Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/cbafac-9873-4490-9a69-4a6c5cbd2050/1/CXf5XoAqH_b-o5xwVg9vfitvInA.roa
File: CXf5XoAqH_b-o5xwVg9vfitvInA.roa (raw, json)
Hash identifier: 5MFIJq8l8CNYHtEFUPJTRgndDq0baZVZdHtXWk9hszU=
Subject key identifier: 09:77:F9:5E:80:2A:1F:F6:FE:A3:9C:70:56:0F:6F:7E:2B:6F:22:70
Certificate issuer: /CN=a1f546906a9a5840386b64de93b1b1cf87f7e128
Certificate serial: 0A0E8BD5
Authority key identifier: A1:F5:46:90:6A:9A:58:40:38:6B:64:DE:93:B1:B1:CF:87:F7:E1:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ofVGkGqaWEA4a2Tek7Gxz4f34Sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/cbafac-9873-4490-9a69-4a6c5cbd2050/1/CXf5XoAqH_b-o5xwVg9vfitvInA.roa
Signing time: Sat 01 Jan 2022 00:57:29 +0000
ROA not before: Sat 01 Jan 2022 00:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57031
IP address blocks: 89.22.2.0/24 maxlen: 24
89.22.1.0/24 maxlen: 24
89.22.4.0/24 maxlen: 24
89.22.0.0/21 maxlen: 24
89.22.3.0/24 maxlen: 24
89.22.6.0/24 maxlen: 24
89.22.5.0/24 maxlen: 24
89.22.7.0/24 maxlen: 24
2001:67c:7c0::/46 maxlen: 48
2001:67c:7c2::/48 maxlen: 48
2001:67c:7c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168725461 (0xa0e8bd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1f546906a9a5840386b64de93b1b1cf87f7e128
Validity
Not Before: Jan 1 00:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0977f95e802a1ff6fea39c70560f6f7e2b6f2270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:29:ef:cf:c3:7f:e9:4b:03:78:d6:f6:c8:
e8:ed:eb:8f:06:cd:87:2a:86:fc:df:1b:db:ee:06:
d0:77:e6:b0:a2:47:ae:74:5d:63:b2:4e:28:5b:0a:
8a:6b:8b:e8:db:1b:08:e7:a6:16:8e:ef:16:bd:3d:
c8:4d:69:f9:af:cc:bd:c8:57:66:74:27:f4:fc:c2:
cc:69:99:ec:e8:4b:e8:ff:b9:fe:3d:8d:83:b5:1b:
3e:93:3a:3b:22:57:5f:75:63:9d:cc:de:9d:38:54:
0c:6b:84:07:28:68:d3:b0:39:46:32:2a:c2:1d:09:
60:c5:f7:fa:67:10:bb:87:0a:8e:41:57:00:9a:d1:
fa:2a:db:51:e6:4e:b9:0c:07:ee:04:20:33:81:20:
a0:b5:a2:02:01:08:cf:3c:62:46:05:1b:c8:d6:5a:
87:43:ef:d2:45:c9:45:82:c9:23:c8:b0:7e:21:76:
c7:be:b9:02:4d:fc:68:7a:64:db:0b:3b:46:8b:1c:
18:20:90:a7:10:71:bb:1f:22:f6:30:2c:ad:8a:04:
c5:bf:c2:13:14:b0:d7:72:3f:75:d8:aa:35:15:8e:
bc:89:e3:9e:0b:0b:11:66:a3:1d:fd:c0:ca:d1:61:
8b:c6:1c:ef:0e:ec:fe:f4:a9:c5:18:42:7d:e7:2a:
c5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:77:F9:5E:80:2A:1F:F6:FE:A3:9C:70:56:0F:6F:7E:2B:6F:22:70
X509v3 Authority Key Identifier:
keyid:A1:F5:46:90:6A:9A:58:40:38:6B:64:DE:93:B1:B1:CF:87:F7:E1:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofVGkGqaWEA4a2Tek7Gxz4f34Sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cbafac-9873-4490-9a69-4a6c5cbd2050/1/CXf5XoAqH_b-o5xwVg9vfitvInA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/cbafac-9873-4490-9a69-4a6c5cbd2050/1/ofVGkGqaWEA4a2Tek7Gxz4f34Sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.0.0/21
