Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/4i-n25LO_jpsXH-3JO74MYVpzUo.roa
File: 4i-n25LO_jpsXH-3JO74MYVpzUo.roa (raw, json)
Hash identifier: no6KDe9cgr9FeMyNujQgGoESg/Evf+KCU3t73aQLNe0=
Subject key identifier: E2:2F:A7:DB:92:CE:FE:3A:6C:5C:7F:B7:24:EE:F8:31:85:69:CD:4A
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0AC3AFA6
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/4i-n25LO_jpsXH-3JO74MYVpzUo.roa
Signing time: Tue 10 May 2022 07:09:34 +0000
ROA not before: Tue 10 May 2022 07:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.188.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.68.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180596646 (0xac3afa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 10 07:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e22fa7db92cefe3a6c5c7fb724eef8318569cd4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:be:3f:e1:33:23:23:68:65:e1:94:fb:0b:bc:
06:a0:cf:e4:b0:ab:78:bc:1a:ae:0c:e2:81:51:1b:
a2:ba:8f:96:df:3c:5f:1c:cd:05:99:fd:08:a2:1c:
59:1a:3e:66:8c:27:25:79:c8:db:80:2b:b8:6c:cd:
d7:18:df:80:f7:32:a3:bb:e4:32:29:78:2b:44:81:
10:70:a2:0b:a6:d6:81:ec:c2:0a:43:e8:bc:42:66:
b1:ae:07:8a:14:ef:c2:70:e8:8c:fc:61:84:01:8d:
0d:fb:a6:2f:e1:6e:30:f1:76:da:66:ef:39:e8:a5:
bc:33:8d:64:43:f6:b9:fb:8e:8a:ae:44:64:94:ce:
cd:f1:a2:59:66:f5:c1:70:10:ac:28:5c:93:57:f4:
0c:13:00:3b:7e:8c:5a:29:3f:58:de:9d:30:7e:5a:
c4:63:bb:8f:98:d7:dc:fc:42:84:e1:d8:f7:fb:99:
9c:b7:60:ad:05:63:6c:23:57:92:9d:63:bd:5a:30:
e8:7d:33:16:e4:7d:b0:c4:08:54:3c:f7:38:8b:1b:
b7:d9:c3:14:bc:b5:c3:4c:b0:6a:72:e8:c6:89:09:
24:aa:c7:c3:65:a1:a5:36:d5:1c:6c:da:ea:2b:af:
c6:ce:d4:07:d2:08:42:38:f3:95:a8:9b:af:65:01:
03:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2F:A7:DB:92:CE:FE:3A:6C:5C:7F:B7:24:EE:F8:31:85:69:CD:4A
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/4i-n25LO_jpsXH-3JO74MYVpzUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.182.0-86.38.187.255
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.128.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.153.0-89.116.154.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.210.0/23
89.116.252.0/23
89.116.255.0/24
89.117.6.0-89.117.9.255
89.117.12.0/23
89.117.32.0/23
89.117.36.0/23
89.117.64.0/22
89.117.70.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.139.0/24
89.117.158.0-89.117.163.255
89.117.188.0/24
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
54:80:5a:20:7a:a2:2a:5f:44:cf:a4:40:f2:94:df:00:3b:a6:
