Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IXk5i4A5qGn-nj-21V9COXcNH1E.roa
File: IXk5i4A5qGn-nj-21V9COXcNH1E.roa (raw, json)
Hash identifier: WU8ZhjgPZKV6Tyb+rIwxHqQM8CtJZMDpLbq/c8uWJNM=
Subject key identifier: 21:79:39:8B:80:39:A8:69:FE:9E:3F:B6:D5:5F:42:39:77:0D:1F:51
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0ACDCCFE
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IXk5i4A5qGn-nj-21V9COXcNH1E.roa
Signing time: Thu 12 May 2022 07:52:03 +0000
ROA not before: Thu 12 May 2022 07:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.70.0/23 maxlen: 24
89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.188.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.116.70.0/24 maxlen: 24
89.116.68.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181259518 (0xacdccfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 12 07:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2179398b8039a869fe9e3fb6d55f4239770d1f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f7:60:b3:36:2c:ee:53:5a:23:82:e4:80:16:
72:7f:de:f4:c4:c0:04:52:82:62:a8:17:13:3d:c1:
73:41:44:c8:04:0b:d3:53:bc:fb:53:4d:40:66:a6:
13:99:cb:22:a4:cb:cc:99:dd:0b:5e:7c:a9:2e:69:
af:47:7c:1b:f4:5f:64:7f:bc:2a:c6:40:d5:3f:4d:
ed:d2:d2:c0:9d:4d:74:d5:93:4c:c7:33:4d:ef:0f:
43:9a:01:30:13:f5:cb:82:2b:73:38:00:68:93:24:
f9:66:65:2d:e2:07:9e:af:94:56:27:f4:38:81:4a:
1a:a2:b7:1c:09:65:7c:3b:99:eb:23:7c:35:76:13:
af:92:d2:bf:6f:6e:ea:f9:c1:f9:be:e5:da:08:82:
c9:a1:f6:c2:cc:0e:70:ac:3a:19:b2:8c:29:d9:68:
10:2b:ca:ee:06:02:3e:f9:21:88:e2:e9:89:d3:0a:
d9:5c:88:49:44:4e:23:a7:40:47:e8:be:99:27:04:
28:6e:33:2e:7d:a2:75:e9:d3:5f:7d:bd:e2:15:66:
8f:35:32:cf:b9:a6:25:a5:44:27:a9:e0:c2:57:45:
e7:a6:c2:86:b7:88:4a:23:4d:80:d2:86:67:d0:4d:
79:2e:ca:5f:bb:09:ef:89:c9:ee:22:d0:e8:db:6e:
1b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:79:39:8B:80:39:A8:69:FE:9E:3F:B6:D5:5F:42:39:77:0D:1F:51
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IXk5i4A5qGn-nj-21V9COXcNH1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.182.0-86.38.187.255
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0-89.116.70.255
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.128.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.153.0-89.116.154.255
89.116.158.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/23
89.116.255.0/24
89.117.6.0-89.117.9.255
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.64.0-89.117.68.255
89.117.70.0-89.117.79.255
89.117.84.0/23
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.102.0/23
89.117.109.0/24
89.117.112.0-89.117.117.255
89.117.129.0/24
89.117.132.0/22
89.117.139.0/24
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.188.0/24
