Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/rzSx6ARefm9v4c8aLJIS7eMNMdc.roa
File: rzSx6ARefm9v4c8aLJIS7eMNMdc.roa (raw, json)
Hash identifier: PcBoK+si6MFPVC3GX9MJtOCxxHgGMjxzYIZ9FuCBQ/U=
Subject key identifier: AF:34:B1:E8:04:5E:7E:6F:6F:E1:CF:1A:2C:92:12:ED:E3:0D:31:D7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182AFF70B6038617ECF3F83855B85279885
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/rzSx6ARefm9v4c8aLJIS7eMNMdc.roa
Signing time: Thu 18 Aug 2022 07:59:39 +0000
ROA not before: Thu 18 Aug 2022 07:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.117.80.0/22 maxlen: 24
89.117.104.0/22 maxlen: 24
89.117.16.0/21 maxlen: 24
89.116.80.0/21 maxlen: 24
89.117.40.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.116.32.0/21 maxlen: 24
89.117.0.0/22 maxlen: 24
89.116.180.0/22 maxlen: 24
89.117.157.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:f7:0b:60:38:61:7e:cf:3f:83:85:5b:85:27:98:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 18 07:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af34b1e8045e7e6f6fe1cf1a2c9212ede30d31d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:35:5a:75:6f:72:16:ae:91:b8:4b:82:a6:a1:
5d:a5:04:67:8f:59:98:b1:05:33:22:19:a7:f2:e9:
1c:4a:7a:3d:0f:4f:ab:7e:ed:cf:6d:13:a6:82:28:
d0:d3:90:34:91:d3:c7:a5:e0:e2:98:1d:99:57:76:
1d:cf:8b:9d:8a:01:ca:6e:31:b9:e8:0c:a4:a8:8d:
ec:ec:dc:81:6e:4f:ed:fc:e2:9b:5e:87:83:d6:47:
29:74:ad:1a:c2:b2:df:0f:88:2a:7c:1b:62:17:a6:
2f:0f:52:87:0c:4d:0b:57:45:a2:c8:81:c9:35:68:
c9:9a:fb:9b:09:51:13:cf:7a:c7:ff:02:68:f8:c5:
46:13:21:9c:bf:73:04:01:b1:68:61:1c:37:70:d4:
ff:d3:10:4d:20:68:1a:65:bc:91:e2:ad:13:25:72:
98:f7:63:ed:ba:91:78:16:ea:5b:2d:be:d8:f8:11:
71:de:42:e5:7e:74:fc:fe:dd:e1:1d:0f:bd:1c:c7:
6c:e0:24:fb:fa:38:80:7c:2b:34:ac:18:a2:d6:c9:
77:4b:c0:d4:9a:be:c7:b5:fe:b0:ee:97:07:cb:98:
89:1d:d9:f0:7b:4f:4a:7d:89:9b:9f:75:dc:b5:f7:
15:66:c5:75:7b:6f:ff:5e:01:13:4f:0f:00:9e:b4:
73:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:34:B1:E8:04:5E:7E:6F:6F:E1:CF:1A:2C:92:12:ED:E3:0D:31:D7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/rzSx6ARefm9v4c8aLJIS7eMNMdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
89.116.32.0/21
89.116.80.0/21
89.116.180.0/22
89.116.237.0/24
89.117.0.0/22
89.117.16.0/21
89.117.40.0/21
89.117.80.0/22
89.117.104.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:1d:e0:6e:3f:a9:66:c9:9a:71:8e:e1:99:04:7c:a7:ac:f2:
35:b0:b0:54:e2:cc:24:a6:c7:85:b7:62:24:bd:af:c8:7f:2d:
11:6c:c9:0a:21:72:ad:ad:24:4d:54:34:d3:bb:49:26:76:07:
f5:7b:66:f4:62:85:5c:b8:54:69:eb:82:2c:3a:8f:43:2e:e9:
20:4d:4b:a2:67:c2:1e:19:27:e6:23:f8:0b:84:4e:da:99:4a:
44:fb:3d:55:38:4a:a2:70:08:c3:92:5a:d9:3b:78:78:bd:b1:
5e:5b:1f:76:26:6e:27:75:a0:aa:f4:74:8c:8f:d4:dc:08:38:
f4:97:75:a5:60:c1:04:da:86:e4:07:39:08:00:e2:bc:94:d6:
74:29:ca:b2:d4:f6:66:b8:fa:d1:98:e1:3c:70:83:41:f1:d6:
b1:8b:36:75:24:fc:6a:b5:6a:c6:22:21:10:af:30:14:a1:58:
97:dd:93:08:f5:6b:9d:b3:be:41:a1:29:4c:04:30:37:40:63:
86:12:5b:3a:79:f8:5d:5d:98:60:3c:b7:15:cb:1b:c0:78:fb:
d0:44:fc:fb:ca:aa:45:fe:e3:5d:69:2c:0f:24:b4:83:94:51:
a9:08:28:6b:f7:30:43:9c:b5:82:ab:65:2f:65:eb:59:1a:e8:
e8:84:d4:e5
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYKv9wtgOGF+zz+DhVuFJ5iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE4MDc1OTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM0YjFlODA0NWU3ZTZmNmZlMWNmMWEyYzkyMTJlZGUzMGQzMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTVadW9yFq6RuEuCpqFdpQRnj1mY
sQUzIhmn8ukcSno9D0+rfu3PbROmgijQ05A0kdPHpeDimB2ZV3Ydz4udigHKbjG5
6AykqI3s7NyBbk/t/OKbXoeD1kcpdK0awrLfD4gqfBtiF6YvD1KHDE0LV0WiyIHJ
NWjJmvubCVETz3rH/wJo+MVGEyGcv3MEAbFoYRw3cNT/0xBNIGgaZbyR4q0TJXKY
92PtupF4FupbLb7Y+BFx3kLlfnT8/t3hHQ+9HMds4CT7+jiAfCs0rBii1sl3S8DU
mr7Htf6w7pcHy5iJHdnwe09KfYmbn3XctfcVZsV1e2//XgETTw8AnrRzwwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFK80segEXn5vb+HPGiySEu3jDTHXMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvcnpTeDZBUmVmbTl2NGM4YUxKSVM3ZU1OTWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCVC7sAwQD
WXQgAwQDWXRQAwQCWXS0AwQAWXTtAwQCWXUAAwQDWXUQAwQDWXUoAwQCWXVQAwQC
WXVoAwQAWXWdAwQAWXWkAwQAWXWrMA0GCSqGSIb3DQEBCwUAA4IBAQCwHeBuP6lm
yZpxjuGZBHynrPI1sLBU4swkpseFt2Ikva/Ify0RbMkKIXKtrSRNVDTTu0kmdgf1
e2b0YoVcuFRp64IsOo9DLukgTUuiZ8IeGSfmI/gLhE7amUpE+z1VOEqicAjDklrZ
O3h4vbFeWx92Jm4ndaCq9HSMj9TcCDj0l3WlYMEE2obkBzkIAOK8lNZ0Kcqy1PZm
uPrRmOE8cINB8daxizZ1JPxqtWrGIiEQrzAUoViX3ZMI9Wuds75BoSlMBDA3QGOG
Els6efhdXZhgPLcVyxvAePvQRPz7yqpF/uNdaSwPJLSDlFGpCChr9zBDnLWCq2Uv
ZetZGujohNTl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org