Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/N8_C49WszyUAQ7hMPvleY2fPXQ0.roa
File: N8_C49WszyUAQ7hMPvleY2fPXQ0.roa (raw, json)
Hash identifier: h9cQNnS6TVuXrmBATXyNngjdyDZsauK/8zH+ESxyHf0=
Subject key identifier: 37:CF:C2:E3:D5:AC:CF:25:00:43:B8:4C:3E:F9:5E:63:67:CF:5D:0D
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27DF4FB38BC50386C105E278E58B1B
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/N8_C49WszyUAQ7hMPvleY2fPXQ0.roa
Signing time: Fri 28 Oct 2022 10:34:00 +0000
ROA not before: Fri 28 Oct 2022 10:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 89.116.108.0/24 maxlen: 24
89.117.188.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.237.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.117.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:df:4f:b3:8b:c5:03:86:c1:05:e2:78:e5:8b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37cfc2e3d5accf250043b84c3ef95e6367cf5d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:eb:29:51:8a:44:c1:f0:08:90:d9:5c:90:
40:96:7e:4d:94:bd:78:42:9e:19:98:49:5f:1c:d2:
d8:ca:ab:98:5c:d1:0a:6c:20:10:83:6a:64:5d:d1:
ee:74:39:5f:54:af:ba:3f:22:ad:c6:49:7b:2e:cf:
1e:19:09:87:77:ae:e9:4a:3b:d0:09:57:d1:f8:0b:
fd:0a:5d:ad:47:11:1b:43:af:c3:1f:35:63:41:4b:
55:c6:44:ed:85:ad:e0:84:10:88:ab:43:2d:e4:65:
b6:43:b5:15:cf:78:2d:0d:db:5a:06:60:75:0c:cd:
d0:38:2d:03:98:fb:a9:49:0b:4c:d0:40:7a:b0:a1:
43:9e:28:44:c4:a5:93:14:6f:a2:bc:0e:6b:e0:85:
83:c7:07:d0:69:20:78:94:f4:ca:24:ed:97:a5:f2:
ea:3f:19:58:7e:c0:03:87:2f:6f:b4:b7:73:14:d4:
61:f2:e2:23:bd:15:13:36:30:e7:a5:fd:1b:8f:dd:
40:1d:f5:00:ba:9e:33:d5:6a:71:f6:9a:a1:be:bb:
d7:75:1a:46:5a:cc:5c:cf:93:61:da:b7:11:ea:be:
d8:3c:b3:b5:5c:7c:03:05:94:de:c8:ee:36:9f:00:
23:b5:f8:db:29:ab:bc:47:98:43:19:2b:e0:c9:45:
9d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CF:C2:E3:D5:AC:CF:25:00:43:B8:4C:3E:F9:5E:63:67:CF:5D:0D
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/N8_C49WszyUAQ7hMPvleY2fPXQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.108.0/24
89.116.128.0/24
89.116.153.0-89.116.154.255
89.116.190.0/24
89.116.237.0/24
89.117.139.0/24
89.117.157.0/24
89.117.188.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:9c:48:65:cc:3c:44:f8:35:1a:da:b0:d8:dd:8d:e0:5d:22:
3f:33:5f:20:83:0f:a8:af:ea:d1:69:b7:71:c8:3d:a6:df:bc:
20:7b:1f:60:3b:bb:6d:05:a9:aa:cb:19:ee:1e:5e:80:b5:85:
49:f2:d1:de:86:34:2e:74:a5:00:a9:34:8e:e7:ad:e1:94:46:
ed:7a:15:3f:19:62:47:e3:a6:9d:f3:28:50:80:e1:c9:34:5d:
a5:b1:1f:88:8c:f0:72:50:a3:83:7f:e1:06:bb:c5:87:e7:c9:
9e:c7:7f:a5:98:b0:ae:69:9b:a8:3f:a9:77:d2:04:1f:c4:ee:
5f:9b:c4:52:a1:a1:bb:86:6b:5d:69:9c:cd:da:b6:35:8a:63:
6a:18:27:3c:b4:fe:1b:53:d4:68:3e:3e:a2:86:b5:18:76:34:
35:95:05:41:d5:df:dd:ad:b6:af:7e:5d:cf:91:ec:a0:25:a1:
d1:cd:cd:12:8b:64:49:0d:8b:d5:59:a2:4b:40:be:b9:b4:49:
00:00:38:15:0e:f5:56:60:84:97:76:31:39:f6:7f:56:7e:4c:
f8:7b:4f:f4:20:54:9b:fe:41:09:4a:71:05:32:80:a5:88:44:
a2:33:19:32:38:8c:81:64:96:b9:0b:b6:d1:09:24:10:9d:0b:
56:31:ab:f7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQeJ99Ps4vFA4bBBeJ45YsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NmYzJlM2Q1YWNjZjI1MDA0M2I4NGMzZWY5NWU2MzY3Y2Y1ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxynrKVGKRMHwCJDZXJBAln5NlL14
Qp4ZmElfHNLYyquYXNEKbCAQg2pkXdHudDlfVK+6PyKtxkl7Ls8eGQmHd67pSjvQ
CVfR+Av9Cl2tRxEbQ6/DHzVjQUtVxkTtha3ghBCIq0Mt5GW2Q7UVz3gtDdtaBmB1
DM3QOC0DmPupSQtM0EB6sKFDnihExKWTFG+ivA5r4IWDxwfQaSB4lPTKJO2XpfLq
PxlYfsADhy9vtLdzFNRh8uIjvRUTNjDnpf0bj91AHfUAup4z1Wpx9pqhvrvXdRpG
Wsxcz5Nh2rcR6r7YPLO1XHwDBZTeyO42nwAjtfjbKau8R5hDGSvgyUWdjwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDfPwuPVrM8lAEO4TD75XmNnz10NMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvTjhfQzQ5V3N6eVVBUTdoTVB2bGVZMmZQWFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAWXRsAwQA
WXSAMAwDBABZdJkDBABZdJoDBABZdL4DBABZdO0DBABZdYsDBABZdZ0DBABZdbww
DQYJKoZIhvcNAQELBQADggEBALucSGXMPET4NRrasNjdjeBdIj8zXyCDD6iv6tFp
t3HIPabfvCB7H2A7u20FqarLGe4eXoC1hUny0d6GNC50pQCpNI7nreGURu16FT8Z
Ykfjpp3zKFCA4ck0XaWxH4iM8HJQo4N/4Qa7xYfnyZ7Hf6WYsK5pm6g/qXfSBB/E
7l+bxFKhobuGa11pnM3atjWKY2oYJzy0/htT1Gg+PqKGtRh2NDWVBUHV392ttq9+
Xc+R7KAlodHNzRKLZEkNi9VZoktAvrm0SQAAOBUO9VZghJd2MTn2f1Z+TPh7T/Qg
VJv+QQlKcQUygKWIRKIzGTI4jIFklrkLttEJJBCdC1Yxq/c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org