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:89:17:5f:85:bc:b2:55:ca:ab:dd:ee:d8:27:b8:68:d6:4d:
05:36:77:25:26:48:c5:64:0f:1b:45:28:f6:fe:15:80:6a:79:
18:3e:4c:34:06:85:95:21:e3:fb:cd:93:77:63:50:f4:0b:96:
94:13:9b:a1:5b:02:31:85:12:c0:15:9f:9a:55:ea:cc:cd:66:
e0:05:91:ce:62:03:f3:83:79:a9:7d:18:e4:41:23:21:ac:55:
eb:8b:25:db:f1:bd:34:c6:1b:08:30:c3:63:08:94:eb:80:06:
e3:97:a2:a1:0b:82:0d:df:5c:67:47:32:4c:3a:7f:48:f0:b6:
92:b8:32:ed:b8:9f:c3:c8:cc:77:20:3f:c1:d5:07:49:10:1c:
5e:38:00:70:95:dc:1f:82:0e:36:e8:d2:26:d0:a8:f5:59:45:
fd:5c:de:32:18:e3:cf:29:12:7b:58:40:df:63:9c:53:30:79:
88:9e:f5:ab:9b:ea:6e:35:ff:fc:35:60:36:9b:1a:46:ac:0e:
8c:59:2b:fe:4a:ff:5b:27:31:5a:e8:a4:78:6b:21:1f:4c:e8:
3e:e3:34:ae:98:d4:41:63:2b:10:f0:d6:16:d9:23:de:63:aa:
a4:9f:ea:c5:f5:7d:42:87:d6:8d:56:93:06:a6:1f:81:78:d1:
81:a4:ac:29
-----BEGIN CERTIFICATE-----
MIIGyTCCBbGgAwIBAgIECs3M/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MjA3NTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE3OTM5OGI4MDM5
YTg2OWZlOWUzZmI2ZDU1ZjQyMzk3NzBkMWY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALj3YLM2LO5TWiOC5IAWcn/e9MTABFKCYqgXEz3Bc0FEyAQL
01O8+1NNQGamE5nLIqTLzJndC158qS5pr0d8G/RfZH+8KsZA1T9N7dLSwJ1NdNWT
TMczTe8PQ5oBMBP1y4IrczgAaJMk+WZlLeIHnq+UVif0OIFKGqK3HAllfDuZ6yN8
NXYTr5LSv29u6vnB+b7l2giCyaH2wswOcKw6GbKMKdloECvK7gYCPvkhiOLpidMK
2VyISUROI6dAR+i+mScEKG4zLn2idenTX3294hVmjzUyz7mmJaVEJ6ngwldF56bC
hreISiNNgNKGZ9BNeS7KX7sJ74nJ7iLQ6NtuG+0CAwEAAaOCA+MwggPfMB0GA1Ud
DgQWBBQheTmLgDmoaf6eP7bVX0I5dw0fUTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0lYazVpNEE1cUduLW5qLTIxVjlDT1hjTkgxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AfcGCCsGAQUFBwEHAQH/BIIB5jCCAeIwggHeBAIAATCCAdYDBAFULuoDBAFWJrIw
DAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OjAMAwQCWXREAwQAWXRGAwQB
WXRYAwQAWXRcMAwDBAFZdGoDBABZdGwwDAMEAFl0fQMEAFl0gDAMAwQBWXSCAwQA
WXSEAwQAWXSHAwQAWXSJAwQAWXSNMAwDBAJZdJQDBABZdJYwDAMEAFl0mQMEAFl0
mgMEAFl0ngMEAFl0oQMEAFl0owMEAFl0pgMEAVl0rAMEAFl0rwMEAFl0sQMEAFl0
szAMAwQDWXS4AwQAWXS6MAwDBABZdL0DBABZdL4DBABZdMEDBAFZdNIDBABZdNoD
BAFZdPwDBABZdP8wDAMEAVl1BgMEAVl1CAMEAVl1DAMEAVl1GDAMAwQCWXUcAwQB
WXUgAwQBWXUkMAwDBAZZdUADBABZdUQwDAMEAVl1RgMEBFl1QAMEAVl1VAMEAll1
WDAMAwQBWXVeAwQCWXVgAwQBWXVmAwQAWXVtMAwDBARZdXADBAFZdXQDBABZdYED
BAJZdYQDBABZdYsDBAFZdY4wDAMEAVl1ngMEAll1oAMEAFl1vAMEAFl1vgMEAFl1
1wMEAFl13gMEAVl15AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAXokX
X4W8slXKq93u2Ce4aNZNBTZ3JSZIxWQPG0Uo9v4VgGp5GD5MNAaFlSHj+82Td2NQ
9AuWlBOboVsCMYUSwBWfmlXqzM1m4AWRzmID84N5qX0Y5EEjIaxV64sl2/G9NMYb
CDDDYwiU64AG45eioQuCDd9cZ0cyTDp/SPC2krgy7bifw8jMdyA/wdUHSRAcXjgA
cJXcH4IONujSJtCo9VlF/VzeMhjjzykSe1hA32OcUzB5iJ71q5vqbjX//DVgNpsa
RqwOjFkr/kr/WycxWuikeGshH0zoPuM0rpjUQWMrEPDWFtkj3mOqpJ/qxfV9QofW
jVaTBqYfgXjRgaSsKQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org