Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/0NXyLZttDkt1_b1KJNbTOPHuCjI.roa
File: 0NXyLZttDkt1_b1KJNbTOPHuCjI.roa (raw, json)
Hash identifier: FY8jFHPTWR+lMzpOmzUZA+jrsfD/M8I8GAClgTIIr3I=
Subject key identifier: D0:D5:F2:2D:9B:6D:0E:4B:75:FD:BD:4A:24:D6:D3:38:F1:EE:0A:32
Certificate issuer: /CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Certificate serial: 29DF6D21
Authority key identifier: 21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/0NXyLZttDkt1_b1KJNbTOPHuCjI.roa
Signing time: Tue 03 May 2022 10:47:14 +0000
ROA not before: Tue 03 May 2022 10:47:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 188.247.171.0/24 maxlen: 24
188.247.170.0/24 maxlen: 24
188.247.169.0/24 maxlen: 24
188.247.168.0/22 maxlen: 24
188.247.168.0/24 maxlen: 24
188.208.27.0/24 maxlen: 24
188.208.26.0/24 maxlen: 24
89.32.194.0/23 maxlen: 23
89.32.195.0/24 maxlen: 24
89.32.194.0/24 maxlen: 24
89.36.43.0/24 maxlen: 24
89.42.237.0/24 maxlen: 24
185.16.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 702508321 (0x29df6d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Validity
Not Before: May 3 10:47:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0d5f22d9b6d0e4b75fdbd4a24d6d338f1ee0a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6b:2a:75:62:ca:02:89:56:73:52:e4:97:9a:
aa:dd:70:08:c1:34:05:be:e8:f4:9d:5a:3f:98:3b:
20:8e:41:22:a1:b5:e3:2d:7a:e5:61:98:e4:4a:d7:
03:b6:f7:d1:66:4e:a2:ed:58:19:15:e5:cd:70:bc:
68:e0:74:50:6f:6b:60:ac:cd:94:5a:bd:3f:5c:97:
03:d3:55:01:13:27:47:99:4d:cd:e7:f3:90:5d:f7:
de:c4:ae:ab:d2:f5:aa:d1:c6:23:a0:8e:17:4f:cb:
d8:4c:5d:6c:ea:0c:42:3b:62:ef:2c:13:35:79:2a:
2c:48:c7:fe:8a:c3:55:4b:d3:48:58:72:4c:ec:a8:
26:1d:a1:82:38:87:78:e6:2c:9e:46:f9:05:50:7d:
2b:90:c6:04:db:77:79:2d:3c:41:a1:87:9e:14:3b:
42:1a:09:b7:e2:ca:30:9e:d2:20:a9:c3:f2:c2:9c:
af:48:36:75:25:c9:15:ba:25:0f:5a:d9:69:46:d9:
65:2e:ac:05:29:c2:80:49:39:2d:d6:86:d2:c6:08:
5b:65:7a:d5:b1:52:80:4b:62:6c:4a:a7:e2:f9:8c:
e0:f4:1a:0b:83:98:62:ba:12:42:c2:82:7b:cd:ea:
55:06:23:69:84:da:49:ee:a6:f0:09:a6:94:e8:e3:
7c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D5:F2:2D:9B:6D:0E:4B:75:FD:BD:4A:24:D6:D3:38:F1:EE:0A:32
X509v3 Authority Key Identifier:
keyid:21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/0NXyLZttDkt1_b1KJNbTOPHuCjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.36.43.0/24
89.42.237.0/24
185.16.121.0/24
188.208.26.0/23
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:61:cb:15:ec:8f:08:fa:6c:31:d8:22:d7:58:75:06:0a:e0:
