Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/uo0pnB7oibvSe-Th_TJuUlB0wvI.roa
File: uo0pnB7oibvSe-Th_TJuUlB0wvI.roa (raw, json)
Hash identifier: q3NA1/hGer5LI+zJ2MlomVmIGDt0lykJzaYacdkmc6w=
Subject key identifier: BA:8D:29:9C:1E:E8:89:BB:D2:7B:E4:E1:FD:32:6E:52:50:74:C2:F2
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 0184332D3146F60E1B68CA28849A6CB66498
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/uo0pnB7oibvSe-Th_TJuUlB0wvI.roa
Signing time: Tue 01 Nov 2022 12:31:50 +0000
ROA not before: Tue 01 Nov 2022 12:31:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.245.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:2d:31:46:f6:0e:1b:68:ca:28:84:9a:6c:b6:64:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Nov 1 12:31:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba8d299c1ee889bbd27be4e1fd326e525074c2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6f:33:1d:61:2f:fc:29:2d:63:69:9a:c0:2c:
71:d7:c5:06:6a:37:d6:e8:eb:59:39:5d:02:56:48:
af:86:98:ed:90:2a:f5:1a:aa:51:d2:19:f1:0a:26:
29:32:ed:a5:c2:fb:58:0c:e9:0c:c5:77:8e:fe:c3:
ae:38:80:df:79:15:17:fd:13:3a:5f:2e:4a:e2:c6:
a9:9e:8f:2f:c4:f2:3d:15:be:12:6e:39:b8:16:72:
70:86:35:ca:89:4e:58:4e:18:a4:89:ab:91:65:30:
18:32:0a:4d:09:28:27:3f:ab:dd:0c:fe:5f:cd:ea:
56:7a:f8:e4:d7:25:8c:b0:03:9b:2a:b3:b5:13:fa:
6e:43:9b:a8:33:55:2c:d8:ba:2c:e1:b6:65:84:d9:
d5:cf:7f:f9:4f:95:4f:3d:3b:95:fc:f1:52:2a:3a:
6a:f3:8e:42:1a:1d:7c:46:a9:78:41:8c:94:b5:29:
00:96:fe:d4:81:c8:1a:df:93:32:12:5e:8c:fb:02:
84:a7:b0:a7:7f:d6:ca:e5:a5:6a:23:c7:30:b4:0d:
81:a6:3a:2d:09:1e:7e:0a:50:e5:c4:b9:5f:6f:d9:
d1:ed:0f:18:72:04:30:36:f3:73:8c:3e:b0:3c:05:
b3:5b:fc:c5:1e:aa:89:dd:9a:4c:84:ce:76:d6:ad:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8D:29:9C:1E:E8:89:BB:D2:7B:E4:E1:FD:32:6E:52:50:74:C2:F2
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/uo0pnB7oibvSe-Th_TJuUlB0wvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.210.0/23
89.116.218.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
05:7b:60:f3:58:a6:de:a2:3a:02:91:85:9d:eb:d3:15:ad:07:
3d:e2:99:66:94:49:f7:36:87:d1:41:a9:f7:a7:16:5a:2b:d7:
93:53:de:38:38:82:dd:22:f6:42:e6:e2:c9:d8:ae:39:58:cb:
6b:62:50:1e:d4:63:01:a8:c1:b4:a0:21:df:71:d7:b8:57:9c:
a3:21:9e:72:e2:01:40:16:ec:a3:42:b9:6b:c2:61:59:9c:0e:
17:de:9a:2a:53:c4:0d:5a:d4:86:71:e1:c1:24:fb:d9:c1:7a:
ef:80:e7:f4:14:1b:fc:7f:34:f5:38:ee:70:1d:b8:5b:e8:c5:
1a:fd:60:af:db:12:58:73:b8:1c:2c:fa:b4:c1:69:f9:68:d1:
e3:57:52:05:63:87:46:37:11:7f:19:c9:52:f9:ed:06:0b:18:
a4:9f:db:73:0d:90:4c:b4:cd:3e:0a:4c:3f:c6:f7:b1:e5:25:
28:8c:5f:87:5b:0c:4b:5c:6a:6e:fd:72:fb:da:69:ad:6a:88:
57:15:bb:62:7b:5f:f8:07:24:de:45:a2:0a:65:bf:36:77:15:
01:fd:32:fd:ee:e1:89:28:32:cd:aa:c8:61:96:96:5d:4e:12:
8f:8a:41:97:cf:c6:a8:c8:cd:1a:3e:cd:b9:33:16:da:44:26:
0b:50:91:e6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYQzLTFG9g4baMoohJpstmSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMTAxMTIzMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYThkMjk5YzFlZTg4OWJiZDI3YmU0ZTFmZDMyNmU1MjUwNzRjMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG8zHWEv/CktY2mawCxx18UGajfW
6OtZOV0CVkivhpjtkCr1GqpR0hnxCiYpMu2lwvtYDOkMxXeO/sOuOIDfeRUX/RM6
Xy5K4sapno8vxPI9Fb4Sbjm4FnJwhjXKiU5YThikiauRZTAYMgpNCSgnP6vdDP5f
zepWevjk1yWMsAObKrO1E/puQ5uoM1Us2Los4bZlhNnVz3/5T5VPPTuV/PFSKjpq
845CGh18Rql4QYyUtSkAlv7Ugcga35MyEl6M+wKEp7Cnf9bK5aVqI8cwtA2Bpjot
CR5+ClDlxLlfb9nR7Q8YcgQwNvNzjD6wPAWzW/zFHqqJ3ZpMhM521q3ABwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFLqNKZwe6Im70nvk4f0yblJQdMLyMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvdW8wcG5CN29pYnZTZS1UaF9USnVVbEIwd3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBAFZdNIDBABZ
dNoDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAMEAll1WAMEAVl1XgME
AFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgMEAFl19QMEAFl1+jAN
BgkqhkiG9w0BAQsFAAOCAQEABXtg81im3qI6ApGFnevTFa0HPeKZZpRJ9zaH0UGp
96cWWivXk1PeODiC3SL2QubiydiuOVjLa2JQHtRjAajBtKAh33HXuFecoyGecuIB
QBbso0K5a8JhWZwOF96aKlPEDVrUhnHhwST72cF674Dn9BQb/H809TjucB24W+jF
Gv1gr9sSWHO4HCz6tMFp+WjR41dSBWOHRjcRfxnJUvntBgsYpJ/bcw2QTLTNPgpM
P8b3seUlKIxfh1sMS1xqbv1y+9pprWqIVxW7Yntf+Ack3kWiCmW/NncVAf0y/e7h
iSgyzarIYZaWXU4Sj4pBl8/GqMjNGj7NuTMW2kQmC1CR5g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:48 2025 by rpki-client