Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ufOxg1do3bwTIDZ1IyH2pwCU-bc.roa
File: ufOxg1do3bwTIDZ1IyH2pwCU-bc.roa (raw, json)
Hash identifier: JmmtUcZHlBBaMlkULe8g49O7kmGcyfVwZtyCKP+bynE=
Subject key identifier: B9:F3:B1:83:57:68:DD:BC:13:20:36:75:23:21:F6:A7:00:94:F9:B7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 097D852E
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ufOxg1do3bwTIDZ1IyH2pwCU-bc.roa
Signing time: Fri 11 Feb 2022 21:33:32 +0000
ROA not before: Fri 11 Feb 2022 21:33:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.116.224.0/21 maxlen: 24
89.116.237.0/24 maxlen: 24
89.117.0.0/22 maxlen: 24
89.116.60.0/22 maxlen: 22
89.117.152.0/22 maxlen: 22
89.117.157.0/24 maxlen: 24
86.38.232.0/24 maxlen: 24
89.117.164.0/24 maxlen: 24
84.46.236.0/22 maxlen: 24
89.117.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159221038 (0x97d852e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 11 21:33:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9f3b1835768ddbc132036752321f6a70094f9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5d:e8:af:75:93:f3:1c:e0:9f:e4:08:97:f9:
e6:f5:7f:35:8a:06:73:31:43:d1:4f:63:4a:c1:40:
55:7f:74:d0:84:63:c9:00:f3:99:a3:fd:8b:0f:6a:
c3:8e:65:6f:7a:80:df:8f:5d:51:c1:2c:e8:91:e2:
e0:59:12:f7:f1:08:ce:87:b2:d6:f9:97:32:e3:07:
df:b9:76:f8:3f:13:9c:52:a5:ae:ee:70:bf:91:7f:
e3:20:d4:a0:e9:be:53:7e:0c:7b:10:29:ff:3a:5f:
24:7b:8b:c6:40:b8:4c:a6:08:c8:d8:a7:59:2f:d9:
bc:25:46:ee:40:41:94:6c:10:33:fc:8c:15:dd:b3:
c6:06:ae:6e:0b:51:d3:aa:0a:17:e5:ba:ad:08:dd:
07:fc:f2:c2:1c:0c:75:02:a4:da:0d:21:f0:be:ca:
78:91:0e:1a:78:c7:b8:b1:09:5c:68:59:b1:84:a2:
1d:00:79:0b:d4:39:bb:48:25:39:42:a2:79:74:85:
f5:92:03:1e:0d:4b:ed:fc:9e:96:6a:01:42:79:72:
c6:04:2b:4f:34:76:a0:71:ea:9b:c9:cb:31:09:ef:
3a:e8:b2:f1:92:95:f8:ac:1b:5f:10:38:63:64:80:
53:d5:8b:d2:75:ad:70:40:77:fe:75:f5:d7:0c:8c:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F3:B1:83:57:68:DD:BC:13:20:36:75:23:21:F6:A7:00:94:F9:B7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ufOxg1do3bwTIDZ1IyH2pwCU-bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.236.0/22
86.38.232.0/24
89.116.60.0/22
89.116.224.0/21
89.116.237.0/24
89.117.0.0/22
89.117.152.0/22
89.117.157.0/24
89.117.164.0/24
89.117.171.0/24
Signature Algorithm: sha256WithRSAEncryption
08:d5:0b:3e:c5:a8:b9:98:b5:13:bb:1e:e0:cc:53:05:5b:c8:
c4:f9:6b:73:ab:bf:9f:f4:f5:70:97:48:3c:7f:18:7e:98:8f:
ec:69:4d:ea:85:ad:5c:69:80:4f:6f:15:74:d3:01:47:dc:97:
7a:15:8b:bd:ff:ba:c5:6e:1b:b9:60:70:89:b0:75:65:4b:f1:
7a:ac:f2:b9:88:85:5b:74:e5:0c:5d:05:d6:71:35:26:80:b3:
0e:f2:6e:6a:85:d5:e6:cf:f0:d9:40:93:7b:28:13:31:f8:57:
48:54:66:49:bb:f6:da:13:78:c6:d8:76:53:14:b9:33:16:42:
49:01:65:ef:b3:50:1c:1b:7b:4b:d1:2d:d5:46:03:c8:7b:86:
4c:1f:a2:b7:d5:1a:9b:24:e7:00:5d:77:a7:d4:60:b9:39:fd:
0f:3b:97:e1:bc:a7:33:4c:90:20:bd:7c:e4:93:14:d9:93:f9:
a5:f9:5f:c2:b1:f9:a8:53:cd:08:b2:7e:bd:ed:c9:fa:82:38:
a0:f7:aa:d5:33:2f:67:be:e5:52:30:6a:7e:d9:52:a9:30:de:
a1:57:d0:11:df:8e:a3:f1:df:7c:ef:d7:fa:8f:c6:1c:5c:56:
97:92:5c:77:60:75:b6:75:55:4f:ab:b4:7d:0f:70:9b:e7:5b:
4a:00:7d:72
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECX2FLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIx
MTIxMzMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjlmM2IxODM1NzY4
ZGRiYzEzMjAzNjc1MjMyMWY2YTcwMDk0ZjliNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPJd6K91k/Mc4J/kCJf55vV/NYoGczFD0U9jSsFAVX900IRj
yQDzmaP9iw9qw45lb3qA349dUcEs6JHi4FkS9/EIzoey1vmXMuMH37l2+D8TnFKl
ru5wv5F/4yDUoOm+U34MexAp/zpfJHuLxkC4TKYIyNinWS/ZvCVG7kBBlGwQM/yM
Fd2zxgaubgtR06oKF+W6rQjdB/zywhwMdQKk2g0h8L7KeJEOGnjHuLEJXGhZsYSi
HQB5C9Q5u0glOUKieXSF9ZIDHg1L7fyelmoBQnlyxgQrTzR2oHHqm8nLMQnvOuiy
8ZKV+KwbXxA4Y2SAU9WL0nWtcEB3/nX11wyMvwsCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBS587GDV2jdvBMgNnUjIfanAJT5tzAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L3VmT3hnMWRvM2J3VElEWjFJeUgycHdDVS1iYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAlQu7AMEAFYm6AMEAll0PAMEA1l0
4AMEAFl07QMEAll1AAMEAll1mAMEAFl1nQMEAFl1pAMEAFl1qzANBgkqhkiG9w0B
AQsFAAOCAQEACNULPsWouZi1E7se4MxTBVvIxPlrc6u/n/T1cJdIPH8YfpiP7GlN
6oWtXGmAT28VdNMBR9yXehWLvf+6xW4buWBwibB1ZUvxeqzyuYiFW3TlDF0F1nE1
JoCzDvJuaoXV5s/w2UCTeygTMfhXSFRmSbv22hN4xth2UxS5MxZCSQFl77NQHBt7
S9Et1UYDyHuGTB+it9UamyTnAF13p9RguTn9DzuX4bynM0yQIL185JMU2ZP5pflf
wrH5qFPNCLJ+ve3J+oI4oPeq1TMvZ77lUjBqftlSqTDeoVfQEd+Oo/HffO/X+o/G
HFxWl5Jcd2B1tnVVT6u0fQ9wm+dbSgB9cg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:11 2023 by rpki-client on console.sobornost.net