Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Sh-p1eLxmwmunDHVIwr1wgCzrKw.roa
File: Sh-p1eLxmwmunDHVIwr1wgCzrKw.roa (raw, json)
Hash identifier: INwrdHYn82/V8tNkaQYbBkfN4piVPYOH1rEkE84dS/M=
Subject key identifier: 4A:1F:A9:D5:E2:F1:9B:09:AE:9C:31:D5:23:0A:F5:C2:00:B3:AC:AC
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27E02E2683481453E81C2F9F8BA578
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Sh-p1eLxmwmunDHVIwr1wgCzrKw.roa
Signing time: Fri 28 Oct 2022 10:34:00 +0000
ROA not before: Fri 28 Oct 2022 10:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 86.38.151.0/24 maxlen: 24
84.46.171.0/24 maxlen: 24
89.117.118.0/24 maxlen: 24
89.117.15.0/24 maxlen: 24
89.117.124.0/24 maxlen: 24
89.116.168.0/24 maxlen: 24
89.117.136.0/24 maxlen: 24
82.140.182.0/24 maxlen: 24
89.117.38.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
86.38.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:e0:2e:26:83:48:14:53:e8:1c:2f:9f:8b:a5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a1fa9d5e2f19b09ae9c31d5230af5c200b3acac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e3:b9:99:94:5e:d3:ce:ac:fc:2c:0f:a0:e8:
5c:fc:8f:28:c2:7c:e5:f4:d1:a0:fc:b9:90:fb:ac:
0c:06:bb:f5:d9:b4:6e:1b:16:33:30:9f:f1:9b:f4:
18:62:d1:2d:53:24:4e:5e:55:75:e5:0c:65:28:d6:
33:b2:1e:9e:9d:3e:46:34:92:e0:f0:a3:51:58:8b:
26:ee:65:f9:e8:7b:26:1f:3b:24:a9:99:bd:3a:11:
ae:d6:35:3a:97:a1:e6:29:07:fa:93:d0:c3:46:05:
95:48:81:25:25:ba:87:b1:2c:7a:34:33:e6:b0:27:
2d:19:99:36:4f:da:ac:27:d5:31:c8:8f:0d:92:76:
fd:58:f4:7e:e6:07:c7:e3:d6:24:31:2a:ae:d3:93:
64:ce:fd:ce:4d:22:32:80:0a:49:39:3c:73:15:15:
6b:fb:7a:cd:03:9f:1c:43:33:69:cc:0f:95:47:3f:
55:27:ed:7f:6b:dc:1b:5d:25:cc:9e:2a:98:02:ee:
6c:e8:ae:d9:8b:5e:09:5b:72:df:68:33:97:00:9e:
35:79:c7:99:20:4a:e6:ef:74:27:9c:f3:db:ca:18:
78:01:99:b7:ea:85:ad:2b:7c:08:49:3e:47:a2:81:
9f:8b:28:c8:ea:40:f1:cc:99:5a:29:26:52:61:e8:
e4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1F:A9:D5:E2:F1:9B:09:AE:9C:31:D5:23:0A:F5:C2:00:B3:AC:AC
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/Sh-p1eLxmwmunDHVIwr1wgCzrKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.182.0/24
84.46.171.0/24
86.38.7.0/24
86.38.151.0/24
89.116.168.0/24
89.116.193.0/24
89.117.15.0/24
89.117.38.0/24
89.117.118.0/24
89.117.124.0/24
89.117.136.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8b:1a:6a:2b:27:ca:59:30:f8:8b:90:c9:09:05:ea:ee:fa:
7f:7d:91:7c:2c:f2:3b:99:63:e9:0e:9a:30:d5:38:f7:76:d5:
b1:26:f5:8d:7a:f1:8b:fd:6f:42:87:7f:87:8e:bb:7c:e7:77:
c4:61:d6:39:63:f0:85:cd:10:90:37:b2:65:08:42:f0:86:36:
8b:13:16:e6:0f:93:75:c3:bf:fb:d5:5d:9c:84:e8:25:2e:8f:
97:30:f7:a4:2f:49:0c:9f:db:de:cf:4f:55:23:1c:2b:2f:46:
18:0b:b8:d2:c9:26:b7:60:20:d7:60:dc:d5:70:96:b5:0e:40:
5e:8b:8b:c7:b3:e0:ee:90:74:98:08:8f:b8:45:42:54:9a:17:
41:e7:5c:36:cd:8f:96:10:81:a6:cc:e2:b2:21:cf:fd:5c:40:
b1:7b:34:62:da:54:a3:48:d2:fd:35:ae:01:b6:29:79:bd:e5:
8e:e2:cc:06:bf:fa:ed:7e:80:be:33:4f:d5:65:07:fc:25:98:
9c:30:c2:62:bb:ab:95:a2:04:08:5c:6f:80:dc:7b:7b:41:e4:
89:1e:af:4c:c8:00:36:36:2a:c1:0f:ca:85:24:82:e6:aa:d6:
b2:36:76:e8:70:d5:ce:77:d4:99:e5:14:8e:ce:4c:eb:6e:00:
30:bc:49:37
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYQeJ+AuJoNIFFPoHC+fi6V4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFmYTlkNWUyZjE5YjA5YWU5YzMxZDUyMzBhZjVjMjAwYjNhY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+O5mZRe086s/CwPoOhc/I8ownzl
9NGg/LmQ+6wMBrv12bRuGxYzMJ/xm/QYYtEtUyROXlV15QxlKNYzsh6enT5GNJLg
8KNRWIsm7mX56HsmHzskqZm9OhGu1jU6l6HmKQf6k9DDRgWVSIElJbqHsSx6NDPm
sCctGZk2T9qsJ9UxyI8Nknb9WPR+5gfH49YkMSqu05Nkzv3OTSIygApJOTxzFRVr
+3rNA58cQzNpzA+VRz9VJ+1/a9wbXSXMniqYAu5s6K7Zi14JW3LfaDOXAJ41eceZ
IErm73QnnPPbyhh4AZm36oWtK3wIST5HooGfiyjI6kDxzJlaKSZSYejkLQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEofqdXi8ZsJrpwx1SMK9cIAs6ysMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvU2gtcDFlTHhtd211bkRIVkl3cjF3Z0N6ckt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUoy2AwQA
VC6rAwQAViYHAwQAViaXAwQAWXSoAwQAWXTBAwQAWXUPAwQAWXUmAwQAWXV2AwQA
WXV8AwQAWXWIMA0GCSqGSIb3DQEBCwUAA4IBAQCrixpqKyfKWTD4i5DJCQXq7vp/
fZF8LPI7mWPpDpow1Tj3dtWxJvWNevGL/W9Ch3+Hjrt853fEYdY5Y/CFzRCQN7Jl
CELwhjaLExbmD5N1w7/71V2chOglLo+XMPekL0kMn9vez09VIxwrL0YYC7jSySa3
YCDXYNzVcJa1DkBei4vHs+DukHSYCI+4RUJUmhdB51w2zY+WEIGmzOKyIc/9XECx
ezRi2lSjSNL9Na4Btil5veWO4swGv/rtfoC+M0/VZQf8JZicMMJiu6uVogQIXG+A
3Ht7QeSJHq9MyAA2NirBD8qFJILmqtayNnbocNXOd9SZ5RSOzkzrbgAwvEk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org