Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/ybh7y9LjJWNtaHmz50vF7UQmgMI.roa
File: ybh7y9LjJWNtaHmz50vF7UQmgMI.roa (raw, json)
Hash identifier: kbA9UGny6rExFTYIDVw2ujbfdecdu9Fs1dt17/GZjxg=
Subject key identifier: C9:B8:7B:CB:D2:E3:25:63:6D:68:79:B3:E7:4B:C5:ED:44:26:80:C2
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27CCF558E5CBB2DCE9398D80F31AB4
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/ybh7y9LjJWNtaHmz50vF7UQmgMI.roa
Signing time: Fri 28 Oct 2022 10:33:55 +0000
ROA not before: Fri 28 Oct 2022 10:33:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.244.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.120.0/22 maxlen: 24
89.116.186.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:cc:f5:58:e5:cb:b2:dc:e9:39:8d:80:f3:1a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9b87bcbd2e325636d6879b3e74bc5ed442680c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fd:cf:8a:45:cd:e3:ae:87:63:3a:23:3b:05:
12:c7:65:1e:7c:5f:98:74:f7:12:e8:e5:f9:23:ff:
17:53:19:ef:3f:fb:22:c5:98:af:e7:67:f1:e3:9b:
8a:9c:d2:c6:57:9e:8d:de:0c:d8:05:56:df:bd:18:
5b:84:ef:2e:62:6f:8e:cb:c6:22:d2:dc:5f:60:5f:
48:e2:e4:bf:35:80:86:20:48:cb:91:9b:11:ab:ec:
61:8e:14:a1:d3:0c:d3:f7:a5:27:45:4d:3e:b5:36:
93:56:60:b5:98:8b:f7:d2:08:6a:41:e6:37:c6:08:
e0:e8:7f:6f:d4:0f:2c:b4:0f:f3:6f:7e:3f:28:a0:
52:d5:1c:5b:f7:f0:5c:66:b5:3f:49:f1:70:8f:ea:
7e:17:7a:ef:76:bf:65:50:30:c3:15:a3:2a:8c:c4:
f8:dc:e1:54:98:70:10:bd:bd:ce:e2:18:75:49:0a:
ca:30:9a:c3:27:3a:01:18:48:6e:e1:21:6e:d9:a0:
63:24:a3:91:d3:26:27:f9:b8:94:d0:ee:58:13:a9:
2f:70:16:4b:16:c4:4b:1d:a8:94:bf:40:ed:c3:b7:
e5:9d:8e:26:a4:71:25:5e:df:b2:bf:a6:4c:06:8f:
db:e9:05:b9:80:c9:36:a8:ae:f8:05:8b:88:12:c4:
a5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B8:7B:CB:D2:E3:25:63:6D:68:79:B3:E7:4B:C5:ED:44:26:80:C2
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/ybh7y9LjJWNtaHmz50vF7UQmgMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
89.116.123.0/24
89.116.186.0/24
89.116.212.0/22
89.116.244.0/24
89.116.250.0/24
89.117.72.0/21
89.117.88.0/22
89.117.112.0/22
89.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
79:83:a5:eb:c2:66:c2:04:cf:e0:11:4c:3f:54:46:10:9b:3a:
fa:f3:d5:56:10:47:59:e3:b3:34:14:aa:8b:f4:be:ec:7f:ac:
74:24:3f:f8:51:d1:fa:81:16:99:d4:46:2d:13:a3:83:93:66:
2f:c0:41:11:44:3f:e7:f4:35:54:47:a1:71:fe:a4:d6:cd:41:
35:e5:2b:24:50:60:08:45:31:63:61:0f:b9:48:08:c9:fc:ea:
9d:b2:af:d6:65:5d:32:83:7c:2e:a4:a6:26:d8:81:22:2b:21:
11:4b:1a:46:16:0e:54:4f:29:8a:fd:7e:e6:5e:f3:aa:2c:dc:
f2:26:86:14:4e:36:27:d1:5d:8c:83:cc:35:5b:d7:f0:30:5f:
26:e2:a1:58:88:bd:3b:c1:cb:d0:09:87:aa:34:7d:e6:0d:f6:
4f:49:6e:4e:c6:87:d4:f3:33:20:df:8d:87:10:a0:41:44:d9:
8e:35:58:fb:cc:6f:f1:cb:ce:57:a2:c7:19:87:a6:70:82:ec:
69:7a:55:a3:e4:e4:88:e1:d9:f3:67:47:c0:fc:08:14:73:8d:
39:ab:6e:02:cf:6a:03:8c:e5:cc:ec:a8:4b:d4:e8:f6:92:da:
7e:33:d0:91:f3:ce:15:29:63:ce:b0:d0:de:c5:bb:e1:54:d9:
94:5c:d9:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYQeJ8z1WOXLstzpOY2A8xq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWI4N2JjYmQyZTMyNTYzNmQ2ODc5YjNlNzRiYzVlZDQ0MjY4MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P3PikXN466HYzojOwUSx2UefF+Y
dPcS6OX5I/8XUxnvP/sixZiv52fx45uKnNLGV56N3gzYBVbfvRhbhO8uYm+Oy8Yi
0txfYF9I4uS/NYCGIEjLkZsRq+xhjhSh0wzT96UnRU0+tTaTVmC1mIv30ghqQeY3
xgjg6H9v1A8stA/zb34/KKBS1Rxb9/BcZrU/SfFwj+p+F3rvdr9lUDDDFaMqjMT4
3OFUmHAQvb3O4hh1SQrKMJrDJzoBGEhu4SFu2aBjJKOR0yYn+biU0O5YE6kvcBZL
FsRLHaiUv0Dtw7flnY4mpHElXt+yv6ZMBo/b6QW5gMk2qK74BYuIEsSlzQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMm4e8vS4yVjbWh5s+dLxe1EJoDCMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEveWJoN3k5TGpKV050YUhtejUwdkY3VVFtZ01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCVibYAwQA
WXR7AwQAWXS6AwQCWXTUAwQAWXT0AwQAWXT6AwQDWXVIAwQCWXVYAwQCWXVwAwQC
WXV4MA0GCSqGSIb3DQEBCwUAA4IBAQB5g6XrwmbCBM/gEUw/VEYQmzr689VWEEdZ
47M0FKqL9L7sf6x0JD/4UdH6gRaZ1EYtE6ODk2YvwEERRD/n9DVUR6Fx/qTWzUE1
5SskUGAIRTFjYQ+5SAjJ/Oqdsq/WZV0yg3wupKYm2IEiKyERSxpGFg5UTymK/X7m
XvOqLNzyJoYUTjYn0V2Mg8w1W9fwMF8m4qFYiL07wcvQCYeqNH3mDfZPSW5OxofU
8zMg342HEKBBRNmONVj7zG/xy85XoscZh6ZwguxpelWj5OSI4dnzZ0fA/AgUc405
q24Cz2oDjOXM7KhL1Oj2ktp+M9CR884VKWPOsNDexbvhVNmUXNmz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:37 2025 by rpki-client