Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/41FftmWCLGW58-LomG80zFq0kzs.roa
File: 41FftmWCLGW58-LomG80zFq0kzs.roa (raw, json)
Hash identifier: bD5+jGvUtJrsL+ulkn6QHCNrP2x4iF8p2lmUb2E3Qhw=
Subject key identifier: E3:51:5F:B6:65:82:2C:65:B9:F3:E2:E8:98:6F:34:CC:5A:B4:93:3B
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0BB0EF06
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/41FftmWCLGW58-LomG80zFq0kzs.roa
Signing time: Fri 01 Jul 2022 05:45:03 +0000
ROA not before: Fri 01 Jul 2022 05:45:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.116.68.0/23 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196144902 (0xbb0ef06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 1 05:45:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3515fb665822c65b9f3e2e8986f34cc5ab4933b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:2e:c0:c2:27:90:b6:57:bd:d5:41:d8:90:
e1:fd:16:be:d8:f0:11:2f:8b:ed:d6:a1:c6:91:5c:
99:53:b4:7b:97:a3:01:48:d7:19:30:9b:45:dd:cf:
f5:79:2c:f5:08:13:3d:17:d4:d0:8d:13:2b:22:1b:
4b:d5:32:09:4d:92:16:c5:4d:19:ed:1d:0b:39:42:
b7:1d:de:8f:4e:55:27:f7:e2:ec:1b:23:cb:1c:8e:
f0:06:5b:ec:69:04:23:60:c5:8a:cf:23:60:ac:d3:
3d:68:ab:be:42:bb:79:07:d1:36:1d:8d:14:3a:b0:
6b:3f:1e:f0:a1:d0:8a:71:6c:5a:22:64:5d:7d:c1:
f0:f4:e6:14:29:0d:28:6a:28:c3:6f:ce:55:e0:59:
5f:26:ee:b2:55:ec:37:51:14:cd:c9:8e:83:19:de:
76:d2:84:bf:a9:e1:5e:36:97:6d:26:ed:97:7e:f1:
be:13:e3:15:5f:ce:f7:fa:25:b6:15:62:46:2d:10:
72:a4:78:0d:f9:5d:f1:57:fc:a3:4d:16:ed:14:da:
f0:fa:7e:08:9d:4a:55:dd:36:43:f0:19:9e:2f:5f:
eb:5f:ab:f6:3e:90:cd:6b:c5:0f:72:b6:1e:ca:bc:
a4:1b:ce:7e:6d:4c:e1:83:c7:13:a3:9d:a8:a3:d0:
84:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:51:5F:B6:65:82:2C:65:B9:F3:E2:E8:98:6F:34:CC:5A:B4:93:3B
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/41FftmWCLGW58-LomG80zFq0kzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.252.0/23
89.116.255.0/24
89.117.8.0/23
89.117.12.0/23
89.117.32.0/23
89.117.36.0/23
89.117.70.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.158.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
62:1e:c3:dc:ec:c0:8d:1d:76:5c:bf:45:8a:c8:54:3d:ec:ac:
b6:63:aa:df:39:dd:41:5f:d7:43:fc:6e:a0:ea:2a:ac:c8:c8:
31:ba:f0:cf:03:cb:ec:d8:59:ee:32:9f:2c:f7:64:7b:22:7f:
cb:52:50:6a:82:fb:42:52:15:1c:24:99:9e:be:b0:12:d4:bd:
ea:7b:9c:19:cb:6d:fa:03:5e:13:62:3d:a8:c3:a5:25:69:09:
b2:65:3e:8f:59:cb:bd:fd:3b:71:d7:0b:01:22:01:ab:18:0b:
75:1d:67:e6:b2:b4:b0:55:ad:94:0b:ca:6f:ff:55:c2:5b:56:
b6:1b:18:8b:27:29:c0:10:dd:99:13:67:f9:16:22:be:d9:7f:
c6:90:09:f0:1f:d6:6a:46:50:1a:f4:81:be:99:7e:b0:23:5b:
88:f8:f8:fb:93:6c:ce:83:9e:8a:ab:d5:f9:f7:91:10:89:30:
40:8e:19:ca:8d:33:3f:12:13:68:fe:b4:dd:81:89:38:4a:02:
a9:18:b7:40:23:e7:74:7f:35:cc:d8:db:6a:e6:5f:31:eb:ba:
3a:b1:8a:e7:5e:1d:9c:1d:1b:30:23:fd:df:b3:19:2c:73:8b:
36:19:5d:f1:45:84:0a:c0:f8:2a:8d:33:43:75:38:77:ed:0e:
6e:35:d2:65
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIEC7DvBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDcw
MTA1NDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM1MTVmYjY2NTgy
MmM2NWI5ZjNlMmU4OTg2ZjM0Y2M1YWI0OTMzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeALsDCJ5C2V73VQdiQ4f0WvtjwES+L7dahxpFcmVO0e5ej
AUjXGTCbRd3P9Xks9QgTPRfU0I0TKyIbS9UyCU2SFsVNGe0dCzlCtx3ej05VJ/fi
7BsjyxyO8AZb7GkEI2DFis8jYKzTPWirvkK7eQfRNh2NFDqwaz8e8KHQinFsWiJk
XX3B8PTmFCkNKGoow2/OVeBZXybuslXsN1EUzcmOgxnedtKEv6nhXjaXbSbtl37x
vhPjFV/O9/olthViRi0QcqR4Dfld8Vf8o00W7RTa8Pp+CJ1KVd02Q/AZni9f61+r
9j6QzWvFD3K2Hsq8pBvOfm1M4YPHE6OdqKPQhM8CAwEAAaOCAxMwggMPMB0GA1Ud
DgQWBBTjUV+2ZYIsZbnz4uiYbzTMWrSTOzAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzQxRmZ0bVdDTEdXNTgtTG9tRzgwekZxMGt6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AScGCCsGAQUFBwEHAQH/BIIBFjCCARIwggEOBAIAATCCAQYDBAFWJrIDBAJWJrgD
BAFWJsoDBAFWJvYDBAFZdDoDBAFZdEQDBAFZdFgDBABZdFwwDAMEAVl0agMEAFl0
bDAMAwQAWXR9AwQHWXQAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkDBABZdI0w
DAMEAll0lAMEAFl0lgMEAFl0oQMEAFl0owMEAFl0pgMEAFl0szAMAwQDWXS4AwQA
WXS6AwQBWXTSAwQBWXT8AwQAWXT/AwQBWXUIAwQBWXUMAwQBWXUgAwQBWXUkAwQB
WXVGAwQBWXVeAwQBWXVmAwQBWXV0AwQBWXWeAwQAWXW+AwQAWXXeAwQBWXXkAwQA
WXX1AwQAWXX6MA0GCSqGSIb3DQEBCwUAA4IBAQBiHsPc7MCNHXZcv0WKyFQ97Ky2
Y6rfOd1BX9dD/G6g6iqsyMgxuvDPA8vs2FnuMp8s92R7In/LUlBqgvtCUhUcJJme
vrAS1L3qe5wZy236A14TYj2ow6UlaQmyZT6PWcu9/Ttx1wsBIgGrGAt1HWfmsrSw
Va2UC8pv/1XCW1a2GxiLJynAEN2ZE2f5FiK+2X/GkAnwH9ZqRlAa9IG+mX6wI1uI
+Pj7k2zOg56Kq9X595EQiTBAjhnKjTM/EhNo/rTdgYk4SgKpGLdAI+d0fzXM2Ntq
5l8x67o6sYrnXh2cHRswI/3fsxksc4s2GV3xRYQKwPgqjTNDdTh37Q5uNdJl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org