Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Ol2lZ1HYQ3jMDBHbkCklMGoMXxw.roa
File: Ol2lZ1HYQ3jMDBHbkCklMGoMXxw.roa (raw, json)
Hash identifier: tzlKELdmpR3tEvMoEE2CBxPr7pHH/FD9u+5FafuRdrY=
Subject key identifier: 3A:5D:A5:67:51:D8:43:78:CC:0C:11:DB:90:29:25:30:6A:0C:5F:1C
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27DFA0D93DD71921AF895BB3843267
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Ol2lZ1HYQ3jMDBHbkCklMGoMXxw.roa
Signing time: Fri 28 Oct 2022 10:34:00 +0000
ROA not before: Fri 28 Oct 2022 10:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 89.117.96.0/22 maxlen: 24
89.116.137.0/24 maxlen: 24
89.117.104.0/22 maxlen: 24
89.116.63.0/24 maxlen: 24
89.116.61.0/24 maxlen: 24
89.116.60.0/22 maxlen: 24
89.116.60.0/24 maxlen: 24
89.116.62.0/24 maxlen: 24
89.116.44.0/22 maxlen: 24
89.116.48.0/22 maxlen: 24
89.117.126.0/24 maxlen: 24
89.117.152.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:df:a0:d9:3d:d7:19:21:af:89:5b:b3:84:32:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a5da56751d84378cc0c11db902925306a0c5f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:58:01:6b:d3:a7:fd:5c:b6:68:c8:db:95:ec:
fd:37:94:83:d1:27:99:bc:c5:11:0c:0e:ad:cc:90:
59:fe:5e:92:88:1c:25:3e:6f:49:53:e8:46:b0:37:
03:da:1e:bd:31:c5:2c:2d:1d:84:cb:86:2e:0b:53:
7c:57:d6:a2:75:5c:d4:bf:5a:9c:1c:39:4a:1f:c8:
bc:44:d8:17:75:c6:6a:ae:28:2a:b6:55:4a:17:fa:
d4:69:1b:26:18:a5:af:14:69:f4:23:7c:4b:ad:9f:
00:d6:7f:1a:fc:66:dd:9c:40:73:6d:5c:97:12:15:
fc:0b:5c:9b:2d:2f:11:ca:b9:65:0c:9a:4c:94:fb:
55:a1:1b:d4:cb:5c:e6:47:66:0a:d8:7e:1b:dd:bd:
ff:20:6f:76:08:76:c7:75:c5:45:eb:47:53:2c:3d:
7b:f1:da:e8:a7:55:c0:a8:7a:9d:23:9f:e6:a2:9f:
03:63:41:bd:de:22:28:da:c2:5a:b2:29:27:ad:91:
4d:05:7e:35:67:a3:7a:2b:44:13:8c:38:56:e0:be:
46:81:de:32:1c:1d:6e:ae:49:3a:1d:b7:cd:52:d9:
62:11:d6:f1:3f:05:1f:bc:f0:92:86:2e:8f:23:27:
2f:38:a3:e3:44:7d:0e:ca:ef:9b:dd:10:ad:94:a6:
3c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5D:A5:67:51:D8:43:78:CC:0C:11:DB:90:29:25:30:6A:0C:5F:1C
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Ol2lZ1HYQ3jMDBHbkCklMGoMXxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.44.0-89.116.51.255
89.116.60.0/22
89.116.137.0/24
89.116.212.0/22
89.117.96.0/22
89.117.104.0/22
89.117.126.0/24
89.117.152.0/22
Signature Algorithm: sha256WithRSAEncryption
79:5d:dd:c8:dc:82:01:10:b8:03:e7:00:48:8f:4c:ff:18:c2:
ae:77:8a:e9:86:7b:f1:da:92:bb:14:6a:ee:bd:0f:6f:f1:e3:
1e:fc:2a:fb:a7:17:d4:cb:a3:8e:be:d9:90:a2:ac:e4:30:39:
ab:ba:06:00:7d:fc:bb:1f:7c:bc:4b:8b:d8:30:49:7a:b9:b1:
de:7d:1e:65:2a:38:6d:58:ae:2d:6e:ed:d7:ed:9a:6f:07:89:
79:fe:56:d1:ab:a2:cd:1b:f6:21:1d:d0:a9:84:94:d1:6b:d1:
f7:67:71:78:22:48:a3:4b:ea:39:40:67:f2:47:ef:29:65:db:
37:07:8e:5d:92:8a:f5:36:2b:73:a4:b1:64:21:63:4d:77:06:
09:0e:bb:14:ba:2e:68:2c:e6:e5:04:3b:89:aa:5d:08:e6:7b:
43:20:f1:74:a7:f3:f7:22:eb:7b:3d:07:ec:e0:c5:f7:28:6d:
09:44:42:c5:d4:77:6d:af:31:02:9f:b5:95:12:0f:e4:2e:7a:
8f:63:14:fb:46:e0:42:12:46:9c:d0:af:f3:59:3d:f2:d5:47:
3c:9e:ce:54:0d:4e:bb:87:9f:79:15:b8:2d:3f:a5:78:5f:ea:
8a:dc:5d:e2:7e:2a:91:0c:23:4c:bd:f5:79:1a:07:fe:1a:f4:
06:6e:5c:2a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQeJ9+g2T3XGSGviVuzhDJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVkYTU2NzUxZDg0Mzc4Y2MwYzExZGI5MDI5MjUzMDZhMGM1ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVgBa9On/Vy2aMjblez9N5SD0SeZ
vMURDA6tzJBZ/l6SiBwlPm9JU+hGsDcD2h69McUsLR2Ey4YuC1N8V9aidVzUv1qc
HDlKH8i8RNgXdcZqrigqtlVKF/rUaRsmGKWvFGn0I3xLrZ8A1n8a/GbdnEBzbVyX
EhX8C1ybLS8RyrllDJpMlPtVoRvUy1zmR2YK2H4b3b3/IG92CHbHdcVF60dTLD17
8drop1XAqHqdI5/mop8DY0G93iIo2sJasiknrZFNBX41Z6N6K0QTjDhW4L5Ggd4y
HB1urkk6HbfNUtliEdbxPwUfvPCShi6PIycvOKPjRH0Oyu+b3RCtlKY8GwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDpdpWdR2EN4zAwR25ApJTBqDF8cMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvT2wybFoxSFlRM2pNREJIYmtDa2xNR29NWHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAJZdCwD
BAJZdDADBAJZdDwDBABZdIkDBAJZdNQDBAJZdWADBAJZdWgDBABZdX4DBAJZdZgw
DQYJKoZIhvcNAQELBQADggEBAHld3cjcggEQuAPnAEiPTP8Ywq53iumGe/HakrsU
au69D2/x4x78KvunF9TLo46+2ZCirOQwOau6BgB9/LsffLxLi9gwSXq5sd59HmUq
OG1Yri1u7dftmm8HiXn+VtGros0b9iEd0KmElNFr0fdncXgiSKNL6jlAZ/JH7yll
2zcHjl2SivU2K3OksWQhY013BgkOuxS6Lmgs5uUEO4mqXQjme0Mg8XSn8/ci63s9
B+zgxfcobQlEQsXUd22vMQKftZUSD+Queo9jFPtG4EISRpzQr/NZPfLVRzyezlQN
TruHn3kVuC0/pXhf6orcXeJ+KpEMI0y99XkaB/4a9AZuXCo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org