Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/5--ATc-VsxyCjNgF6hBnM2YGCOk.roa
File: 5--ATc-VsxyCjNgF6hBnM2YGCOk.roa (raw, json)
Hash identifier: EJBzWR0BL3o7QbHKPQlqao8DtTctHmTEkEcdGmlfsFI=
Subject key identifier: E7:EF:80:4D:CF:95:B3:1C:82:8C:D8:05:EA:10:67:33:66:06:08:E9
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182CEB5795C9A4484663964773999669AAD
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/5--ATc-VsxyCjNgF6hBnM2YGCOk.roa
Signing time: Wed 24 Aug 2022 07:16:15 +0000
ROA not before: Wed 24 Aug 2022 07:16:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.106.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:b5:79:5c:9a:44:84:66:39:64:77:39:99:66:9a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 24 07:16:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7ef804dcf95b31c828cd805ea106733660608e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ae:c4:15:c0:23:06:18:91:73:cd:8f:38:95:
a7:5b:63:ee:85:20:e3:2c:b2:91:c7:a1:d6:f5:ae:
bf:50:ed:ae:78:56:92:2d:14:8c:1e:1b:a1:aa:25:
ef:8a:d8:e6:1b:81:2d:57:35:11:08:08:63:82:4c:
9d:82:96:fd:c5:00:e3:12:a2:15:9b:14:14:9b:fa:
cc:39:33:1b:e8:db:16:51:3d:89:3f:ab:f6:68:f8:
c2:2d:a2:b8:fe:9a:6d:4c:31:8b:75:7c:50:8a:a5:
5a:85:bb:f1:8d:22:5f:ae:2a:9f:11:e9:d8:58:dd:
21:9e:6f:d7:aa:10:af:a0:c3:95:ae:89:ef:af:94:
2c:68:4f:f8:41:c8:f9:9e:1a:67:04:b2:21:96:82:
76:a2:97:30:be:e5:17:c1:bf:93:7d:e3:7c:7d:56:
47:b6:6f:df:62:f1:d0:63:16:7b:62:51:49:17:63:
fe:37:67:98:e4:77:64:8d:d6:8c:d2:9d:dd:2c:08:
5e:53:54:03:ce:fe:a2:4b:42:7f:ee:62:97:dd:42:
ad:cd:9b:88:1a:27:17:97:a9:77:08:3f:cb:d5:15:
d6:a7:74:5a:bf:5b:3c:0d:72:64:bd:e3:e7:73:d9:
95:4d:03:69:46:7e:64:e0:b1:2a:80:ef:ab:13:69:
41:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EF:80:4D:CF:95:B3:1C:82:8C:D8:05:EA:10:67:33:66:06:08:E9
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/5--ATc-VsxyCjNgF6hBnM2YGCOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.132.0/24
89.116.135.0/24
89.116.148.0-89.116.150.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.12.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.102.0/23
89.117.109.0/24
89.117.112.0-89.117.117.255
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.158.0/23
89.117.190.0/24
89.117.215.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:90:f6:74:4d:0a:f0:7f:56:aa:e7:67:39:5f:ac:4d:85:c6:
11:12:ef:8b:62:e2:1d:d2:d6:6a:53:64:4b:65:36:f5:8b:cb:
1a:f9:57:d9:a0:3f:e5:ac:07:ed:b6:c1:94:05:ff:31:73:d3:
