Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9T4l6pTVsLVvNhzJbUMxJI5wtME.roa
File: 9T4l6pTVsLVvNhzJbUMxJI5wtME.roa (raw, json)
Hash identifier: OH94r83YgxZgSsLVM7P7z0h4pTucGArTTBLCcRgFkU0=
Subject key identifier: F5:3E:25:EA:94:D5:B0:B5:6F:36:1C:C9:6D:43:31:24:8E:70:B4:C1
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D8FEC45E777F561C8F9D6E81D39E1A23
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9T4l6pTVsLVvNhzJbUMxJI5wtME.roa
Signing time: Fri 26 Aug 2022 07:12:31 +0000
ROA not before: Fri 26 Aug 2022 07:12:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:fe:c4:5e:77:7f:56:1c:8f:9d:6e:81:d3:9e:1a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 26 07:12:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f53e25ea94d5b0b56f361cc96d4331248e70b4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bb:de:90:d6:a5:f2:40:1b:db:6b:7c:03:ef:
66:b1:cb:b6:bc:66:d7:ac:32:ef:d0:85:fc:59:ef:
99:98:b7:63:c7:af:bf:41:85:27:94:40:0f:0b:b1:
ef:60:82:ed:5b:20:6a:f6:ae:f8:70:27:86:0a:bd:
83:0e:d7:68:30:94:eb:d3:d9:0a:02:ea:41:3a:77:
b1:55:eb:11:e9:2b:ea:a9:0b:9a:c4:c7:b8:ba:e3:
a5:92:24:a9:d3:28:29:fe:27:e7:fa:9d:f6:34:ea:
10:6f:c5:d3:1a:9a:18:67:d3:80:c3:ed:7e:ae:68:
9c:05:46:dd:dc:1b:ef:6c:8b:43:16:19:8d:9b:1c:
9b:2f:39:3d:11:94:0e:72:90:0f:cd:36:5f:13:69:
8c:71:4a:b3:b6:ec:db:a5:81:dd:2a:69:35:1f:8e:
7d:ac:db:7a:71:68:a4:81:e1:d2:cc:2d:bf:e1:14:
4b:7b:f2:ba:9e:a3:1b:ad:55:27:9d:4a:ea:4c:b2:
20:99:70:c9:63:ca:1d:b6:2a:80:72:45:90:cb:dc:
71:e6:7e:61:bc:29:7a:f4:d3:04:b9:d2:5e:16:7a:
b3:d6:b0:37:57:3c:ce:34:fd:57:a1:31:65:b4:c6:
2a:5e:c4:2e:9e:91:ef:ee:22:6c:dc:81:83:10:e1:
8c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3E:25:EA:94:D5:B0:B5:6F:36:1C:C9:6D:43:31:24:8E:70:B4:C1
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/9T4l6pTVsLVvNhzJbUMxJI5wtME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.252.0/24
89.117.8.0/23
89.117.32.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:08:3e:78:92:a2:44:2a:8f:61:45:8b:d4:9e:e4:e6:86:a9:
8c:88:2a:b0:72:69:34:3b:cf:ef:7d:fb:8a:92:2d:7b:b4:c0:
f3:0c:f0:ab:21:cb:4d:b5:09:9e:8c:03:fc:02:44:3c:dc:c4:
a4:7b:51:a8:5c:d4:76:74:ff:b4:8b:86:03:4a:6b:0d:25:c3:
45:60:10:89:5f:8d:77:98:02:88:04:52:d6:a1:41:9a:cc:5d:
da:7d:fe:8c:e4:74:de:de:d8:88:ed:7f:42:b1:fa:b1:25:76:
a4:15:31:24:dd:65:e6:2c:ca:6b:25:e4:15:ab:fa:6c:f2:ec:
dc:90:e1:53:9a:f7:9b:b6:19:e4:7e:75:54:f4:cf:5b:03:04:
7a:83:3d:29:32:84:8c:85:50:eb:80:5c:7f:ce:f5:0e:c6:bf:
bb:b8:ea:13:a6:6f:96:11:b3:e0:d2:a8:b6:52:aa:34:dd:14:
6e:69:d0:9e:d8:7a:26:a3:f0:c7:04:09:46:e6:d0:4b:3d:9d:
20:a9:32:b8:d7:63:22:ea:d3:e3:d0:cc:e5:40:45:e6:f8:f9:
4d:37:d5:1c:07:58:2a:4b:0f:89:79:51:fd:31:ca:9b:bf:51:
b1:d6:a4:d6:ee:09:79:5e:6d:f6:ab:c7:f8:86:4b:9d:27:84:
d2:ea:1f:53
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYLY/sRed39WHI+dboHTnhojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI2MDcxMjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNlMjVlYTk0ZDViMGI1NmYzNjFjYzk2ZDQzMzEyNDhlNzBiNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrvekNal8kAb22t8A+9mscu2vGbX
rDLv0IX8We+ZmLdjx6+/QYUnlEAPC7HvYILtWyBq9q74cCeGCr2DDtdoMJTr09kK
AupBOnexVesR6SvqqQuaxMe4uuOlkiSp0ygp/ifn+p32NOoQb8XTGpoYZ9OAw+1+
rmicBUbd3BvvbItDFhmNmxybLzk9EZQOcpAPzTZfE2mMcUqztuzbpYHdKmk1H459
rNt6cWikgeHSzC2/4RRLe/K6nqMbrVUnnUrqTLIgmXDJY8odtiqAckWQy9xx5n5h
vCl69NMEudJeFnqz1rA3VzzONP1XoTFltMYqXsQunpHv7iJs3IGDEOGMxwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFPU+JeqU1bC1bzYcyW1DMSSOcLTBMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvOVQ0bDZwVFZzTFZ2Tmh6SmJVTXhKSTV3dE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAFW
JrIDBAJWJrgDBAFWJsoDBAFWJvYDBAFZdDoDBAFZdFgDBABZdFwwDAMEAVl0agME
AFl0bDAMAwQAWXR9AwQHWXQAAwQAWXSEAwQAWXSHAwQAWXSWAwQAWXShAwQAWXSj
AwQAWXSmMAwDBANZdLgDBABZdLoDBAFZdNIDBABZdPwDBAFZdQgDBAFZdSADBAFZ
dV4DBAFZdWYDBAFZdXQDBABZdb4DBABZdd4DBAFZdeQDBABZdfUDBABZdfowDQYJ
KoZIhvcNAQELBQADggEBAD0IPniSokQqj2FFi9Se5OaGqYyIKrByaTQ7z+99+4qS
LXu0wPMM8Kshy021CZ6MA/wCRDzcxKR7Uahc1HZ0/7SLhgNKaw0lw0VgEIlfjXeY
AogEUtahQZrMXdp9/ozkdN7e2Ijtf0Kx+rEldqQVMSTdZeYsymsl5BWr+mzy7NyQ
4VOa95u2GeR+dVT0z1sDBHqDPSkyhIyFUOuAXH/O9Q7Gv7u46hOmb5YRs+DSqLZS
qjTdFG5p0J7Yeiaj8McECUbm0Es9nSCpMrjXYyLq0+PQzOVAReb4+U031RwHWCpL
D4l5Uf0xypu/UbHWpNbuCXlebfarx/iGS50nhNLqH1M=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org