Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/GDXljfYVK7Iz6FoZW87FfxO7v9I.roa
File: GDXljfYVK7Iz6FoZW87FfxO7v9I.roa (raw, json)
Hash identifier: s1j+w1TCg503Yg8xAzL6rx5cG1ZHccLDex+CrCEGldw=
Subject key identifier: 18:35:E5:8D:F6:15:2B:B2:33:E8:5A:19:5B:CE:C5:7F:13:BB:BF:D2
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27D89094EF260AF7AE54685BC2689D
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/GDXljfYVK7Iz6FoZW87FfxO7v9I.roa
Signing time: Fri 28 Oct 2022 10:33:58 +0000
ROA not before: Fri 28 Oct 2022 10:33:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 89.117.70.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.148.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.226.0/23 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:d8:90:94:ef:26:0a:f7:ae:54:68:5b:c2:68:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1835e58df6152bb233e85a195bcec57f13bbbfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:de:d5:6b:1f:87:8b:74:28:4a:79:45:b0:
31:07:27:5c:ef:50:f3:a3:cf:e1:7e:82:67:3a:99:
76:3e:37:f1:75:03:c2:18:d7:2f:5d:ed:3a:18:64:
63:92:d3:29:63:9a:e4:53:14:5b:bd:2d:a5:2e:f2:
dd:65:aa:4b:f0:c0:ec:2a:dd:b9:53:60:b5:dc:de:
c3:86:ed:a6:69:c7:f8:dc:9f:9a:fd:69:bd:1f:13:
2c:2a:d7:df:ee:a4:f6:db:62:a6:5d:07:02:d2:e6:
99:f0:41:6e:f2:b0:f5:43:48:12:69:52:90:97:f4:
0f:79:5c:ec:e9:71:f4:75:69:ac:0b:bb:c2:ae:d0:
1d:45:bc:51:db:1a:bd:cf:a6:be:93:2f:8d:1f:cd:
c7:42:79:bf:4f:22:b1:ac:d6:49:b8:66:d4:b7:d8:
bd:71:a4:2f:c4:db:90:d0:29:13:e4:ed:0f:7a:26:
0a:10:cd:d0:b9:47:80:bf:6f:fb:65:fb:c5:45:42:
cc:c2:75:9f:62:2d:4b:f9:b8:7b:64:cc:d9:af:e6:
1f:29:71:64:dc:ee:2b:3c:fe:b7:b7:5a:68:24:ec:
8e:5d:b4:7e:82:c0:c2:3e:f8:82:0d:20:1c:c1:63:
c9:d6:63:ce:0e:7e:e9:0f:ec:56:42:8b:54:8c:97:
d3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:35:E5:8D:F6:15:2B:B2:33:E8:5A:19:5B:CE:C5:7F:13:BB:BF:D2
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/GDXljfYVK7Iz6FoZW87FfxO7v9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.182.0/23
89.116.130.0/23
89.116.148.0/23
89.117.6.0/23
89.117.12.0/23
89.117.24.0/23
89.117.36.0/23
89.117.70.0/23
89.117.158.0/23
89.117.226.0/23
Signature Algorithm: sha256WithRSAEncryption
04:49:52:85:d8:b0:2c:0c:65:ec:2b:d6:f7:22:50:a1:08:8e:
0f:77:0d:c3:7f:51:a9:79:60:46:61:71:0d:1d:42:d7:f0:71:
8c:81:4d:de:02:a7:3a:02:48:17:26:ee:a4:79:62:75:c9:86:
9a:60:5c:e1:1d:15:d3:90:c9:53:0a:5c:4a:8d:c9:d1:0b:97:
23:12:2b:25:45:07:bb:46:3b:b5:2a:a7:a2:a1:66:dd:cc:21:
26:a2:4a:65:98:4f:79:35:61:16:c8:22:62:46:f7:d7:f4:ff:
ed:5c:2e:9b:6a:34:14:2f:55:78:7e:1b:b5:8b:f0:cf:d1:a2:
91:d2:9e:9e:ed:f3:2d:bb:68:6b:da:84:f4:98:fd:17:18:ba:
23:33:55:34:99:20:84:59:a4:14:3a:a8:c6:df:23:7c:d0:d2:
ef:fa:41:28:ea:a4:90:ec:2b:e4:6b:d7:47:1f:ba:86:0b:23:
88:87:c6:0e:fe:d4:66:d6:89:c3:50:a2:05:0f:0c:ff:f5:fc:
55:e4:4b:4d:d8:05:39:a5:40:32:80:2b:17:e6:2b:6e:66:9f:
79:ee:5e:61:d4:e1:f5:6a:c9:b6:30:be:cf:57:41:d4:15:f5:
8c:bd:5b:0e:b4:87:2a:52:ff:09:11:b5:63:8d:29:3f:7f:c5:
04:8c:fe:c5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYQeJ9iQlO8mCveuVGhbwmidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM1ZTU4ZGY2MTUyYmIyMzNlODVhMTk1YmNlYzU3ZjEzYmJiZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsube1Wsfh4t0KEp5RbAxBydc71Dz
o8/hfoJnOpl2PjfxdQPCGNcvXe06GGRjktMpY5rkUxRbvS2lLvLdZapL8MDsKt25
U2C13N7Dhu2macf43J+a/Wm9HxMsKtff7qT222KmXQcC0uaZ8EFu8rD1Q0gSaVKQ
l/QPeVzs6XH0dWmsC7vCrtAdRbxR2xq9z6a+ky+NH83HQnm/TyKxrNZJuGbUt9i9
caQvxNuQ0CkT5O0PeiYKEM3QuUeAv2/7ZfvFRULMwnWfYi1L+bh7ZMzZr+YfKXFk
3O4rPP63t1poJOyOXbR+gsDCPviCDSAcwWPJ1mPODn7pD+xWQotUjJfTjQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBg15Y32FSuyM+haGVvOxX8Tu7/SMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvR0RYbGpmWVZLN0l6NkZvWlc4N0ZmeE83djlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBVia2AwQB
WXSCAwQBWXSUAwQBWXUGAwQBWXUMAwQBWXUYAwQBWXUkAwQBWXVGAwQBWXWeAwQB
WXXiMA0GCSqGSIb3DQEBCwUAA4IBAQAESVKF2LAsDGXsK9b3IlChCI4Pdw3Df1Gp
eWBGYXENHULX8HGMgU3eAqc6AkgXJu6keWJ1yYaaYFzhHRXTkMlTClxKjcnRC5cj
EislRQe7Rju1KqeioWbdzCEmokplmE95NWEWyCJiRvfX9P/tXC6bajQUL1V4fhu1
i/DP0aKR0p6e7fMtu2hr2oT0mP0XGLojM1U0mSCEWaQUOqjG3yN80NLv+kEo6qSQ
7Cvka9dHH7qGCyOIh8YO/tRm1onDUKIFDwz/9fxV5EtN2AU5pUAygCsX5ituZp95
7l5h1OH1asm2ML7PV0HUFfWMvVsOtIcqUv8JEbVjjSk/f8UEjP7F
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:25 2023 by rpki-client on console.sobornost.net