35:e6:16:07:1b:07:86:72:c3:87:bf:16:fb:7d:37:c7:cf:bc:
d2:38:31:30:5f:d3:c8:bf:a4:6b:0b:9e:ef:d8:a8:87:49:f3:
33:67:7d:5d:81:f7:34:65:64:49:a8:f5:68:aa:70:b4:ab:7b:
b5:d3:cf:2c:6c:22:87:f3:31:a3:7e:da:d7:89:59:64:f7:76:
a4:70:90:19:ee:d8:b2:66:73:87:14:ef:c8:ab:c0:4c:3b:b4:
47:2f:bb:74:1e:3b:73:69:c4:78:cb:65:fe:d2:f9:70:22:76:
e5:c1:d7:c3:b9:2f:0d:76:f6:08:5c:b6:34:f4:97:25:4a:9d:
9c:32:57:cb:90:2d:59:a7:27:e9:63:b5:f3:28:fc:0f:26:8e:
8b:0b:d5:48:42:52:ae:f3:32:22:6e:91:94:7e:b3:ea:c9:fd:
ed:84:bd:b9:c2:26:d7:d5:e3:dd:f4:bc:db:9b:9c:bd:62:9a:
ac:e0:a3:d6:b6:65:75:30:d5:22:67:24:42:60:96:11:3e:b8:
fd:b7:e8:00:49:4d:a3:ff:d4:07:00:03:1f:4e:88:60:7a:99:
b2:ec:66:c0:b7:86:c8:d1:d1:f9:d8:b4:08:2e:44:a0:cc:95:
bf:31:0b:8e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEKd9tITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWI0MTBhMTc0NDBmY2FiMWNkYzkwYWZhNmZjYjcyNGM4MGM4MmE5MB4XDTIyMDUw
MzEwNDcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBkNWYyMmQ5YjZk
MGU0Yjc1ZmRiZDRhMjRkNmQzMzhmMWVlMGEzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5rKnViygKJVnNS5Jeaqt1wCME0Bb7o9J1aP5g7II5BIqG1
4y165WGY5ErXA7b30WZOou1YGRXlzXC8aOB0UG9rYKzNlFq9P1yXA9NVARMnR5lN
zefzkF333sSuq9L1qtHGI6COF0/L2ExdbOoMQjti7ywTNXkqLEjH/orDVUvTSFhy
TOyoJh2hgjiHeOYsnkb5BVB9K5DGBNt3eS08QaGHnhQ7QhoJt+LKMJ7SIKnD8sKc
r0g2dSXJFbolD1rZaUbZZS6sBSnCgEk5LdaG0sYIW2V61bFSgEtibEqn4vmM4PQa
C4OYYroSQsKCe83qVQYjaYTaSe6m8AmmlOjjfEsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTQ1fItm20OS3X9vUok1tM48e4KMjAfBgNVHSMEGDAWgBQhtBChdED8qxzc
kK+m/LckyAyCqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liUVFvWFJBX0tzYzNKQ3ZwdnkzSk1nTWdxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8x
LzBOWHlMWnR0RGt0MV9iMUtKTmJUT1BIdUNqSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
ZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8xL0liUVFvWFJBX0tz
YzNKQ3ZwdnkzSk1nTWdxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAVkgwgMEAFkkKwMEAFkq7QMEALkQ
eQMEAbzQGgMEArz3qDANBgkqhkiG9w0BAQsFAAOCAQEAG2HLFeyPCPpsMdgi11h1
BgrgNeYWBxsHhnLDh78W+303x8+80jgxMF/TyL+kawue79ioh0nzM2d9XYH3NGVk
Saj1aKpwtKt7tdPPLGwih/Mxo37a14lZZPd2pHCQGe7YsmZzhxTvyKvATDu0Ry+7
dB47c2nEeMtl/tL5cCJ25cHXw7kvDXb2CFy2NPSXJUqdnDJXy5AtWacn6WO18yj8
DyaOiwvVSEJSrvMyIm6RlH6z6sn97YS9ucIm19Xj3fS825ucvWKarOCj1rZldTDV
ImckQmCWET64/bfoAElNo//UBwADH06IYHqZsuxmwLeGyNHR+di0CC5EoMyVvzEL
jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org