Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/suEqIi6L8AlPdmyof962Zj0GfHI.roa
File: suEqIi6L8AlPdmyof962Zj0GfHI.roa (raw, json)
Hash identifier: 6Vtpn0hrsvAphNXUw90BhdzWWXrgg2nRdIHXi/3uuUE=
Subject key identifier: B2:E1:2A:22:2E:8B:F0:09:4F:76:6C:A8:7F:DE:B6:66:3D:06:7C:72
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182B0C01A21507BDFB9DA0173A7CD8F1C0B
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/suEqIi6L8AlPdmyof962Zj0GfHI.roa
Signing time: Thu 18 Aug 2022 11:39:15 +0000
ROA not before: Thu 18 Aug 2022 11:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.140.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
86.38.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:c0:1a:21:50:7b:df:b9:da:01:73:a7:cd:8f:1c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 18 11:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2e12a222e8bf0094f766ca87fdeb6663d067c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:25:76:5e:ab:46:9f:fa:aa:5e:1b:2d:0c:7e:
ed:3a:3e:7a:27:cc:8f:0e:87:ba:d7:f7:fd:4c:67:
08:b2:83:52:61:d5:0a:99:fa:9b:a9:4d:4e:96:13:
fc:b6:f7:a9:84:82:1e:f0:b8:37:01:3e:6f:46:78:
00:da:0a:77:96:3c:af:42:a4:8a:a2:57:93:03:00:
63:42:3a:c6:0f:46:17:9b:d2:f9:2d:e1:fe:a7:72:
8a:73:ee:88:06:1e:44:b2:a6:77:27:4a:fd:14:3f:
ff:5b:48:bc:26:53:79:ed:7d:92:60:9d:06:c1:6f:
b0:9c:53:20:62:1d:88:26:cd:d2:d3:5f:4a:2d:de:
76:89:f4:25:c9:0d:f8:91:e7:b6:8b:4d:12:dd:b7:
40:14:14:49:03:46:f0:1b:b3:dc:25:ab:57:93:68:
f1:af:00:c0:5a:be:68:05:04:99:1f:0a:48:32:ed:
ef:a4:db:40:ae:1b:40:20:4f:e2:c7:31:92:69:d9:
d4:1a:e3:00:25:57:b1:db:23:59:cc:7c:d7:4f:16:
67:83:1a:c9:1f:4b:62:f0:ad:96:e5:b5:12:be:4c:
a2:80:8d:51:40:c4:27:78:c1:60:77:53:8e:68:e3:
51:1c:46:17:f2:cc:44:cc:40:db:c2:69:c4:b0:64:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E1:2A:22:2E:8B:F0:09:4F:76:6C:A8:7F:DE:B6:66:3D:06:7C:72
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/suEqIi6L8AlPdmyof962Zj0GfHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.238.0/24
89.116.132.0/24
89.116.140.0/24
89.116.166.0/24
89.116.179.0/24
89.116.253.0/24
89.116.255.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f2:94:ad:59:4f:0d:3d:f0:f8:dc:9e:e8:2c:32:14:5d:76:
db:41:40:e7:4e:96:aa:49:d8:2c:11:b7:ef:75:eb:ce:92:2a:
1a:0e:e1:10:6d:f5:c7:79:57:a7:ef:16:4f:74:ff:c4:cb:e0:
e0:0c:9c:10:3e:ae:37:33:57:44:d4:99:10:6f:13:01:6c:09:
1e:08:30:6d:dd:ac:1a:bc:e7:f4:7b:ab:c8:40:84:72:a6:d8:
f9:0f:e7:75:50:e8:ad:30:7b:3d:af:97:c3:61:59:14:a0:e2:
6c:78:2c:ec:b3:72:ce:71:76:be:2e:73:8e:af:19:4d:ba:c3:
33:6a:f8:b7:bd:68:f9:d0:4e:91:e1:d5:9c:b0:61:c6:ef:0e:
b2:bf:0b:a2:3c:29:b4:ef:69:a8:e4:9b:79:a4:11:20:0d:82:
e5:28:ae:28:62:c2:f9:60:45:b4:7d:33:8f:0a:57:bf:5c:17:
b0:bf:72:0a:46:d7:d4:25:52:a1:37:b4:a4:07:60:68:2e:5c:
24:ab:88:76:99:0a:77:74:4d:36:d5:f7:28:08:b4:ce:a7:ea:
e6:96:d8:a2:f1:a7:43:95:4b:25:f3:0b:b1:3e:0f:14:0c:a3:
e0:e5:ae:b9:6c:d8:16:e9:6c:68:9a:f2:48:df:74:dd:32:0e:
63:bd:40:ee
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYKwwBohUHvfudoBc6fNjxwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE4MTEzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmUxMmEyMjJlOGJmMDA5NGY3NjZjYTg3ZmRlYjY2NjNkMDY3YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSV2XqtGn/qqXhstDH7tOj56J8yP
Doe61/f9TGcIsoNSYdUKmfqbqU1OlhP8tvephIIe8Lg3AT5vRngA2gp3ljyvQqSK
oleTAwBjQjrGD0YXm9L5LeH+p3KKc+6IBh5EsqZ3J0r9FD//W0i8JlN57X2SYJ0G
wW+wnFMgYh2IJs3S019KLd52ifQlyQ34kee2i00S3bdAFBRJA0bwG7PcJatXk2jx
rwDAWr5oBQSZHwpIMu3vpNtArhtAIE/ixzGSadnUGuMAJVex2yNZzHzXTxZngxrJ
H0ti8K2W5bUSvkyigI1RQMQneMFgd1OOaONRHEYX8sxEzEDbwmnEsGTr5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLLhKiIui/AJT3ZsqH/etmY9BnxyMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvc3VFcUlpNkw4QWxQZG15b2Y5NjJaajBHZkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVibuAwQA
WXSEAwQAWXSMAwQAWXSmAwQAWXSzAwQAWXT9AwQAWXT/AwQAWXXeMA0GCSqGSIb3
DQEBCwUAA4IBAQB38pStWU8NPfD43J7oLDIUXXbbQUDnTpaqSdgsEbfvdevOkioa
DuEQbfXHeVen7xZPdP/Ey+DgDJwQPq43M1dE1JkQbxMBbAkeCDBt3awavOf0e6vI
QIRyptj5D+d1UOitMHs9r5fDYVkUoOJseCzss3LOcXa+LnOOrxlNusMzavi3vWj5
0E6R4dWcsGHG7w6yvwuiPCm072mo5Jt5pBEgDYLlKK4oYsL5YEW0fTOPCle/XBew
v3IKRtfUJVKhN7SkB2BoLlwkq4h2mQp3dE021fcoCLTOp+rmltii8adDlUsl8wux
Pg8UDKPg5a65bNgW6WxomvJI33TdMg5jvUDu
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org