Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/2c293c-6df0-4112-b800-3c18bc87c65c/1/coVX8hxXpIRlCNiQQQqtJxV6npE.roa
File: coVX8hxXpIRlCNiQQQqtJxV6npE.roa (raw, json)
Hash identifier: gRckWBMppwyzFlR6MrB3wp5Y9V8D/IBeLNGmQLknXWg=
Subject key identifier: 72:85:57:F2:1C:57:A4:84:65:08:D8:90:41:0A:AD:27:15:7A:9E:91
Certificate issuer: /CN=8f1b7edf827db1366de571f00b4a5cfdb239cc61
Certificate serial: 1A793415
Authority key identifier: 8F:1B:7E:DF:82:7D:B1:36:6D:E5:71:F0:0B:4A:5C:FD:B2:39:CC:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxt-34J9sTZt5XHwC0pc_bI5zGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/2c293c-6df0-4112-b800-3c18bc87c65c/1/coVX8hxXpIRlCNiQQQqtJxV6npE.roa
Signing time: Sat 01 Jan 2022 13:00:16 +0000
ROA not before: Sat 01 Jan 2022 13:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45011
IP address blocks: 94.198.64.0/21 maxlen: 21
94.245.16.0/20 maxlen: 20
85.235.0.0/19 maxlen: 19
94.245.37.0/24 maxlen: 24
94.245.40.0/24 maxlen: 24
85.235.17.0/24 maxlen: 24
85.235.24.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
94.245.48.0/20 maxlen: 20
85.235.27.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.22.0/24 maxlen: 24
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
109.124.128.0/18 maxlen: 18
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
80.244.64.0/19 maxlen: 19
94.245.0.0/20 maxlen: 20
185.52.180.0/22 maxlen: 22
88.83.32.0/19 maxlen: 19
213.21.64.0/18 maxlen: 18
88.129.0.0/16 maxlen: 16
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.52.0/23 maxlen: 23
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
185.58.144.0/22 maxlen: 22
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.0.0/23 maxlen: 23
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.24.0/23 maxlen: 23
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
62.182.0.0/21 maxlen: 21
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
46.236.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
2a02:23c0::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444150805 (0x1a793415)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f1b7edf827db1366de571f00b4a5cfdb239cc61
Validity
Not Before: Jan 1 13:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=728557f21c57a4846508d890410aad27157a9e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:06:c3:a7:ac:ea:31:ce:5e:7d:76:ad:18:2b:
44:e9:d7:45:52:30:1c:29:78:c1:c7:67:dc:2f:c5:
db:69:09:6f:68:44:09:d0:51:17:b0:f3:3b:9f:35:
e4:0f:96:c8:87:c6:3f:3d:a7:90:03:e6:62:f9:5a:
9f:ac:71:57:cb:6f:84:1f:0d:0c:01:33:63:c4:19:
e1:8c:d0:7f:08:cc:d3:53:99:ed:b2:2d:7f:2f:6d:
71:2d:e3:3f:cc:45:56:6b:98:51:c7:1d:e7:24:fe:
94:88:d7:bd:53:0b:ce:10:c9:1f:67:1b:da:65:b8:
99:d6:e5:f7:b5:0b:88:07:28:e0:fd:db:c6:7d:51:
f9:e8:86:52:cf:de:0e:21:0e:8a:2a:de:57:1e:38:
3c:c2:2e:b3:d9:ca:f1:b5:dc:00:a5:1d:f3:9a:81:
08:cc:bf:fd:54:09:f1:58:de:a8:78:11:3c:84:0f:
91:ce:cb:59:9b:13:88:8b:44:bc:ca:a7:0b:cf:4d:
f9:a3:40:1e:4f:31:9c:65:c1:fb:48:a9:a1:b1:c4:
f3:49:bc:27:6e:7a:cf:6c:66:38:22:e1:91:a3:7a:
b2:28:96:b7:85:e0:f1:70:f0:c4:03:8e:70:8e:33:
64:7b:22:0d:82:12:db:8c:ec:cc:76:89:f7:e5:a8:
f7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:85:57:F2:1C:57:A4:84:65:08:D8:90:41:0A:AD:27:15:7A:9E:91
X509v3 Authority Key Identifier:
keyid:8F:1B:7E:DF:82:7D:B1:36:6D:E5:71:F0:0B:4A:5C:FD:B2:39:CC:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxt-34J9sTZt5XHwC0pc_bI5zGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2c293c-6df0-4112-b800-3c18bc87c65c/1/coVX8hxXpIRlCNiQQQqtJxV6npE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/2c293c-6df0-4112-b800-3c18bc87c65c/1/jxt-34J9sTZt5XHwC0pc_bI5zGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.64.0/18
