Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/0gKP3hGs0MtwbRhrPxhdLVoSkdM.roa
File: 0gKP3hGs0MtwbRhrPxhdLVoSkdM.roa (raw, json)
Hash identifier: T3sARV640tNveRpyCfL5d+sBbpNbzjsYDrQbFkrYp3I=
Subject key identifier: D2:02:8F:DE:11:AC:D0:CB:70:6D:18:6B:3F:18:5D:2D:5A:12:91:D3
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0ACB7F19
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/0gKP3hGs0MtwbRhrPxhdLVoSkdM.roa
Signing time: Thu 12 May 2022 07:52:02 +0000
ROA not before: Thu 12 May 2022 07:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181108505 (0xacb7f19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 12 07:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2028fde11acd0cb706d186b3f185d2d5a1291d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f5:f8:7b:e9:bc:a7:22:6d:c0:96:4a:06:9e:
d6:7e:97:6b:68:49:f9:36:79:d2:8a:1b:6d:b8:4a:
93:7c:bf:e8:03:e0:6f:46:fd:90:93:53:09:ea:81:
d3:5c:e8:d7:8d:b6:27:9a:f4:77:8c:4f:7a:00:56:
14:be:4c:00:63:f2:03:b3:3a:e4:67:bb:a7:f9:9a:
88:2d:75:6a:89:07:e2:e0:86:79:ae:1a:9c:97:81:
b2:c3:5f:fe:1f:f2:e0:bf:db:39:22:2d:8a:73:48:
2f:74:22:77:e4:54:00:0a:ae:a2:0a:06:dc:26:39:
95:c0:51:74:2e:b6:58:13:9d:c2:75:08:47:99:c2:
f3:b6:c1:99:b4:bc:5f:72:b8:41:a7:36:f7:e0:78:
60:0b:56:00:fb:21:7d:85:71:30:b3:fa:52:9f:66:
d2:c2:d5:0f:2f:82:8d:0b:ad:06:d2:46:b7:3c:5a:
1f:29:4b:38:9b:4e:e7:c5:82:da:88:b7:72:54:36:
51:5c:d5:72:b3:a0:95:bc:46:bc:4b:13:dc:c1:91:
21:02:6a:7b:97:7d:20:cd:a8:6e:bd:1f:5f:cf:b3:
25:3c:85:d8:76:2a:d8:de:7e:dd:f5:e1:63:ed:e3:
d4:ef:59:57:15:81:13:e8:86:6a:83:02:87:b8:c7:
79:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:02:8F:DE:11:AC:D0:CB:70:6D:18:6B:3F:18:5D:2D:5A:12:91:D3
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/0gKP3hGs0MtwbRhrPxhdLVoSkdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.182.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0-89.116.128.255
89.116.130.0/23
89.116.135.0/24
89.116.141.0/24
89.116.148.0/23
89.116.156.0/24
89.116.158.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/23
89.116.255.0/24
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.96.0/22
89.117.102.0/23
89.117.109.0/24
89.117.112.0/22
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1f:b4:c0:30:b7:6d:75:cb:a3:2d:45:ad:39:4d:3a:53:ce:
c0:39:c3:23:c3:28:b6:29:7c:ac:81:55:16:19:90:99:67:11:
89:29:8e:c7:34:4f:00:58:51:1f:c0:d7:e2:44:1e:3d:69:aa:
