Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hDerMQ5FL02Ifiq0YqYrHDURUts.roa
File: hDerMQ5FL02Ifiq0YqYrHDURUts.roa (raw, json)
Hash identifier: pThiEUM4hBCtqLJqD3vlpD45vr9d9zTnRa+vSAZtTvU=
Subject key identifier: 84:37:AB:31:0E:45:2F:4D:88:7E:2A:B4:62:A6:2B:1C:35:11:52:DB
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 0184378935DF999D28D28831C32CB4999392
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hDerMQ5FL02Ifiq0YqYrHDURUts.roa
Signing time: Wed 02 Nov 2022 08:50:49 +0000
ROA not before: Wed 02 Nov 2022 08:50:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.46.170.0/24 maxlen: 24
89.117.101.0/24 maxlen: 24
86.38.177.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.117.27.0/24 maxlen: 24
89.117.35.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
86.38.214.0/24 maxlen: 24
89.116.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:89:35:df:99:9d:28:d2:88:31:c3:2c:b4:99:93:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Nov 2 08:50:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8437ab310e452f4d887e2ab462a62b1c351152db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5c:70:b3:a4:06:f5:60:6a:12:4c:6b:54:2a:
9b:dc:9b:47:b3:21:ee:4b:a8:0a:f9:5c:f3:8c:dd:
3e:d4:85:30:f8:b4:07:c8:ab:38:50:ae:2b:62:ef:
d7:4d:38:5b:ca:02:8d:4f:4f:ee:38:0c:2e:d3:85:
83:b6:65:32:1f:f7:3d:8a:b1:60:84:40:82:88:62:
db:46:5a:06:c3:05:e0:44:ef:8e:94:b8:18:41:5c:
33:44:96:15:a4:79:a1:fd:b0:29:39:af:98:b6:b1:
9e:de:00:6e:30:f9:30:98:51:ea:15:50:44:63:73:
21:ce:86:dd:6b:14:6e:89:4c:d2:1b:f4:68:b7:81:
56:1b:3c:85:60:75:ec:ef:ba:e3:5f:64:1e:d9:5f:
a6:ba:ce:1c:51:aa:35:41:9c:83:b3:32:a2:f9:a3:
0f:76:e6:aa:f8:7f:60:4a:a2:19:01:4d:27:fc:ef:
0d:ce:ea:2e:5b:18:db:e0:31:b4:c4:33:3d:dd:1e:
96:3f:16:e6:8c:62:59:ec:99:37:08:5e:d9:c4:6f:
ea:31:cd:a2:da:cb:30:1e:06:d3:43:bb:92:46:32:
d3:bc:e4:6b:04:c2:73:54:02:56:24:65:e9:ff:84:
19:8b:e5:ac:3a:0f:a1:e6:ab:6e:8b:07:c7:95:15:
fc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:37:AB:31:0E:45:2F:4D:88:7E:2A:B4:62:A6:2B:1C:35:11:52:DB
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hDerMQ5FL02Ifiq0YqYrHDURUts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.170.0/24
86.38.177.0/24
86.38.214.0/24
89.116.102.0/24
89.116.163.0/24
89.116.190.0/24
89.117.27.0/24
89.117.35.0/24
89.117.101.0/24
Signature Algorithm: sha256WithRSAEncryption
84:70:41:fd:c9:b9:73:b1:5a:67:91:7c:43:d1:a9:d3:c5:0e:
dc:a5:e0:4f:92:27:4d:03:47:6a:a7:9b:c1:ad:5a:12:c8:30:
45:28:17:70:80:67:92:c7:49:1f:2e:a9:f8:02:3f:eb:0d:da:
af:08:9e:0c:11:70:03:73:21:52:56:a5:43:f6:35:27:69:77:
1f:2a:e3:40:a2:b0:ad:25:af:ca:5f:6c:a5:37:aa:5d:68:07:
7e:ee:67:c9:0b:dd:70:bb:22:4d:35:0b:86:1d:88:eb:57:6f:
8b:72:ad:12:c7:27:95:6c:1e:a9:6f:c5:e1:0c:ee:02:1b:8c:
56:df:dd:a1:0e:7e:49:b0:d9:d5:f3:de:75:e5:15:5d:90:b6:
a5:6f:d5:44:6a:b4:6d:4e:2d:03:28:ad:fc:31:7e:23:24:bd:
00:3e:86:7f:65:71:bb:f1:5d:d3:e2:43:30:b6:aa:6e:19:c4:
51:67:7f:30:7c:40:09:f8:63:13:a4:44:60:30:6e:1e:08:5a:
f5:a3:a9:b0:7f:05:69:ec:61:1f:e2:18:f1:f8:4f:2a:40:c2:
c0:f7:e5:46:c3:cc:0a:cb:26:0d:62:7f:b5:73:34:fb:09:2e:
e0:b9:77:2f:4a:24:46:a4:59:8a:b1:b5:e8:d5:93:ce:36:32:
39:b4:1b:ee
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQ3iTXfmZ0o0ogxwyy0mZOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMTAyMDg1MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDM3YWIzMTBlNDUyZjRkODg3ZTJhYjQ2MmE2MmIxYzM1MTE1MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFxws6QG9WBqEkxrVCqb3JtHsyHu
S6gK+VzzjN0+1IUw+LQHyKs4UK4rYu/XTThbygKNT0/uOAwu04WDtmUyH/c9irFg
hECCiGLbRloGwwXgRO+OlLgYQVwzRJYVpHmh/bApOa+YtrGe3gBuMPkwmFHqFVBE
Y3MhzobdaxRuiUzSG/Rot4FWGzyFYHXs77rjX2Qe2V+mus4cUao1QZyDszKi+aMP
duaq+H9gSqIZAU0n/O8NzuouWxjb4DG0xDM93R6WPxbmjGJZ7Jk3CF7ZxG/qMc2i
2sswHgbTQ7uSRjLTvORrBMJzVAJWJGXp/4QZi+WsOg+h5qtuiwfHlRX89wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIQ3qzEORS9NiH4qtGKmKxw1EVLbMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvaERlck1RNUZMMDJJZmlxMFlxWXJIRFVSVXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVC6qAwQA
ViaxAwQAVibWAwQAWXRmAwQAWXSjAwQAWXS+AwQAWXUbAwQAWXUjAwQAWXVlMA0G
CSqGSIb3DQEBCwUAA4IBAQCEcEH9yblzsVpnkXxD0anTxQ7cpeBPkidNA0dqp5vB
rVoSyDBFKBdwgGeSx0kfLqn4Aj/rDdqvCJ4MEXADcyFSVqVD9jUnaXcfKuNAorCt
Ja/KX2ylN6pdaAd+7mfJC91wuyJNNQuGHYjrV2+Lcq0SxyeVbB6pb8XhDO4CG4xW
392hDn5JsNnV89515RVdkLalb9VEarRtTi0DKK38MX4jJL0APoZ/ZXG78V3T4kMw
tqpuGcRRZ38wfEAJ+GMTpERgMG4eCFr1o6mwfwVp7GEf4hjx+E8qQMLA9+VGw8wK
yyYNYn+1czT7CS7guXcvSiRGpFmKsbXo1ZPONjI5tBvu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org