Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hkTitW3L3xNN2jMvm_zuq8zTRDo.roa
File: hkTitW3L3xNN2jMvm_zuq8zTRDo.roa (raw, json)
Hash identifier: IOyyfyCSfU1Qaug0924ZNCsJ1FJAspyoUo2SOOauDeo=
Subject key identifier: 86:44:E2:B5:6D:CB:DF:13:4D:DA:33:2F:9B:FC:EE:AB:CC:D3:44:3A
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27CBAFE0310F96E7BC2C7FA114FDB7
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hkTitW3L3xNN2jMvm_zuq8zTRDo.roa
Signing time: Fri 28 Oct 2022 10:33:55 +0000
ROA not before: Fri 28 Oct 2022 10:33:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 89.116.221.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
84.46.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:cb:af:e0:31:0f:96:e7:bc:2c:7f:a1:14:fd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8644e2b56dcbdf134dda332f9bfceeabccd3443a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:f1:90:f4:6b:e7:56:cb:30:07:77:82:7e:
5b:49:eb:36:8d:2d:5b:9a:e1:98:ce:b7:be:7d:79:
1f:49:0c:de:d6:b8:47:3c:cc:6a:b0:9f:b0:70:f7:
eb:10:6b:68:89:05:38:06:fe:17:e5:96:3f:f3:93:
98:97:5f:16:21:76:4e:20:97:18:5e:c1:63:96:eb:
2c:23:67:ae:17:ca:30:60:05:2e:9e:bb:e0:24:44:
db:56:79:46:2c:15:ee:6d:25:86:58:f3:ba:4b:bc:
91:f1:eb:47:22:21:61:e6:11:17:e2:e5:3a:dd:4e:
3e:48:ac:43:47:fb:b7:8d:67:e1:ed:d9:d1:a6:a4:
ff:7b:a9:c0:98:27:cf:07:5b:4c:78:a4:b8:ec:38:
57:91:6b:4f:59:23:68:d8:95:58:23:a0:80:a4:35:
7d:bb:0d:4f:b2:a7:3a:e4:34:e2:50:73:0d:55:9b:
96:12:af:87:ed:28:e0:4f:b5:73:9d:60:8a:cf:c5:
82:18:e4:ab:b6:2a:63:2d:69:43:be:11:09:c6:36:
30:f9:7f:df:4c:0f:ee:03:37:09:9b:34:75:4b:6c:
48:fc:b7:51:1e:5f:14:5a:a5:84:11:53:76:c3:79:
4a:c5:2f:82:77:97:36:77:f8:ea:73:4d:86:8e:a8:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:44:E2:B5:6D:CB:DF:13:4D:DA:33:2F:9B:FC:EE:AB:CC:D3:44:3A
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/hkTitW3L3xNN2jMvm_zuq8zTRDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.200.0/24
89.116.54.0/24
89.116.135.0/24
89.116.221.0/24
Signature Algorithm: sha256WithRSAEncryption
04:b5:91:c7:e3:74:e4:72:2e:47:a2:ae:07:43:2f:fb:1b:63:
8f:b4:e0:6c:0f:ec:f3:ec:17:64:79:02:11:c2:71:e7:7b:e9:
18:99:f0:0f:8f:7d:d8:d3:d9:88:b0:ba:9f:b5:08:e0:61:f2:
3d:d9:38:47:3e:ac:b5:85:b6:40:7e:05:5e:31:db:0b:1f:43:
6f:da:1d:b3:62:cf:ab:2e:db:5d:fd:c1:ab:a4:89:37:3b:85:
3f:0c:57:2a:33:8b:40:82:25:7c:77:36:f0:d6:9c:7e:43:9e:
13:d0:48:aa:f8:1c:30:1e:50:d5:aa:51:05:00:b6:8c:29:bc:
75:9e:a5:ab:3d:1f:a5:7e:02:87:0b:53:e5:fc:55:7c:ac:28:
4c:79:a9:65:19:93:0a:8d:d9:3f:50:5a:c3:8e:54:12:16:6d:
7a:7a:e9:8a:9b:a8:fc:48:f4:83:97:07:db:20:67:55:e4:09:
82:41:82:a6:9f:8a:c6:2f:e5:8b:ec:ec:48:a4:fd:13:eb:84:
4a:b0:61:79:ab:25:85:9f:bd:48:0f:e9:d0:99:3c:35:55:64:
60:6d:ca:37:6c:26:98:71:0e:13:47:88:71:45:07:5a:ba:80:
9a:e7:8a:8d:b4:52:f2:8e:25:05:b0:dd:5f:e0:a3:6f:6c:c1:
99:46:91:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQeJ8uv4DEPlue8LH+hFP23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ0ZTJiNTZkY2JkZjEzNGRkYTMzMmY5YmZjZWVhYmNjZDM0NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoujxkPRr51bLMAd3gn5bSes2jS1b
muGYzre+fXkfSQze1rhHPMxqsJ+wcPfrEGtoiQU4Bv4X5ZY/85OYl18WIXZOIJcY
XsFjlussI2euF8owYAUunrvgJETbVnlGLBXubSWGWPO6S7yR8etHIiFh5hEX4uU6
3U4+SKxDR/u3jWfh7dnRpqT/e6nAmCfPB1tMeKS47DhXkWtPWSNo2JVYI6CApDV9
uw1Psqc65DTiUHMNVZuWEq+H7SjgT7VznWCKz8WCGOSrtipjLWlDvhEJxjYw+X/f
TA/uAzcJmzR1S2xI/LdRHl8UWqWEEVN2w3lKxS+Cd5c2d/jqc02GjqgLfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIZE4rVty98TTdozL5v87qvM00Q6MB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvaGtUaXRXM0wzeE5OMmpNdm1fenVxOHpUUkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVC7IAwQA
WXQ2AwQAWXSHAwQAWXTdMA0GCSqGSIb3DQEBCwUAA4IBAQAEtZHH43Tkci5Hoq4H
Qy/7G2OPtOBsD+zz7BdkeQIRwnHne+kYmfAPj33Y09mIsLqftQjgYfI92ThHPqy1
hbZAfgVeMdsLH0Nv2h2zYs+rLttd/cGrpIk3O4U/DFcqM4tAgiV8dzbw1px+Q54T
0Eiq+BwwHlDVqlEFALaMKbx1nqWrPR+lfgKHC1Pl/FV8rChMeallGZMKjdk/UFrD
jlQSFm16eumKm6j8SPSDlwfbIGdV5AmCQYKmn4rGL+WL7OxIpP0T64RKsGF5qyWF
n71ID+nQmTw1VWRgbco3bCaYcQ4TR4hxRQdauoCa54qNtFLyjiUFsN1f4KNvbMGZ
RpEB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org