50:51:d7:7d:9b:24:70:c5:a3:98:10:3a:5c:86:91:60:05:7e:
7c:2c:b6:da:0b:de:1e:51:c9:0d:37:8d:65:bf:16:93:a7:4f:
36:a6:27:d0:b4:91:f6:73:70:02:45:50:c8:ac:88:19:40:13:
13:e0:e3:92:95:bf:e5:25:dd:4f:67:7a:9f:36:c7:06:ec:ff:
ce:e1:0d:ac:b8:db:5a:12:35:66:f6:28:28:05:bd:d0:79:93:
94:ce:5c:cb:06:cc:f1:ce:83:89:af:a6:75:4b:14:5f:f5:fe:
8f:3a:b2:52:93:64:b5:b0:f1:00:91:e4:45:32:65:f7:f6:5c:
1b:19:83:36:d9:c6:40:31:07:ab:91:2b:3d:73:3e:b9:8d:70:
12:f5:7c:41:cc:dc:23:01:a4:aa:c1:ed:c2:ec:b4:22:62:92:
ee:34:d6:dd:99:de:55:9c:e4:7b:35:b1:a9:46:14:d5:f1:99:
8f:2c:10:27:aa:42:62:fb:cb:b0:d7:4a:6f:96:4c:76:e2:30:
8e:c0:37:e7
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIECst/GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MjA3NTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIwMjhmZGUxMWFj
ZDBjYjcwNmQxODZiM2YxODVkMmQ1YTEyOTFkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIL1+HvpvKcibcCWSgae1n6Xa2hJ+TZ50oobbbhKk3y/6APg
b0b9kJNTCeqB01zo1422J5r0d4xPegBWFL5MAGPyA7M65Ge7p/maiC11aokH4uCG
ea4anJeBssNf/h/y4L/bOSItinNIL3Qid+RUAAquogoG3CY5lcBRdC62WBOdwnUI
R5nC87bBmbS8X3K4Qac29+B4YAtWAPshfYVxMLP6Up9m0sLVDy+CjQutBtJGtzxa
HylLOJtO58WC2oi3clQ2UVzVcrOglbxGvEsT3MGRIQJqe5d9IM2obr0fX8+zJTyF
2HYq2N5+3fXhY+3j1O9ZVxWBE+iGaoMCh7jHeRsCAwEAAaOCAzkwggM1MB0GA1Ud
DgQWBBTSAo/eEazQy3BtGGs/GF0tWhKR0zAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzBnS1AzaEdzME10d2JSaHJQeGhkTFZvU2tkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AU0GCCsGAQUFBwEHAQH/BIIBPDCCATgwggE0BAIAATCCASwDBAFULuoDBAFWJrYD
BAFWJsoDBABZdDYDBABZdEYDBAFZdFgDBABZdGMDBABZdGcDBAFZdGoDBAFZdHAD
BABZdHMwDAMEAVl0fgMEAFl0gAMEAVl0ggMEAFl0hwMEAFl0jQMEAVl0lAMEAFl0
nAMEAFl0ngMEAFl0oQMEAFl0qwMEAFl0rwMEAFl0sQMEAFl0wQMEAFl0ywMEAll0
0AMEAFl02gMEAVl03AMEAFl03wMEAFl06QMEAVl0/AMEAFl0/wMEAVl1DAMEAVl1
GDAMAwQCWXUcAwQBWXUgAwQAWXVEAwQDWXVIAwQBWXVUAwQCWXVYAwQCWXVgAwQB
WXVmAwQAWXVtAwQCWXVwMAwDBABZdYEDBABZdYIDBAJZdYQDBAFZdY4DBABZddcw
DQYJKoZIhvcNAQELBQADggEBAG4ftMAwt211y6MtRa05TTpTzsA5wyPDKLYpfKyB
VRYZkJlnEYkpjsc0TwBYUR/A1+JEHj1pqlBR132bJHDFo5gQOlyGkWAFfnwsttoL
3h5RyQ03jWW/FpOnTzamJ9C0kfZzcAJFUMisiBlAExPg45KVv+Ul3U9nep82xwbs
/87hDay421oSNWb2KCgFvdB5k5TOXMsGzPHOg4mvpnVLFF/1/o86slKTZLWw8QCR
5EUyZff2XBsZgzbZxkAxB6uRKz1zPrmNcBL1fEHM3CMBpKrB7cLstCJiku401t2Z
3lWc5Hs1salGFNXxmY8sECeqQmL7y7DXSm+WTHbiMI7AN+c=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:17 2023 by rpki-client on console-ams.rpki-client.org