Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2Vl6zK3c-0iUhLZ4MIs9lOrvj_o.roa
File: 2Vl6zK3c-0iUhLZ4MIs9lOrvj_o.roa (raw, json)
Hash identifier: UsMJXzuyuD6OqWO3lYvnyYotjTK5dejG4ksgU1QK8vU=
Subject key identifier: D9:59:7A:CC:AD:DC:FB:48:94:84:B6:78:30:8B:3D:94:EA:EF:8F:FA
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182CF52F340C53F84A0AE900507A52B24BC
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2Vl6zK3c-0iUhLZ4MIs9lOrvj_o.roa
Signing time: Wed 24 Aug 2022 10:08:16 +0000
ROA not before: Wed 24 Aug 2022 10:08:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:52:f3:40:c5:3f:84:a0:ae:90:05:07:a5:2b:24:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 24 10:08:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9597accaddcfb489484b678308b3d94eaef8ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1e:5b:5c:e8:56:be:89:9f:3d:9b:90:05:55:
44:51:56:85:1c:10:c6:e8:c0:9a:00:2f:24:47:75:
25:f5:85:68:d9:a7:42:75:60:9f:ba:f1:b0:7b:3e:
b6:21:0c:87:13:de:9e:b3:32:5e:b7:10:a1:bb:d5:
c1:f5:ea:29:37:b4:e3:5d:d4:ab:17:5b:78:3c:66:
a2:dc:d0:d4:7e:60:42:34:e3:a8:17:80:9c:8d:13:
2b:f1:a6:ab:14:30:47:c3:0b:47:1e:02:89:8b:4f:
b0:3c:4b:2f:67:ed:0f:61:66:69:99:a3:24:4b:0b:
34:96:da:38:1d:12:04:ff:15:85:84:f8:82:8f:4f:
61:b7:5b:d3:bd:14:0b:f3:6a:c3:98:9e:be:e4:1e:
ea:c7:7c:af:0d:11:35:a6:d4:a2:e2:fe:d0:11:a9:
70:ba:dd:27:6e:8a:db:92:a8:23:62:90:99:1e:ab:
73:dd:d7:e2:22:25:41:2f:62:18:ee:3f:89:5f:9e:
98:cd:43:8f:14:e0:00:91:a2:e9:31:f9:fd:a1:07:
89:db:bb:dd:37:1a:c6:f7:c1:90:3a:7b:f2:85:c1:
2e:bf:fa:c2:e3:7f:5e:9d:40:93:66:c9:4d:4c:ea:
ce:2e:1c:67:ea:ac:82:99:a5:d9:4d:fa:52:73:b1:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:59:7A:CC:AD:DC:FB:48:94:84:B6:78:30:8B:3D:94:EA:EF:8F:FA
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/2Vl6zK3c-0iUhLZ4MIs9lOrvj_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.132.0/24
89.116.135.0/24
89.116.148.0-89.116.150.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.252.0/24
89.117.8.0/23
89.117.12.0/23
89.117.32.0/23
89.117.36.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.158.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ca:97:01:cf:b4:d4:35:d7:89:61:f8:4e:24:05:c1:fe:eb:
e8:72:3f:ee:94:1f:89:b4:ba:d8:66:78:25:e4:56:a7:69:28:
8c:e1:fc:78:11:f5:31:6d:a7:c4:cd:22:f4:d2:d8:8c:2b:07:
ba:cd:3c:4e:80:b3:50:57:10:3e:61:0d:2e:15:42:70:6c:9a:
be:9f:04:7a:a7:c9:b1:b6:68:99:25:af:1e:03:5d:80:11:fe:
76:a7:84:77:3e:56:72:18:b0:c1:b9:87:e7:81:58:7d:f9:5a:
23:5a:6b:50:99:d6:6b:a0:3f:e9:a3:e4:39:e4:ea:01:70:2b:
fa:f6:fc:92:22:48:ff:1d:83:6f:ff:db:ba:09:33:99:aa:74:
6c:c2:0f:e7:61:c8:25:b5:d3:a9:b0:31:d7:4f:51:0f:fa:c1:
9a:fd:62:93:2a:32:96:76:93:dc:e2:86:6f:0c:0e:dd:6b:5b:
b6:d1:2f:2e:34:dd:02:28:ad:b0:81:39:a9:93:84:90:fb:a8:
25:0e:13:d0:4d:48:82:15:68:e9:0d:4f:80:c3:4b:b7:62:80:
2e:12:a7:52:e9:4a:5a:6d:12:2f:9a:aa:1a:d7:2d:23:88:be:
d0:a3:f2:fd:c2:4f:82:cf:7b:2d:dc:c6:58:50:af:39:cd:f7:
64:fe:6a:5b
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYLPUvNAxT+EoK6QBQelKyS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI0MTAwODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU5N2FjY2FkZGNmYjQ4OTQ4NGI2NzgzMDhiM2Q5NGVhZWY4ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh5bXOhWvomfPZuQBVVEUVaFHBDG
6MCaAC8kR3Ul9YVo2adCdWCfuvGwez62IQyHE96eszJetxChu9XB9eopN7TjXdSr
F1t4PGai3NDUfmBCNOOoF4CcjRMr8aarFDBHwwtHHgKJi0+wPEsvZ+0PYWZpmaMk
Sws0lto4HRIE/xWFhPiCj09ht1vTvRQL82rDmJ6+5B7qx3yvDRE1ptSi4v7QEalw
ut0nborbkqgjYpCZHqtz3dfiIiVBL2IY7j+JX56YzUOPFOAAkaLpMfn9oQeJ27vd
NxrG98GQOnvyhcEuv/rC439enUCTZslNTOrOLhxn6qyCmaXZTfpSc7EL4wIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFNlZesyt3PtIlIS2eDCLPZTq74/6MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvMlZsNnpLM2MtMGlVaExaNE1JczlsT3J2al9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAFW
JrIDBAJWJrgDBAFWJsoDBAFWJvYDBAFZdDoDBAFZdFgDBABZdFwwDAMEAVl0agME
AFl0bDAMAwQAWXR9AwQHWXQAAwQAWXSEAwQAWXSHMAwDBAJZdJQDBABZdJYDBABZ
dKEDBABZdKMDBABZdKYwDAMEA1l0uAMEAFl0ugMEAVl00gMEAFl0/AMEAVl1CAME
AVl1DAMEAVl1IAMEAVl1JAMEAVl1XgMEAVl1ZgMEAVl1dAMEAVl1ngMEAFl1vgME
AFl13gMEAVl15AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAiMqXAc+0
1DXXiWH4TiQFwf7r6HI/7pQfibS62GZ4JeRWp2kojOH8eBH1MW2nxM0i9NLYjCsH
us08ToCzUFcQPmENLhVCcGyavp8EeqfJsbZomSWvHgNdgBH+dqeEdz5WchiwwbmH
54FYfflaI1prUJnWa6A/6aPkOeTqAXAr+vb8kiJI/x2Db//bugkzmap0bMIP52HI
JbXTqbAx109RD/rBmv1ikyoylnaT3OKGbwwO3WtbttEvLjTdAiitsIE5qZOEkPuo
JQ4T0E1IghVo6Q1PgMNLt2KALhKnUulKWm0SL5qqGtctI4i+0KPy/cJPgs97LdzG
WFCvOc33ZP5qWw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org