Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/YalO3IpM4BPQ8aM26t6hKFJDXWY.roa
File: YalO3IpM4BPQ8aM26t6hKFJDXWY.roa (raw, json)
Hash identifier: EstEKOh44nLagT/ME7y2nBvWrxowwq8eqjfi4q2FLLc=
Subject key identifier: 61:A9:4E:DC:8A:4C:E0:13:D0:F1:A3:36:EA:DE:A1:28:52:43:5D:66
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27CA2BA5F7E981160E24B719A8D030
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/YalO3IpM4BPQ8aM26t6hKFJDXWY.roa
Signing time: Fri 28 Oct 2022 10:33:54 +0000
ROA not before: Fri 28 Oct 2022 10:33:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.117.68.0/24 maxlen: 24
86.38.175.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.218.0/24 maxlen: 24
86.38.190.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:ca:2b:a5:f7:e9:81:16:0e:24:b7:19:a8:d0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61a94edc8a4ce013d0f1a336eadea12852435d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:88:d9:fe:c4:c4:d8:22:ec:34:56:a3:f1:65:
26:0f:2e:17:ae:1a:db:12:4a:c7:4b:80:84:f0:fa:
22:f9:05:6c:9a:0d:aa:cb:aa:1a:2e:9d:18:b0:eb:
5d:c9:cd:6c:90:e7:98:7d:ef:fb:e4:39:39:d0:51:
bb:ce:86:c9:8c:28:8c:5f:06:f4:84:f6:6b:65:9c:
05:e5:4d:0b:91:3a:44:6f:7b:c0:e8:85:34:54:a1:
22:57:50:fb:12:34:fc:91:f3:bc:6f:30:7b:56:ad:
33:cc:b3:d9:80:9f:73:e7:ca:f4:36:cc:25:5f:67:
9d:d8:8e:3d:60:6c:c2:35:53:0f:7c:4f:b2:f2:08:
a9:46:e9:5e:d3:af:b1:14:10:dc:38:1d:42:36:cf:
a4:32:53:6b:1b:0b:8c:41:23:68:e6:7f:4b:d1:14:
6f:0b:09:df:92:97:7f:a7:3b:41:4d:3f:13:19:8f:
9f:15:69:18:88:9c:22:6d:8b:07:bd:a9:cd:5c:19:
95:d8:a1:49:98:52:87:bf:ca:e9:be:d7:db:7d:58:
1a:b3:18:df:6e:21:c3:57:53:5b:d0:0c:4b:a6:b7:
95:66:cf:25:81:63:68:4d:37:ba:c8:5d:a9:54:ed:
2b:98:15:14:ff:e7:d3:2a:f9:93:07:16:0f:3b:e1:
84:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A9:4E:DC:8A:4C:E0:13:D0:F1:A3:36:EA:DE:A1:28:52:43:5D:66
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/YalO3IpM4BPQ8aM26t6hKFJDXWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.175.0/24
86.38.177.0/24
86.38.190.0/24
89.116.70.0/24
89.116.102.0/24
89.116.175.0/24
89.117.68.0/24
89.117.109.0/24
89.117.218.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:35:d6:12:bf:23:9b:76:f1:16:ae:71:61:b5:c1:af:38:56:
0a:35:1c:06:75:a3:11:88:6a:08:28:04:c2:c2:29:b0:04:00:
33:52:40:eb:7b:9c:c5:68:8d:f1:0f:5c:fd:3b:d2:74:0f:a9:
f7:5c:0d:52:74:b1:e5:0f:42:64:ed:0d:c5:ad:c7:75:8e:98:
ee:ef:3c:e4:f8:f5:0e:bb:1f:42:7d:eb:cd:89:d0:dc:72:bc:
58:ee:78:18:ad:e5:26:22:8f:4b:ca:4f:11:34:77:d7:57:e0:
f2:23:d6:89:77:dd:3f:11:6e:92:b4:3f:9e:92:ea:cf:7d:88:
23:38:f1:9b:0c:37:6e:33:a2:f3:0e:e1:2f:48:60:5a:db:a8:
5e:43:2b:60:c9:9d:46:5a:34:c8:c2:7f:fc:89:96:32:9e:22:
7a:cd:13:58:ef:5a:8a:e2:f9:0f:61:fb:7e:0c:86:1a:67:df:
e8:0d:42:11:65:46:18:d8:4e:5c:49:c3:0c:cd:c1:b7:31:bd:
63:73:5f:59:49:42:6f:66:dc:ea:db:31:9c:75:b3:53:ad:f2:
ff:b8:25:94:2c:9f:c7:d4:01:16:11:b2:88:c5:f9:9a:f8:0c:
5e:c1:70:fe:30:41:f6:5b:f7:3a:b2:52:54:c2:b0:52:c2:de:
70:60:ff:dc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQeJ8orpffpgRYOJLcZqNAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE5NGVkYzhhNGNlMDEzZDBmMWEzMzZlYWRlYTEyODUyNDM1ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IjZ/sTE2CLsNFaj8WUmDy4Xrhrb
EkrHS4CE8Poi+QVsmg2qy6oaLp0YsOtdyc1skOeYfe/75Dk50FG7zobJjCiMXwb0
hPZrZZwF5U0LkTpEb3vA6IU0VKEiV1D7EjT8kfO8bzB7Vq0zzLPZgJ9z58r0Nswl
X2ed2I49YGzCNVMPfE+y8gipRule06+xFBDcOB1CNs+kMlNrGwuMQSNo5n9L0RRv
Cwnfkpd/pztBTT8TGY+fFWkYiJwibYsHvanNXBmV2KFJmFKHv8rpvtfbfVgasxjf
biHDV1Nb0AxLpreVZs8lgWNoTTe6yF2pVO0rmBUU/+fTKvmTBxYPO+GEFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGGpTtyKTOAT0PGjNureoShSQ11mMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvWWFsTzNJcE00QlBROGFNMjZ0NmhLRkpEWFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAViavAwQA
ViaxAwQAVia+AwQAWXRGAwQAWXRmAwQAWXSvAwQAWXVEAwQAWXVtAwQAWXXaMA0G
CSqGSIb3DQEBCwUAA4IBAQBdNdYSvyObdvEWrnFhtcGvOFYKNRwGdaMRiGoIKATC
wimwBAAzUkDre5zFaI3xD1z9O9J0D6n3XA1SdLHlD0Jk7Q3Frcd1jpju7zzk+PUO
ux9CfevNidDccrxY7ngYreUmIo9Lyk8RNHfXV+DyI9aJd90/EW6StD+ekurPfYgj
OPGbDDduM6LzDuEvSGBa26heQytgyZ1GWjTIwn/8iZYyniJ6zRNY71qK4vkPYft+
DIYaZ9/oDUIRZUYY2E5cScMMzcG3Mb1jc19ZSUJvZtzq2zGcdbNTrfL/uCWULJ/H
1AEWEbKIxfma+AxewXD+MEH2W/c6slJUwrBSwt5wYP/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org