad:
49:60:9f:d8:5a:67:b9:39:4d:f8:07:72:0f:4f:33:
af:83:7c:2d:ed:41:aa:a9:22:33:b0:d3:3f:12:30:
0c:3d:23:42:43:2e:f3:39:42:51:83:4f:92:bc:65:
26:00:84:fa:c5:09:e4:4d:87:57:a8:39:83:4d:00:
67:d5:81:ed:9d:e4:1f:f3:74:62:be:b9:08:33:33:
68:a7:91:06:e1:dd:fd:e2:a0:51:0f:52:7f:0b:05:
40:9f:0c:09:99:0b:1d:78:e4:db:76:52:f7:80:43:
06:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:03:35:FC:A7:0A:BC:52:36:DA:70:86:66:01:02:CD:31:A4:38:C5
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/qQM1_KcKvFI22nCGZgECzTGkOMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.200.0/24
86.38.4.0/23
86.38.180.0/22
86.38.189.0/24
86.38.200.0/24
86.38.220.0/23
86.38.242.0/23
86.38.246.0/23
89.116.56.0/24
89.116.58.0/23
89.116.96.0/24
89.116.135.0/24
89.116.156.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0/20
89.117.109.0/24
Signature Algorithm: sha256WithRSAEncryption
05:8c:c6:77:ba:1a:e6:64:77:09:fe:70:2e:1e:8a:bd:d8:10:
75:62:b0:38:c8:76:57:ad:47:04:d4:89:42:99:68:a2:84:d9:
fe:9e:f5:cb:d3:90:e9:64:dd:bd:e6:b9:6e:a5:20:35:77:bd:
f7:42:88:95:8d:63:b6:00:91:b6:ef:aa:19:4a:22:e1:b6:c1:
0a:d4:00:19:9f:c9:8b:74:fc:a3:56:e1:a4:3a:16:f5:d7:e2:
93:96:79:f0:e4:00:08:da:fe:a8:97:6f:67:70:df:8d:1e:6a:
48:15:e1:2f:fd:be:9c:14:fd:ab:87:80:96:72:78:b7:a9:11:
20:3b:83:89:92:01:cf:f1:d4:39:55:b8:1a:e5:84:41:47:dd:
9a:fb:16:a1:27:e3:c1:e0:da:d7:d3:43:b2:ad:78:28:8c:40:
a4:44:f1:6c:47:38:a6:95:93:85:52:a5:b9:0c:cf:f8:16:53:
b1:50:db:88:85:fa:0a:3c:43:9b:1d:cc:83:c6:dc:60:b4:db:
52:c0:7b:b0:69:54:6a:ac:97:68:37:b1:78:6b:27:f6:ae:f7:
98:4f:8b:67:93:00:bc:39:d5:97:b0:c7:9a:bb:11:4a:22:29:
41:97:a4:20:f5:3c:1e:3e:90:8a:b6:f8:97:07:e0:66:da:21:
0c:22:8c:65
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYKGbxaaGQnwsnHD8H8dVqFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMDYyNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTAzMzVmY2E3MGFiYzUyMzZkYTcwODY2NjAxMDJjZDMxYTQzOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwfJ9ZMdwZ/oKtlrxRMPz/pL4pYZ
I+xldt/GikIeWE53Mla47x+G33vJU1Ii61rc43GPMc9/jVyh0Ni8j67soAsQsJA6
5Q6aKslrVoKVNouMnA3j+TYrWgviNdHIphPZUr1fyNq/u1alTc7CvNIkwwSA8mld
ivWfqw7c+NgfK+m3YRFmYQafZquh9hJd2VbkRoL/Da1JYJ/YWme5OU34B3IPTzOv
g3wt7UGqqSIzsNM/EjAMPSNCQy7zOUJRg0+SvGUmAIT6xQnkTYdXqDmDTQBn1YHt
neQf83RivrkIMzNop5EG4d394qBRD1J/CwVAnwwJmQsdeOTbdlL3gEMGEwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKkDNfynCrxSNtpwhmYBAs0xpDjFMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvcVFNMV9LY0t2RkkyMm5DR1pnRUN6VEdrT01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAFQu
yAMEAVYmBAMEAlYmtAMEAFYmvQMEAFYmyAMEAVYm3AMEAVYm8gMEAVYm9gMEAFl0
OAMEAVl0OgMEAFl0YAMEAFl0hwMEAFl0nAMEAFl0rwMEAFl0sQMEAFl02gMEAVl0
8gMEAVl09gMEAFl1CwMEBFl1MAMEAFl1bTANBgkqhkiG9w0BAQsFAAOCAQEABYzG
d7oa5mR3Cf5wLh6KvdgQdWKwOMh2V61HBNSJQploooTZ/p71y9OQ6WTdvea5bqUg
NXe990KIlY1jtgCRtu+qGUoi4bbBCtQAGZ/Ji3T8o1bhpDoW9dfik5Z58OQACNr+
qJdvZ3DfjR5qSBXhL/2+nBT9q4eAlnJ4t6kRIDuDiZIBz/HUOVW4GuWEQUfdmvsW
oSfjweDa19NDsq14KIxApETxbEc4ppWThVKluQzP+BZTsVDbiIX6CjxDmx3Mg8bc
YLTbUsB7sGlUaqyXaDexeGsn9q73mE+LZ5MAvDnVl7DHmrsRSiIpQZekIPU8Hj6Q
irb4lwfgZtohDCKMZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org