Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/DV9WEgF1Z1X7LtbHb1P6LxgrqTI.roa
File: DV9WEgF1Z1X7LtbHb1P6LxgrqTI.roa (raw, json)
Hash identifier: tLlHmJQme1KBTB+OYVIc+6F38Y19oEkpDyjXACBQqyE=
Subject key identifier: 0D:5F:56:12:01:75:67:55:FB:2E:D6:C7:6F:53:FA:2F:18:2B:A9:32
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182CA36A811CEA22CF3170F53D132C0BE47
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/DV9WEgF1Z1X7LtbHb1P6LxgrqTI.roa
Signing time: Tue 23 Aug 2022 10:19:15 +0000
ROA not before: Tue 23 Aug 2022 10:19:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:36:a8:11:ce:a2:2c:f3:17:0f:53:d1:32:c0:be:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 23 10:19:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d5f561201756755fb2ed6c76f53fa2f182ba932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cb:8d:b1:c5:07:49:45:4b:53:cb:03:ba:f6:
b9:86:b3:64:33:9f:f2:2f:8f:8c:dd:a3:7a:6d:cf:
73:9e:e3:bb:e5:1b:29:11:be:b5:39:8c:19:14:39:
d2:20:4b:0b:86:5a:51:4e:a5:24:8e:72:c3:99:21:
30:94:76:6e:ab:a6:fb:c5:55:86:cb:b7:56:73:0f:
89:d0:ef:a2:3c:02:a6:b0:78:92:1b:5e:65:ac:d2:
0a:d9:d7:4e:a2:9d:d8:70:c1:ee:e3:04:27:84:ca:
1f:c4:1b:53:45:31:f3:ed:22:f1:0d:2c:f3:7f:b1:
e8:11:3b:41:66:d9:a4:22:14:2c:31:0a:7b:f8:29:
fb:96:24:92:ed:63:3d:4d:f4:f5:f1:ac:32:44:98:
92:b7:31:14:25:11:26:67:b0:48:80:29:3d:5c:0a:
ca:a3:18:c9:03:b9:7f:86:9c:f0:f5:02:08:e8:b8:
7a:9d:77:ce:db:bb:9e:6e:71:f5:25:61:00:d6:55:
17:f7:ca:c6:82:9e:80:f8:d1:a2:d6:aa:ef:d8:a6:
60:42:ef:9e:76:a7:2a:65:28:d5:16:55:6c:f4:c5:
58:79:2a:95:78:95:7e:f0:80:06:a5:6e:85:b4:80:
72:f4:d0:1e:95:dd:36:c7:53:ef:49:35:f7:83:a8:
8e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5F:56:12:01:75:67:55:FB:2E:D6:C7:6F:53:FA:2F:18:2B:A9:32
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/DV9WEgF1Z1X7LtbHb1P6LxgrqTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0/23
89.116.135.0/24
89.116.148.0/23
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/23
89.117.12.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.112.0/22
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:79:7a:b2:a0:da:9b:25:dd:0b:13:a0:22:de:d4:0d:04:6a:
a5:e2:00:b5:82:8f:9f:7c:2a:7b:b5:42:ae:1e:71:0b:52:bf:
b8:99:43:02:82:0b:ca:93:ba:c8:06:d4:1e:2e:b2:b3:d8:a3:
8f:1a:96:e8:bf:e1:d0:b8:a9:69:b0:4a:40:6c:1d:6a:5b:ba:
d2:6d:4f:76:09:8a:98:b8:df:b7:a9:c3:1d:59:9e:23:71:e5:
69:6a:7b:c4:a2:d8:dc:57:7e:b9:c2:67:86:e9:03:2c:ca:ec:
1c:32:f2:a1:cb:78:1d:5e:99:98:77:f0:12:1e:7d:2d:19:a2:
d1:3e:bc:6f:5f:5d:9b:33:f5:b1:c3:ab:a7:d7:98:90:52:b4:
d1:4e:17:35:af:78:91:68:53:65:6a:13:7c:b9:b6:5e:dd:48:
ef:8a:74:13:1d:d3:44:36:5c:78:41:68:fd:fa:b5:67:bd:ad:
a3:2c:1f:0d:13:54:88:fb:52:0c:88:50:75:48:06:90:9f:04:
95:fb:c3:b6:3d:21:ce:58:83:0d:6a:df:d2:c5:a9:b7:4b:db:
a6:9c:b0:ee:86:e0:ea:ea:a4:de:a8:be:ae:f1:e5:9f:a1:b4:
aa:b2:8e:18:0b:df:6a:87:33:19:85:53:77:47:74:d9:84:07:
b6:25:44:3e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYLKNqgRzqIs8xcPU9EywL5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODIzMTAxOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDVmNTYxMjAxNzU2NzU1ZmIyZWQ2Yzc2ZjUzZmEyZjE4MmJhOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMuNscUHSUVLU8sDuva5hrNkM5/y
L4+M3aN6bc9znuO75RspEb61OYwZFDnSIEsLhlpRTqUkjnLDmSEwlHZuq6b7xVWG
y7dWcw+J0O+iPAKmsHiSG15lrNIK2ddOop3YcMHu4wQnhMofxBtTRTHz7SLxDSzz
f7HoETtBZtmkIhQsMQp7+Cn7liSS7WM9TfT18awyRJiStzEUJREmZ7BIgCk9XArK
oxjJA7l/hpzw9QII6Lh6nXfO27uebnH1JWEA1lUX98rGgp6A+NGi1qrv2KZgQu+e
dqcqZSjVFlVs9MVYeSqVeJV+8IAGpW6FtIBy9NAeld02x1PvSTX3g6iOmQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFA1fVhIBdWdV+y7Wx29T+i8YK6kyMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvRFY5V0VnRjFaMVg3THRiSGIxUDZMeGdycVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQBVC7qAwQBVibKAwQAWXQ2AwQAWXRGAwQBWXRYAwQAWXRjAwQAWXRnAwQBWXRq
AwQBWXRwAwQAWXRzAwQBWXR+AwQAWXSHAwQBWXSUAwQAWXScAwQAWXShAwQAWXSr
AwQAWXSvAwQAWXSxAwQAWXTBAwQAWXTLAwQCWXTQAwQAWXTaAwQBWXTcAwQAWXTf
AwQAWXTpAwQBWXT8AwQBWXUMMAwDBAJZdRwDBAFZdSADBABZdUQDBANZdUgDBAFZ
dVQDBAJZdVgDBAFZdWYDBABZdW0DBAJZdXAwDAMEAFl1gQMEAFl1ggMEAll1hAME
AVl1jgMEAFl11zANBgkqhkiG9w0BAQsFAAOCAQEAOnl6sqDamyXdCxOgIt7UDQRq
peIAtYKPn3wqe7VCrh5xC1K/uJlDAoILypO6yAbUHi6ys9ijjxqW6L/h0LipabBK
QGwdalu60m1PdgmKmLjft6nDHVmeI3HlaWp7xKLY3Fd+ucJnhukDLMrsHDLyoct4
HV6ZmHfwEh59LRmi0T68b19dmzP1scOrp9eYkFK00U4XNa94kWhTZWoTfLm2Xt1I
74p0Ex3TRDZceEFo/fq1Z72toywfDRNUiPtSDIhQdUgGkJ8ElfvDtj0hzliDDWrf
0sWpt0vbppyw7obg6uqk3qi+rvHln6G0qrKOGAvfaoczGYVTd0d02YQHtiVEPg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org