6f:2f:42:e1:9a:90:aa:6a:93:c2:db:5c:67:b7:2e:0f:ea:b1:
7c:83:7d:77:f4:c8:8f:f9:f6:34:60:e0:dc:03:ce:26:d9:72:
6b:60:ab:22:ab:f9:83:c4:3f:1d:74:37:61:34:a7:af:b0:d7:
7a:24:24:69:b5:0a:a6:f2:dc:11:f7:8f:15:d7:61:fb:5f:20:
22:02:ae:39:a7:bd:f3:78:9b:be:f8:2b:17:53:17:17:63:bc:
35:22:a9:f1:4d:c1:fe:5c:6b:13:eb:39:04:37:2f:fd:ff:03:
e6:2f:20:b2:a7:2b:28:b8:27:21:96:90:83:dd:d9:61:a1:72:
29:ee:6a:8f:2a:0d:e7:1e:22:31:ee:f7:cc:40:02:99:82:9f:
28:a6:67:fa:5c:15:6a:19:39:21:a3:a5:47:cb:4d:a8:00:77:
51:e2:03:49:7b:6a:a9:e8:e1:7c:87:19:b2:dc:d3:95:32:4c:
91:3e:cf:4d:14:23:36:a9:06:ec:27:27:19:7f:32:e8:ce:e3:
1f:44:b5:b8:80:97:c6:9d:5a:db:3a:d5:b7:3b:3a:29:cd:39:
46:d9:d8:5f:9e:c6:18:27:14:df:70:15:44:71:da:0c:77:bb:
15:01:39:45
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgIECsOvpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MDA3MDkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTIyZmE3ZGI5MmNl
ZmUzYTZjNWM3ZmI3MjRlZWY4MzE4NTY5Y2Q0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI++P+EzIyNoZeGU+wu8BqDP5LCreLwargzigVEborqPlt88
XxzNBZn9CKIcWRo+ZownJXnI24AruGzN1xjfgPcyo7vkMil4K0SBEHCiC6bWgezC
CkPovEJmsa4HihTvwnDojPxhhAGNDfumL+FuMPF22mbvOeilvDONZEP2ufuOiq5E
ZJTOzfGiWWb1wXAQrChck1f0DBMAO36MWik/WN6dMH5axGO7j5jX3PxChOHY9/uZ
nLdgrQVjbCNXkp1jvVow6H0zFuR9sMQIVDz3OIsbt9nDFLy1w0ywanLoxokJJKrH
w2WhpTbVHGza6iuvxs7UB9IIQjjzlaibr2UBA70CAwEAAaOCA1kwggNVMB0GA1Ud
DgQWBBTiL6fbks7+Omxcf7ck7vgxhWnNSjAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzRpLW4yNUxPX2pwc1hILTNKTzc0TVlWcHpVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AW0GCCsGAQUFBwEHAQH/BIIBXDCCAVgwggFUBAIAATCCAUwDBAFWJrIwDAMEAVYm
tgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OgMEAVl0RAMEAVl0WAMEAFl0XDAMAwQB
WXRqAwQAWXRsMAwDBABZdH0DBABZdIAwDAMEAVl0ggMEAFl0hAMEAFl0hwMEAFl0
iQMEAFl0jTAMAwQCWXSUAwQAWXSWMAwDBABZdJkDBABZdJoDBABZdKEDBABZdKMD
BABZdKYDBABZdLMwDAMEA1l0uAMEAFl0ujAMAwQAWXS9AwQAWXS+AwQBWXTSAwQB
WXT8AwQAWXT/MAwDBAFZdQYDBAFZdQgDBAFZdQwDBAFZdSADBAFZdSQDBAJZdUAD
BAFZdUYDBAFZdV4DBAFZdWYDBAFZdXQDBABZdYswDAMEAVl1ngMEAll1oAMEAFl1
vAMEAFl1vgMEAFl13gMEAVl15AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOC
AQEAVIBaIHqiKl9Ez6RA8pTfADumby9C4ZqQqmqTwttcZ7cuD+qxfIN9d/TIj/n2
NGDg3APOJtlya2CrIqv5g8Q/HXQ3YTSnr7DXeiQkabUKpvLcEfePFddh+18gIgKu
Oae983ibvvgrF1MXF2O8NSKp8U3B/lxrE+s5BDcv/f8D5i8gsqcrKLgnIZaQg93Z
YaFyKe5qjyoN5x4iMe73zEACmYKfKKZn+lwVahk5IaOlR8tNqAB3UeIDSXtqqejh
fIcZstzTlTJMkT7PTRQjNqkG7CcnGX8y6M7jH0S1uICXxp1a2zrVtzs6Kc05RtnY
X57GGCcU33AVRHHaDHe7FQE5RQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org