Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CPEGsQIL34RTtKaHBAcyHr1BAH4.roa
File: CPEGsQIL34RTtKaHBAcyHr1BAH4.roa (raw, json)
Hash identifier: hUpKyJ6nCiI04VeyU7rF9O4H60Vl0a2JQ/QtVtyDusw=
Subject key identifier: 08:F1:06:B1:02:0B:DF:84:53:B4:A6:87:04:07:32:1E:BD:41:00:7E
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0181DA65581A98007A5D22F303795E8BA1C1
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CPEGsQIL34RTtKaHBAcyHr1BAH4.roa
Signing time: Thu 07 Jul 2022 20:41:23 +0000
ROA not before: Thu 07 Jul 2022 20:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.117.72.0/21 maxlen: 24
89.116.123.0/24 maxlen: 24
89.117.88.0/22 maxlen: 24
89.116.140.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
86.38.216.0/22 maxlen: 24
89.116.91.0/24 maxlen: 24
86.38.232.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.116.202.0/24 maxlen: 24
89.116.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:65:58:1a:98:00:7a:5d:22:f3:03:79:5e:8b:a1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 7 20:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08f106b1020bdf8453b4a6870407321ebd41007e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b7:7e:64:8f:57:ed:c2:28:d7:6a:87:2b:7c:
34:f5:6f:07:bd:12:3f:6d:82:4e:97:fc:c8:46:4d:
60:7e:27:74:d6:a7:46:78:05:46:fe:16:b7:5f:1e:
79:0b:85:ef:c7:56:b4:2d:b9:a7:43:7d:d5:4a:2e:
05:e6:4d:ff:59:dc:ad:52:c0:dc:07:d8:a4:a7:c6:
d8:db:da:70:05:a6:c9:ff:f9:e6:77:df:8a:a7:b1:
69:9d:f4:fd:c2:15:72:92:e2:12:c9:19:66:d4:82:
bc:21:87:66:4a:30:58:46:46:60:3b:f1:57:36:75:
f3:52:55:98:0d:29:cc:23:8b:09:8b:e0:54:e1:bd:
96:08:cd:34:db:cf:db:7a:09:c7:7c:7f:87:f2:77:
57:19:24:53:7d:e2:df:08:bc:bc:94:de:a7:55:7c:
16:12:78:aa:c7:6b:a1:0a:b3:21:fa:2f:57:b5:d8:
f4:bd:03:de:5b:22:e9:10:f3:5b:6c:ee:46:bd:24:
8f:44:cf:aa:2b:16:93:95:e7:98:49:3c:8e:fc:ef:
cf:cc:b7:35:88:aa:00:1b:09:41:ca:72:a0:c1:e5:
8c:c4:cf:c5:cf:a5:fc:2d:f2:70:d8:8d:be:47:52:
3f:63:15:7a:1d:b7:6a:04:db:66:1a:52:41:65:2e:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F1:06:B1:02:0B:DF:84:53:B4:A6:87:04:07:32:1E:BD:41:00:7E
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/CPEGsQIL34RTtKaHBAcyHr1BAH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.216.0/22
86.38.232.0/24
89.116.76.0/24
89.116.91.0/24
89.116.123.0/24
89.116.140.0/24
89.116.202.0/24
89.116.212.0/22
89.116.250.0/24
89.117.12.0/23
89.117.24.0/23
89.117.72.0/21
89.117.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:ff:40:e2:0d:c7:44:4a:09:7d:09:bb:53:81:92:cc:3f:a7:
37:24:7b:c2:2c:99:f4:6e:69:30:a0:a8:48:33:71:b4:92:f8:
70:6c:3a:dc:d0:ff:af:97:42:81:69:92:a7:eb:fa:f8:11:7e:
f4:50:6e:44:05:8a:c4:38:e3:d9:da:a7:0f:c2:35:ae:59:2f:
65:4e:64:55:cc:94:c5:e2:6a:7f:8b:27:2a:dd:b9:41:71:0f:
9d:8e:5a:29:df:93:5d:8f:0c:42:89:d8:44:51:4c:16:d3:9c:
53:46:60:38:0c:05:b8:f7:f9:e0:14:61:8c:d7:bd:ec:7e:e6:
6d:62:eb:4d:67:f4:a6:11:dd:e5:75:a0:bd:3a:eb:bd:15:a1:
4c:82:ef:0e:75:a3:f2:bd:40:0a:8b:d4:80:23:3d:ab:6a:89:
f0:79:73:71:2b:68:96:39:b1:d1:ed:1b:4a:31:c7:97:89:69:
60:07:c7:d0:71:f0:f2:48:86:96:90:95:54:84:12:8c:8e:37:
f3:74:62:23:b0:75:3f:dc:bb:07:e2:6a:af:c8:0e:61:ed:23:
7a:38:91:d7:03:26:ad:19:9d:6c:e8:b9:0a:d1:33:01:70:0f:
4e:d1:21:8c:75:28:80:d6:b4:8a:b2:ff:f3:54:46:b4:12:62:
f5:b6:4e:57
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYHaZVgamAB6XSLzA3lei6HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzA3MjA0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYxMDZiMTAyMGJkZjg0NTNiNGE2ODcwNDA3MzIxZWJkNDEwMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrd+ZI9X7cIo12qHK3w09W8HvRI/
bYJOl/zIRk1gfid01qdGeAVG/ha3Xx55C4Xvx1a0LbmnQ33VSi4F5k3/WdytUsDc
B9ikp8bY29pwBabJ//nmd9+Kp7FpnfT9whVykuISyRlm1IK8IYdmSjBYRkZgO/FX
NnXzUlWYDSnMI4sJi+BU4b2WCM0028/begnHfH+H8ndXGSRTfeLfCLy8lN6nVXwW
Eniqx2uhCrMh+i9Xtdj0vQPeWyLpEPNbbO5GvSSPRM+qKxaTleeYSTyO/O/PzLc1
iKoAGwlBynKgweWMxM/Fz6X8LfJw2I2+R1I/YxV6HbdqBNtmGlJBZS63oQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAjxBrECC9+EU7SmhwQHMh69QQB+MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvQ1BFR3NRSUwzNFJUdEthSEJBY3lIcjFCQUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCVibYAwQA
ViboAwQAWXRMAwQAWXRbAwQAWXR7AwQAWXSMAwQAWXTKAwQCWXTUAwQAWXT6AwQB
WXUMAwQBWXUYAwQDWXVIAwQCWXVYMA0GCSqGSIb3DQEBCwUAA4IBAQC2/0DiDcdE
Sgl9CbtTgZLMP6c3JHvCLJn0bmkwoKhIM3G0kvhwbDrc0P+vl0KBaZKn6/r4EX70
UG5EBYrEOOPZ2qcPwjWuWS9lTmRVzJTF4mp/iycq3blBcQ+djlop35NdjwxCidhE
UUwW05xTRmA4DAW49/ngFGGM173sfuZtYutNZ/SmEd3ldaC9Ouu9FaFMgu8OdaPy
vUAKi9SAIz2raonweXNxK2iWObHR7RtKMceXiWlgB8fQcfDySIaWkJVUhBKMjjfz
dGIjsHU/3LsH4mqvyA5h7SN6OJHXAyatGZ1s6LkK0TMBcA9O0SGMdSiA1rSKsv/z
VEa0EmL1tk5X
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org