Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uoRG1hcr8iwFJEZJa0caMG_B8Uw.roa
File: uoRG1hcr8iwFJEZJa0caMG_B8Uw.roa (raw, json)
Hash identifier: xbiqEJ5PSAWhaIFdJp2/gosQLoRCkyXHfImjlrentts=
Subject key identifier: BA:84:46:D6:17:2B:F2:2C:05:24:46:49:6B:47:1A:30:6F:C1:F1:4C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182E3D0364F55DF90925A2E8B68C6B3D3D5
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uoRG1hcr8iwFJEZJa0caMG_B8Uw.roa
Signing time: Sun 28 Aug 2022 09:37:29 +0000
ROA not before: Sun 28 Aug 2022 09:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.140.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.120.0/22 maxlen: 24
89.116.76.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.91.0/24 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:d0:36:4f:55:df:90:92:5a:2e:8b:68:c6:b3:d3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 28 09:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba8446d6172bf22c052446496b471a306fc1f14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:e6:e2:2b:ff:85:c5:86:3e:d5:be:b8:09:
60:09:ef:f3:54:43:c2:60:cc:04:33:f3:9d:11:6a:
95:d5:f2:20:a1:5a:63:8f:4c:f1:b4:72:6b:d9:5f:
c1:4e:02:f8:a5:dc:b8:3e:4e:2d:ab:77:79:b4:05:
aa:28:39:d8:df:fe:fb:3a:80:12:b0:1c:66:72:f3:
10:be:e5:98:71:4d:1d:c9:99:f6:47:da:a3:98:0b:
8d:db:76:d1:8b:1c:2b:73:cc:9a:b0:a2:ad:e7:c1:
ac:74:ef:1f:f9:7d:da:a2:bd:ba:a3:a1:aa:7e:d5:
9b:ab:18:03:0b:c0:7f:4f:31:f3:2e:71:de:b4:be:
a2:49:96:8d:c2:ff:d3:91:74:67:e3:32:00:77:65:
11:a0:44:f3:a7:e3:59:6f:e8:8e:ac:09:da:f4:44:
51:d1:37:19:f7:95:5d:b6:31:ca:31:6b:be:85:79:
82:db:32:2c:2e:ac:2c:06:55:a2:77:2f:5c:7d:49:
fa:31:d7:8d:e5:a5:c4:cf:9f:8f:16:14:39:7e:bf:
8b:96:4e:14:97:85:e0:a3:09:1f:17:65:82:a6:eb:
c9:42:e3:d2:78:00:3a:5b:a3:61:23:74:b0:d7:05:
41:f5:2c:c7:13:f8:f0:b6:10:b4:2e:fa:34:b1:c7:
bf:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:84:46:D6:17:2B:F2:2C:05:24:46:49:6B:47:1A:30:6F:C1:F1:4C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uoRG1hcr8iwFJEZJa0caMG_B8Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
89.116.76.0/24
89.116.91.0/24
89.116.123.0/24
89.116.140.0/24
89.116.186.0/24
89.116.212.0/22
89.116.250.0/24
89.117.72.0/21
89.117.88.0/22
89.117.112.0/22
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
d2:e5:5b:de:db:0a:46:55:2d:53:5a:ea:12:52:60:98:67:54:
9e:50:f4:1a:be:5c:31:3d:f3:bf:2c:64:4a:47:fa:5f:f5:cf:
9a:fc:f9:58:a4:99:25:38:0a:af:eb:4c:45:ea:6b:81:f8:81:
da:ef:cf:0c:49:c7:5f:67:68:96:c5:80:14:d2:4e:5a:9a:f6:
ab:b2:2c:a2:ac:57:93:ad:0f:cd:99:19:97:dd:c3:12:35:fb:
b8:76:3a:50:32:4c:45:50:5d:98:46:ca:ba:61:93:e7:3a:6d:
ed:40:ad:2d:cd:04:7b:2a:c5:32:9d:29:4d:71:49:47:bc:72:
c8:b4:c2:73:3e:da:ef:d2:a8:85:bb:1f:2d:24:95:ba:3f:19:
d2:61:26:ba:59:d8:0d:b2:08:7b:b5:f2:ca:93:8d:59:db:ae:
8e:7a:e6:4c:21:83:cf:0f:fe:ce:3e:ea:a4:50:69:5d:84:09:
85:28:4f:0a:be:de:f5:a9:9b:03:69:6c:22:c1:cf:97:cb:69:
5a:6d:1d:82:8f:aa:ec:59:20:bb:d0:0e:39:01:8f:a4:a4:6a:
12:44:e0:95:f6:c7:ee:b2:f7:4f:33:3a:b7:ef:47:82:e0:43:
86:78:39:ef:17:17:d3:c4:c9:5b:d6:c7:12:be:e3:fa:07:18:
fa:9e:be:dc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYLj0DZPVd+Qkloui2jGs9PVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI4MDkzNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg0NDZkNjE3MmJmMjJjMDUyNDQ2NDk2YjQ3MWEzMDZmYzFmMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvrm4iv/hcWGPtW+uAlgCe/zVEPC
YMwEM/OdEWqV1fIgoVpjj0zxtHJr2V/BTgL4pdy4Pk4tq3d5tAWqKDnY3/77OoAS
sBxmcvMQvuWYcU0dyZn2R9qjmAuN23bRixwrc8yasKKt58GsdO8f+X3aor26o6Gq
ftWbqxgDC8B/TzHzLnHetL6iSZaNwv/TkXRn4zIAd2URoETzp+NZb+iOrAna9ERR
0TcZ95VdtjHKMWu+hXmC2zIsLqwsBlWidy9cfUn6MdeN5aXEz5+PFhQ5fr+Llk4U
l4XgowkfF2WCpuvJQuPSeAA6W6NhI3Sw1wVB9SzHE/jwthC0Lvo0sce/YQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLqERtYXK/IsBSRGSWtHGjBvwfFMMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvdW9SRzFoY3I4aXdGSkVaSmEwY2FNR19COFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCVibYAwQA
WXRMAwQAWXRbAwQAWXR7AwQAWXSMAwQAWXS6AwQCWXTUAwQAWXT6AwQDWXVIAwQC
WXVYAwQCWXVwAwQCWXV4MA0GCSqGSIb3DQEBCwUAA4IBAQDS5Vve2wpGVS1TWuoS
UmCYZ1SeUPQavlwxPfO/LGRKR/pf9c+a/PlYpJklOAqv60xF6muB+IHa788MScdf
Z2iWxYAU0k5amvarsiyirFeTrQ/NmRmX3cMSNfu4djpQMkxFUF2YRsq6YZPnOm3t
QK0tzQR7KsUynSlNcUlHvHLItMJzPtrv0qiFux8tJJW6PxnSYSa6WdgNsgh7tfLK
k41Z266OeuZMIYPPD/7OPuqkUGldhAmFKE8Kvt71qZsDaWwiwc+Xy2labR2Cj6rs
WSC70A45AY+kpGoSROCV9sfusvdPMzq370eC4EOGeDnvFxfTxMlb1scSvuP6Bxj6
nr7c
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-ams.rpki-client.org