3e:21:96:2f:ba:98:21:e0:4e:6c:e1:b4:46:dd:66:c8:04:85:
90:34:9c:bb:a9:f5:7e:a6:8b:de:5e:94:cb:c5:90:f5:28:97:
39:43:83:31:cb:c8:ab:e7:ad:70:6b:6d:c0:88:45:82:6c:83:
00:8a:b5:e4:c3:fb:f0:f7:6c:7e:39:b5:fc:5d:29:e9:31:51:
47:65:2c:61:03:45:c5:d0:fd:1c:27:7a:54:7b:ec:75:1b:09:
69:ea:61:48:a0:b4:21:b7:1e:b7:86:5c:12:b1:92:22:16:bc:
af:20:09:e2:aa:81:c5:74:dc:45:e1:93:17:7c:38:e7:8e:c9:
1e:86:4c:81:44:16:8f:fa:87:f9:9a:f1:45:59:40:48:8e:f8:
1d:88:00:62:e1:41:ac:b6:e9:a6:b6:0f:ae:43:36:36:e9:59:
e1:f8:68:6b:d1:6b:1d:09:b2:54:03:ed:b6:2f:fd:96:d6:fd:
b2:89:07:a9:6e:d9:5a:55:63:2c:dc:f8:67:e6:4b:2d:2b:7d:
fe:b8:fa:14
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgISAYLOtXlcmkSEZjlkdzmZZpqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI0MDcxNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VmODA0ZGNmOTViMzFjODI4Y2Q4MDVlYTEwNjczMzY2MDYwOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK7EFcAjBhiRc82POJWnW2PuhSDj
LLKRx6HW9a6/UO2ueFaSLRSMHhuhqiXvitjmG4EtVzURCAhjgkydgpb9xQDjEqIV
mxQUm/rMOTMb6NsWUT2JP6v2aPjCLaK4/pptTDGLdXxQiqVahbvxjSJfriqfEenY
WN0hnm/XqhCvoMOVronvr5QsaE/4Qcj5nhpnBLIhloJ2opcwvuUXwb+TfeN8fVZH
tm/fYvHQYxZ7YlFJF2P+N2eY5HdkjdaM0p3dLAheU1QDzv6iS0J/7mKX3UKtzZuI
GicXl6l3CD/L1RXWp3Rav1s8DXJkvePnc9mVTQNpRn5k4LEqgO+rE2lBOwIDAQAB
o4IDPzCCAzswHQYDVR0OBBYEFOfvgE3PlbMcgozYBeoQZzNmBgjpMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvNS0tQVRjLVZzeHlDak5nRjZoQm5NMllHQ09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUwYIKwYBBQUHAQcBAf8EggFCMIIBPjCCAToEAgABMIIB
MgMEAVQu6gMEAVYmsgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OgMEAVl0WAMEAFl0
XDAMAwQBWXRqAwQAWXRsMAwDBABZdH0DBAdZdAADBABZdIQDBABZdIcwDAMEAll0
lAMEAFl0lgMEAFl0oQMEAFl0owMEAFl0pgMEAVl0rAMEAFl0rwMEAFl0sTAMAwQD
WXS4AwQAWXS6AwQBWXTSAwQAWXTaAwQAWXT8AwQBWXUIAwQBWXUMMAwDBAJZdRwD
BAFZdSADBAFZdSQDBANZdUgDBAFZdVQDBAJZdVgDBAFZdV4DBAFZdWYDBABZdW0w
DAMEBFl1cAMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAVl1ngMEAFl1vgMEAFl1
1wMEAVl15AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEALJD2dE0K8H9W
qudnOV+sTYXGERLvi2LiHdLWalNkS2U29YvLGvlX2aA/5awH7bbBlAX/MXPTPiGW
L7qYIeBObOG0Rt1myASFkDScu6n1fqaL3l6Uy8WQ9SiXOUODMcvIq+etcGttwIhF
gmyDAIq15MP78Pdsfjm1/F0p6TFRR2UsYQNFxdD9HCd6VHvsdRsJaephSKC0Ibce
t4ZcErGSIha8ryAJ4qqBxXTcReGTF3w4547JHoZMgUQWj/qH+ZrxRVlASI74HYgA
YuFBrLbpprYPrkM2NulZ4fhoa9FrHQmyVAPtti/9ltb9sokHqW7ZWlVjLNz4Z+ZL
LSt9/rj6FA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org