IPv6:
2001:67c:7c0::/46
Signature Algorithm: sha256WithRSAEncryption
54:75:f0:b2:d0:a6:06:e6:30:44:51:4d:d5:06:a7:0a:5e:e5:
44:84:47:df:b0:da:d4:e5:bb:9f:70:94:d9:0c:c1:84:9f:29:
05:9a:9f:c8:93:ed:f1:3e:7b:79:df:95:9a:e0:b3:2a:23:6c:
c8:73:1d:95:28:dc:a1:4a:3c:6f:67:6c:e2:26:e6:58:ea:a8:
fd:8f:0a:ea:d9:2d:4b:4c:21:05:c9:c9:55:a4:f7:e0:cc:16:
b7:d5:02:aa:cd:65:8d:e3:f7:72:5a:d8:ba:28:c6:61:0e:79:
c5:17:55:98:30:1e:16:2d:31:56:2e:24:01:be:27:b3:1b:3d:
36:be:aa:5f:67:66:54:1f:d7:1d:2d:c1:51:e9:4e:8c:69:54:
37:d5:27:34:6a:d7:79:38:83:e4:5a:64:3d:9d:d5:fd:9c:72:
e4:9c:2c:58:b0:a9:6c:df:c8:f6:35:85:c8:73:2d:20:0c:cc:
22:6c:6e:8c:0a:6c:3f:db:c2:a7:41:e4:48:10:44:67:aa:3f:
da:4e:85:86:f5:2d:92:de:14:1f:dc:bc:31:51:86:87:3c:9f:
97:4f:c3:d8:2a:9e:2f:06:9b:f8:c5:a5:16:04:b5:ab:36:e8:
d3:93:4e:73:42:7e:0f:f6:48:b7:2c:20:6f:a0:a7:6f:90:8f:
7c:6c:68:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECg6L1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWY1NDY5MDZhOWE1ODQwMzg2YjY0ZGU5M2IxYjFjZjg3ZjdlMTI4MB4XDTIyMDEw
MTAwNTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk3N2Y5NWU4MDJh
MWZmNmZlYTM5YzcwNTYwZjZmN2UyYjZmMjI3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgLKe/Pw3/pSwN41vbI6O3rjwbNhyqG/N8b2+4G0HfmsKJH
rnRdY7JOKFsKimuL6NsbCOemFo7vFr09yE1p+a/MvchXZnQn9PzCzGmZ7OhL6P+5
/j2Ng7UbPpM6OyJXX3VjnczenThUDGuEByho07A5RjIqwh0JYMX3+mcQu4cKjkFX
AJrR+irbUeZOuQwH7gQgM4EgoLWiAgEIzzxiRgUbyNZah0Pv0kXJRYLJI8iwfiF2
x765Ak38aHpk2ws7RoscGCCQpxBxux8i9jAsrYoExb/CExSw13I/ddiqNRWOvInj
ngsLEWajHf3AytFhi8Yc7w7s/vSpxRhCfecqxa0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQJd/legCof9v6jnHBWD29+K28icDAfBgNVHSMEGDAWgBSh9UaQappYQDhr
ZN6TsbHPh/fhKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29mVkdrR3FhV0VBNGEyVGVrN0d4ejRmMzRTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvY2JhZmFjLTk4NzMtNDQ5MC05YTY5LTRhNmM1Y2JkMjA1MC8x
L0NYZjVYb0FxSF9iLW81eHdWZzl2Zml0dkluQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
Y2JhZmFjLTk4NzMtNDQ5MC05YTY5LTRhNmM1Y2JkMjA1MC8xL29mVkdrR3FhV0VB
NGEyVGVrN0d4ejRmMzRTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA1kWADAPBAIAAjAJAwcCIAEGfAfA
MA0GCSqGSIb3DQEBCwUAA4IBAQBUdfCy0KYG5jBEUU3VBqcKXuVEhEffsNrU5buf
cJTZDMGEnykFmp/Ik+3xPnt535Wa4LMqI2zIcx2VKNyhSjxvZ2ziJuZY6qj9jwrq
2S1LTCEFyclVpPfgzBa31QKqzWWN4/dyWti6KMZhDnnFF1WYMB4WLTFWLiQBviez
Gz02vqpfZ2ZUH9cdLcFR6U6MaVQ31Sc0atd5OIPkWmQ9ndX9nHLknCxYsKls38j2
NYXIcy0gDMwibG6MCmw/28KnQeRIEERnqj/aToWG9S2S3hQf3LwxUYaHPJ+XT8PY
Kp4vBpv4xaUWBLWrNujTk05zQn4P9ki3LCBvoKdvkI98bGgC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:59 2024 by rpki-client on console-ams.rpki-client.org