62.182.0.0/21
80.244.64.0/19
85.235.0.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.236.0.0-89.236.9.255
89.236.11.0/24
89.236.15.0/24
89.236.17.0-89.236.26.255
89.236.35.0-89.236.38.255
89.236.47.0-89.236.48.255
89.236.53.0-89.236.59.255
94.198.64.0/21
94.245.0.0/19
94.245.37.0/24
94.245.40.0/24
94.245.48.0/20
109.124.128.0/18
185.52.180.0/22
185.58.144.0/22
213.21.64.0/18
213.142.0.0/19
213.185.4.0/24
213.185.6.0-213.185.10.255
213.185.12.0-213.185.17.255
213.185.20.0-213.185.22.255
213.185.24.0/24
213.185.26.0/24
217.72.52.0-217.72.54.255
217.72.56.0-217.72.62.255
IPv6:
2a01:b700::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
22:eb:ed:3e:78:f2:a5:75:87:90:88:99:49:3e:86:41:4f:03:
92:c6:6b:62:ad:9d:8f:e5:5b:3b:78:dd:43:ce:39:c3:ae:51:
1c:9a:0c:82:bc:7c:f5:4f:4d:5c:34:25:63:b8:09:ce:c9:a4:
72:44:dd:ca:09:ae:ed:c3:77:5d:77:6d:99:3d:2b:3a:9e:e2:
ad:96:19:13:7d:1c:5d:fe:fb:1c:10:59:14:ac:22:e7:57:8e:
55:d0:1b:1f:17:85:44:be:76:6d:26:73:67:a5:cd:0f:02:c6:
4f:d3:8f:25:a0:e0:82:3b:30:02:73:04:18:2f:17:a0:d8:9a:
0c:d9:19:29:56:c7:6f:54:46:09:a5:77:e1:fd:48:d6:bf:0f:
da:0c:78:fe:0c:18:ae:b3:3a:2e:7d:76:da:97:cd:e8:6f:d5:
73:d5:33:bf:95:66:49:5d:a0:d8:a1:88:ad:db:a4:91:27:e2:
e1:01:2b:0f:3d:79:52:0d:c4:a1:6c:99:06:60:ee:f0:08:2f:
08:4f:02:2c:5f:12:62:a8:d3:61:50:0f:e7:e4:f7:d9:bd:53:
7c:52:15:ef:9f:ff:05:d4:5a:8e:d8:f6:1d:ff:e2:9c:b8:23:
1a:0a:13:87:c8:87:d8:f9:51:b7:14:da:71:c9:c3:1e:af:34:
7e:40:c1:0d
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgIEGnk0FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjFiN2VkZjgyN2RiMTM2NmRlNTcxZjAwYjRhNWNmZGIyMzljYzYxMB4XDTIyMDEw
MTEzMDAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI4NTU3ZjIxYzU3
YTQ4NDY1MDhkODkwNDEwYWFkMjcxNTdhOWU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoGw6es6jHOXn12rRgrROnXRVIwHCl4wcdn3C/F22kJb2hE
CdBRF7DzO5815A+WyIfGPz2nkAPmYvlan6xxV8tvhB8NDAEzY8QZ4YzQfwjM01OZ
7bItfy9tcS3jP8xFVmuYUccd5yT+lIjXvVMLzhDJH2cb2mW4mdbl97ULiAco4P3b
xn1R+eiGUs/eDiEOiireVx44PMIus9nK8bXcAKUd85qBCMy//VQJ8VjeqHgRPIQP
kc7LWZsTiItEvMqnC89N+aNAHk8xnGXB+0ipobHE80m8J256z2xmOCLhkaN6siiW
t4Xg8XDwxAOOcI4zZHsiDYIS24zszHaJ9+Wo9xMCAwEAAaOCAzEwggMtMB0GA1Ud
DgQWBBRyhVfyHFekhGUI2JBBCq0nFXqekTAfBgNVHSMEGDAWgBSPG37fgn2xNm3l
cfALSlz9sjnMYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p4dC0zNEo5c1RadDVYSHdDMHBjX2JJNXpHRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvMmMyOTNjLTZkZjAtNDExMi1iODAwLTNjMThiYzg3YzY1Yy8x
L2NvVlg4aHhYcElSbENOaVFRUXF0SnhWNm5wRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
MmMyOTNjLTZkZjAtNDExMi1iODAwLTNjMThiYzg3YzY1Yy8xL2p4dC0zNEo5c1Ra
dDVYSHdDMHBjX2JJNXpHRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUUGCCsGAQUFBwEHAQH/BIIBNDCCATAwggEWBAIAATCCAQ4DBAYu7EADBAM+tgAD
BAVQ9EADBAVV6wADBAVX/UADBAVYUyADAwBYgTALAwMCWewDBAFZ7AgDBABZ7AsD
BABZ7A8wDAMEAFnsEQMEAFnsGjAMAwQAWewjAwQAWewmMAwDBABZ7C8DBABZ7DAw
DAMEAFnsNQMEAlnsOAMEA17GQAMEBV71AAMEAF71JQMEAF71KAMEBF71MAMEBm18
gAMEArk0tAMEArk6kAMEBtUVQAMEBdWOAAMEANW5BDAMAwQB1bkGAwQA1bkKMAwD
BALVuQwDBAHVuRAwDAMEAtW5FAMEANW5FgMEANW5GAMEANW5GjAMAwQC2Ug0AwQA
2Ug2MAwDBAPZSDgDBADZSD4wFAQCAAIwDgMFACoBtwADBQAqAiPAMA0GCSqGSIb3
DQEBCwUAA4IBAQAi6+0+ePKldYeQiJlJPoZBTwOSxmtirZ2P5Vs7eN1DzjnDrlEc
mgyCvHz1T01cNCVjuAnOyaRyRN3KCa7tw3ddd22ZPSs6nuKtlhkTfRxd/vscEFkU
rCLnV45V0BsfF4VEvnZtJnNnpc0PAsZP048loOCCOzACcwQYLxeg2JoM2RkpVsdv
VEYJpXfh/UjWvw/aDHj+DBiuszoufXbal83ob9Vz1TO/lWZJXaDYoYit26SRJ+Lh
ASsPPXlSDcShbJkGYO7wCC8ITwIsXxJiqNNhUA/n5PfZvVN8UhXvn/8F1FqO2PYd
/+KcuCMaChOHyIfY+VG3FNpxycMerzR+QMEN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:36 2023 by rpki-client on console-fra.rpki-client.org