Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/rQNzTlagUok59H7B2nhlcFbisKE.roa
File: rQNzTlagUok59H7B2nhlcFbisKE.roa (raw, json)
Hash identifier: TpVZrg/zWLysZgYujwSOKkNjIzzlm7gajSWaLCNHvyE=
Subject key identifier: AD:03:73:4E:56:A0:52:89:39:F4:7E:C1:DA:78:65:70:56:E2:B0:A1
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27DDDE3E6516B48F2739853A7C901A
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/rQNzTlagUok59H7B2nhlcFbisKE.roa
Signing time: Fri 28 Oct 2022 10:33:59 +0000
ROA not before: Fri 28 Oct 2022 10:33:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.94.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:dd:de:3e:65:16:b4:8f:27:39:85:3a:7c:90:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad03734e56a0528939f47ec1da78657056e2b0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:58:72:5f:aa:37:9b:75:93:36:57:38:f9:
b4:18:71:7d:98:88:5b:c5:4e:06:9d:44:c3:75:57:
90:86:4e:bb:7c:ca:28:43:cf:02:04:cc:15:7b:3d:
62:22:72:c6:0b:28:a6:06:7f:6c:f4:e2:e2:3c:e0:
8e:4f:9e:86:96:2d:30:f8:bf:92:07:5e:1c:d7:2b:
2f:8a:57:fc:83:fc:de:e8:6e:6e:b9:40:49:12:bd:
5d:49:78:a3:a4:e6:42:c2:6a:fb:ca:50:68:af:2d:
a4:79:8a:ca:f4:4d:49:4e:1f:93:aa:ec:e1:6d:6b:
c4:7e:91:b6:6c:1e:95:c3:7a:54:1f:ef:87:bf:7a:
2a:cb:c8:88:b6:1f:87:f2:0f:1f:9a:bc:5d:31:aa:
8a:3a:fa:4b:ff:bc:51:ce:d1:fd:a5:55:c9:51:34:
f6:01:c4:3a:67:c1:7b:42:58:bc:5b:f3:38:e1:dd:
a3:1f:5b:0a:c0:24:6c:32:c2:1c:a6:b6:f5:5c:1d:
e9:8e:85:db:db:78:5b:71:28:12:66:e9:ac:06:04:
8e:70:c3:e8:5b:0a:0d:17:70:f8:5d:1e:6b:ad:cf:
b5:73:2e:19:9e:4d:b6:b2:46:79:3e:0f:ef:c4:34:
62:b6:c3:af:f8:99:00:79:00:44:c4:c2:cb:83:7e:
af:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:03:73:4E:56:A0:52:89:39:F4:7E:C1:DA:78:65:70:56:E2:B0:A1
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/rQNzTlagUok59H7B2nhlcFbisKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.210.0/23
89.116.252.0/24
89.117.8.0/23
89.117.32.0/23
89.117.94.0/23
89.117.116.0/23
89.117.190.0/24
89.117.222.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:98:5f:d2:e2:22:24:16:54:77:13:5a:09:93:b7:bb:ef:12:
b5:a0:cb:0d:d9:48:3d:9b:c6:2f:c0:c6:15:de:56:ca:b8:ac:
aa:53:84:3f:27:d6:a6:d0:45:8f:b8:c9:d0:18:03:b9:48:3c:
94:82:ac:77:08:7c:52:03:67:3f:48:f2:5b:f5:05:07:e2:89:
8c:6f:c8:43:0f:bf:4a:23:6f:88:ed:e2:44:b9:30:47:ce:26:
bf:69:8f:65:e1:11:8a:82:4e:00:5d:12:e8:e3:58:27:57:91:
5e:4c:30:81:ee:db:c0:dd:ed:00:6b:b7:f7:e7:65:cf:81:42:
ae:1b:91:80:5e:8d:b1:81:12:b2:87:ef:bd:8c:3a:d8:ad:75:
2d:d5:c2:e4:cb:0d:23:43:fb:1e:f7:00:e4:fc:69:f6:a7:f9:
20:00:3c:32:c0:ca:95:9a:1e:47:d4:7e:34:54:01:7d:98:af:
86:52:7a:fc:2b:69:b5:3f:9c:62:10:cc:c8:f8:0f:28:f8:cf:
0b:69:49:f8:7d:84:07:53:81:98:64:34:f7:56:7c:e5:d4:33:
eb:9e:5b:2b:30:3b:05:56:9d:9e:7c:44:f7:7c:77:50:8e:e0:
ad:9a:f0:20:0d:f2:04:be:25:46:10:39:9c:d7:d4:e7:95:71:
0f:e1:ad:2d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYQeJ93ePmUWtI8nOYU6fJAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDAzNzM0ZTU2YTA1Mjg5MzlmNDdlYzFkYTc4NjU3MDU2ZTJiMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmBYcl+qN5t1kzZXOPm0GHF9mIhb
xU4GnUTDdVeQhk67fMooQ88CBMwVez1iInLGCyimBn9s9OLiPOCOT56Gli0w+L+S
B14c1ysvilf8g/ze6G5uuUBJEr1dSXijpOZCwmr7ylBory2keYrK9E1JTh+Tquzh
bWvEfpG2bB6Vw3pUH++Hv3oqy8iIth+H8g8fmrxdMaqKOvpL/7xRztH9pVXJUTT2
AcQ6Z8F7Qli8W/M44d2jH1sKwCRsMsIcprb1XB3pjoXb23hbcSgSZumsBgSOcMPo
WwoNF3D4XR5rrc+1cy4Znk22skZ5Pg/vxDRitsOv+JkAeQBExMLLg36vpQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFK0Dc05WoFKJOfR+wdp4ZXBW4rChMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvclFOelRsYWdVb2s1OUg3QjJuaGxjRmJpc0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAVYm
sgMEAlYmuAMEAVYmygMEAVYm9gMEAFl0bAMEAFl0hAMEAFl0hwMEAFl0lgMEAFl0
oQMEAFl0owMEAFl0pgMEAVl00gMEAFl0/AMEAVl1CAMEAVl1IAMEAVl1XgMEAVl1
dAMEAFl1vgMEAFl13gMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAv5hf
0uIiJBZUdxNaCZO3u+8StaDLDdlIPZvGL8DGFd5WyrisqlOEPyfWptBFj7jJ0BgD
uUg8lIKsdwh8UgNnP0jyW/UFB+KJjG/IQw+/SiNviO3iRLkwR84mv2mPZeERioJO
AF0S6ONYJ1eRXkwwge7bwN3tAGu39+dlz4FCrhuRgF6NsYESsofvvYw62K11LdXC
5MsNI0P7HvcA5Pxp9qf5IAA8MsDKlZoeR9R+NFQBfZivhlJ6/CtptT+cYhDMyPgP
KPjPC2lJ+H2EB1OBmGQ091Z85dQz655bKzA7BVadnnxE93x3UI7grZrwIA3yBL4l
RhA5nNfU55VxD+GtLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org