Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Dc77s9DhHLrcmNJEjUUOtZY8D-0.roa
File: Dc77s9DhHLrcmNJEjUUOtZY8D-0.roa (raw, json)
Hash identifier: C/RWMAlfn0fqrWoWWIYDKAks3SloPe4qZo0an4PwHU8=
Subject key identifier: 0D:CE:FB:B3:D0:E1:1C:BA:DC:98:D2:44:8D:45:0E:B5:96:3C:0F:ED
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0181DA65578BE4B87A2B2D96FAEF57F00A6D
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Dc77s9DhHLrcmNJEjUUOtZY8D-0.roa
Signing time: Thu 07 Jul 2022 20:41:23 +0000
ROA not before: Thu 07 Jul 2022 20:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:65:57:8b:e4:b8:7a:2b:2d:96:fa:ef:57:f0:0a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jul 7 20:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dcefbb3d0e11cbadc98d2448d450eb5963c0fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:37:ce:16:7d:30:4b:64:a2:18:b3:c4:48:
e2:ce:fd:4b:f4:1c:9e:8e:8c:24:f9:67:c3:10:40:
1f:70:1d:73:9a:04:dc:23:95:09:59:d1:59:6c:e9:
70:43:f6:46:71:a6:13:f7:2f:95:1a:7c:c8:59:bd:
86:61:13:27:7a:c5:86:91:18:72:73:ba:2c:0f:9c:
6b:06:b7:4b:66:d3:c2:04:10:1e:54:c2:98:b2:e6:
11:29:6d:f1:a1:fd:07:9a:36:0a:b3:62:4f:4e:4a:
ab:99:7b:09:f5:7b:43:d2:2c:b1:11:e0:fa:3a:98:
aa:1d:f3:b3:eb:50:eb:ba:cf:dc:33:e0:f6:f8:96:
cc:cc:e5:77:5f:7b:13:e5:2a:3b:91:b7:8e:65:a5:
8d:cc:ee:27:39:5f:4a:26:3e:0d:8a:06:3c:7f:6b:
a4:fc:e9:27:9a:81:c5:e5:09:04:c5:ce:0f:8a:68:
3c:25:63:bd:8a:b7:dc:0f:6a:12:6c:62:54:11:25:
01:66:62:ca:32:7d:7b:e7:92:bd:2a:62:fd:0f:ba:
81:74:75:3b:e7:36:36:ef:8f:11:3b:46:dc:fb:68:
33:80:79:33:de:7a:46:3a:f8:c6:af:ca:bc:86:20:
c3:0c:77:ae:a7:a0:8b:70:5d:a3:e1:e4:72:84:e3:
73:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CE:FB:B3:D0:E1:1C:BA:DC:98:D2:44:8D:45:0E:B5:96:3C:0F:ED
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/Dc77s9DhHLrcmNJEjUUOtZY8D-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0/23
89.116.130.0/23
89.116.135.0/24
89.116.141.0/24
89.116.148.0/23
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/23
89.116.255.0/24
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.112.0/22
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
91:c1:45:6e:5b:0a:f0:bd:92:f5:9c:e1:48:eb:25:a2:ba:8b:
7a:03:63:56:55:b4:92:0e:aa:46:1e:aa:36:e9:21:57:ae:0b:
71:34:7d:2e:dd:c8:ef:36:13:13:6e:4a:11:6f:67:da:37:f1:
87:6d:31:69:6e:df:f7:a6:09:7e:52:40:9b:a8:6a:d2:c8:96:
d4:c9:f1:b7:bd:d4:28:1b:36:29:d5:59:78:42:c6:f2:cb:aa:
43:9f:ac:4d:ef:63:de:48:c2:13:36:53:15:91:48:55:af:50:
97:c3:72:68:a8:8d:45:3f:b3:91:ff:7a:54:09:b5:ef:20:94:
f2:45:58:f4:85:4d:84:3c:f0:64:ba:b4:f6:a6:5b:f8:b3:3c:
2d:a6:56:03:ac:28:e6:07:f1:02:68:46:1f:6f:11:29:6a:e9:
99:f8:ac:1f:53:8b:42:97:88:00:db:78:2c:88:93:98:4a:e1:
b9:0b:d1:33:16:3d:b6:87:02:9f:70:e4:fd:0a:ed:44:11:17:
c9:43:51:68:4d:37:31:f0:4e:55:1d:d0:c8:78:c4:2c:cb:a2:
04:bb:ba:b1:d6:ef:d6:60:42:9c:82:f8:04:42:07:2e:99:bb:
d0:b6:d9:fe:24:cb:a3:e7:ad:1f:dd:9c:1c:22:4d:a3:e7:21:
6c:65:e2:5f
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYHaZVeL5Lh6Ky2W+u9X8AptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzA3MjA0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNlZmJiM2QwZTExY2JhZGM5OGQyNDQ4ZDQ1MGViNTk2M2MwZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO83zhZ9MEtkohizxEjizv1L9Bye
jowk+WfDEEAfcB1zmgTcI5UJWdFZbOlwQ/ZGcaYT9y+VGnzIWb2GYRMnesWGkRhy
c7osD5xrBrdLZtPCBBAeVMKYsuYRKW3xof0HmjYKs2JPTkqrmXsJ9XtD0iyxEeD6
OpiqHfOz61Drus/cM+D2+JbMzOV3X3sT5So7kbeOZaWNzO4nOV9KJj4NigY8f2uk
/OknmoHF5QkExc4Pimg8JWO9irfcD2oSbGJUESUBZmLKMn1755K9KmL9D7qBdHU7
5zY2748RO0bc+2gzgHkz3npGOvjGr8q8hiDDDHeup6CLcF2j4eRyhONzyQIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFA3O+7PQ4Ry63JjSRI1FDrWWPA/tMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvRGM3N3M5RGhITHJjbU5KRWpVVU90Wlk4RC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAVQu6gMEAVYmygMEAFl0NgMEAFl0RgMEAVl0WAMEAFl0YwMEAFl0ZwMEAVl0
agMEAVl0cAMEAFl0cwMEAVl0fgMEAVl0ggMEAFl0hwMEAFl0jQMEAVl0lAMEAFl0
nAMEAFl0oQMEAFl0qwMEAFl0rwMEAFl0sQMEAFl0wQMEAFl0ywMEAll00AMEAFl0
2gMEAVl03AMEAFl03wMEAFl06QMEAVl0/AMEAFl0/wMEAVl1DAMEAVl1GDAMAwQC
WXUcAwQBWXUgAwQAWXVEAwQDWXVIAwQBWXVUAwQCWXVYAwQBWXVmAwQAWXVtAwQC
WXVwMAwDBABZdYEDBABZdYIDBAJZdYQDBAFZdY4DBABZddcwDQYJKoZIhvcNAQEL
BQADggEBAJHBRW5bCvC9kvWc4UjrJaK6i3oDY1ZVtJIOqkYeqjbpIVeuC3E0fS7d
yO82ExNuShFvZ9o38YdtMWlu3/emCX5SQJuoatLIltTJ8be91CgbNinVWXhCxvLL
qkOfrE3vY95IwhM2UxWRSFWvUJfDcmiojUU/s5H/elQJte8glPJFWPSFTYQ88GS6
tPamW/izPC2mVgOsKOYH8QJoRh9vESlq6Zn4rB9Ti0KXiADbeCyIk5hK4bkL0TMW
PbaHAp9w5P0K7UQRF8lDUWhNNzHwTlUd0Mh4xCzLogS7urHW79ZgQpyC+ARCBy6Z
u9C22f4ky6PnrR/dnBwiTaPnIWxl4l8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org