Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IqKMMqsQPXEnhrobl5LLbA3km6A.roa
File: IqKMMqsQPXEnhrobl5LLbA3km6A.roa (raw, json)
Hash identifier: /XIgrljDVTHeH+12xrwra7eaSQO+XUpH992ZS5AJMM0=
Subject key identifier: 22:A2:8C:32:AB:10:3D:71:27:86:BA:1B:97:92:CB:6C:0D:E4:9B:A0
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0B8863AE
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IqKMMqsQPXEnhrobl5LLbA3km6A.roa
Signing time: Thu 23 Jun 2022 12:58:57 +0000
ROA not before: Thu 23 Jun 2022 12:58:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.116.68.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193487790 (0xb8863ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Jun 23 12:58:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22a28c32ab103d712786ba1b9792cb6c0de49ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0d:85:8b:14:db:cd:81:7a:32:1d:31:c6:b6:
da:de:c4:39:0e:19:e0:8d:14:4c:df:bb:de:06:e8:
36:f2:f5:4f:90:84:86:d1:c9:ab:90:af:da:a5:5a:
6b:d3:8e:48:91:ea:23:f8:3a:cb:93:cb:f8:d6:cf:
90:ad:94:28:44:84:24:7d:3b:b6:ad:b4:51:27:a0:
8e:48:6a:04:02:82:c8:33:e9:b0:a4:cb:53:51:9c:
9d:8e:e0:6c:aa:b0:74:65:9d:f3:3f:fd:38:a4:87:
f2:5d:0a:0b:8f:25:e5:8d:4c:c7:cb:dd:62:9c:c3:
bc:d1:90:68:66:15:22:55:8f:0b:53:87:45:79:19:
00:be:b4:47:59:20:87:7c:04:b3:ee:54:dd:2c:84:
d9:62:0d:bd:47:8c:0e:09:76:ab:10:67:df:69:ec:
34:0f:a4:71:f7:06:f7:cf:05:48:98:d1:d2:37:40:
a9:fa:bf:ba:12:5a:d6:13:b9:d2:1e:1a:7d:f4:db:
02:1c:0c:cb:65:91:b2:07:f2:dd:32:27:67:5a:a5:
4f:db:b2:46:f9:56:9e:32:df:09:ea:14:a4:85:90:
11:70:fc:30:3e:f5:c5:d7:94:52:08:fd:78:84:7c:
59:6e:2a:b7:83:90:78:a9:13:5a:55:90:1d:3d:46:
24:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A2:8C:32:AB:10:3D:71:27:86:BA:1B:97:92:CB:6C:0D:E4:9B:A0
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IqKMMqsQPXEnhrobl5LLbA3km6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.158.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/23
89.116.255.0/24
89.117.8.0/23
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.70.0-89.117.79.255
89.117.84.0/23
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.102.0/23
89.117.109.0/24
89.117.112.0-89.117.117.255
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:0c:22:67:e0:05:19:5e:c6:4e:08:c5:54:0c:82:39:ed:b2:
2a:f0:13:7c:de:9e:ed:4b:dc:08:77:fa:f5:90:69:37:e1:ba:
e6:bc:e4:ae:a1:f3:5f:96:d4:a0:22:ac:74:60:35:33:02:80:
80:da:e9:22:9a:36:14:62:72:a2:bc:72:04:5a:0e:7d:00:e7:
0e:1d:50:53:61:cc:09:8f:f9:f8:5b:8f:73:8e:e6:c2:1d:31:
54:8b:6e:e7:20:e0:77:f3:01:e6:72:81:7a:4c:13:3d:a2:08:
4c:b5:31:a4:9a:93:71:02:9c:88:a0:fc:48:79:c1:73:2c:83:
53:a9:96:4b:5e:d1:83:df:0b:0d:6f:c2:8a:f1:e9:70:09:6f:
df:6e:bd:11:99:5f:8c:e5:b8:29:dd:aa:d2:e9:7c:36:92:12:
7a:3a:96:ad:54:fd:af:b5:48:77:4c:14:c6:14:cb:54:13:69:
56:65:cc:49:20:8f:1d:a5:96:64:63:44:a6:53:92:09:50:7f:
99:e3:17:35:ee:2a:a8:49:b9:62:c8:e0:a5:fe:77:6d:71:0e:
c1:b5:cb:7c:d0:6b:87:27:c3:f8:36:63:f3:d7:e2:ab:ab:e2:
06:79:23:0a:6d:fc:46:5c:04:55:ce:65:1e:b3:b9:e8:ce:a5:
5e:8f:03:61
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIEC4hjrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDYy
MzEyNTg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJhMjhjMzJhYjEw
M2Q3MTI3ODZiYTFiOTc5MmNiNmMwZGU0OWJhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkNhYsU282BejIdMca22t7EOQ4Z4I0UTN+73gboNvL1T5CE
htHJq5Cv2qVaa9OOSJHqI/g6y5PL+NbPkK2UKESEJH07tq20USegjkhqBAKCyDPp
sKTLU1GcnY7gbKqwdGWd8z/9OKSH8l0KC48l5Y1Mx8vdYpzDvNGQaGYVIlWPC1OH
RXkZAL60R1kgh3wEs+5U3SyE2WINvUeMDgl2qxBn32nsNA+kcfcG988FSJjR0jdA
qfq/uhJa1hO50h4affTbAhwMy2WRsgfy3TInZ1qlT9uyRvlWnjLfCeoUpIWQEXD8
MD71xdeUUgj9eIR8WW4qt4OQeKkTWlWQHT1GJPMCAwEAAaOCA6MwggOfMB0GA1Ud
DgQWBBQioowyqxA9cSeGuhuXkstsDeSboDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0lxS01NcXNRUFhFbmhyb2JsNUxMYkEza202QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AbcGCCsGAQUFBwEHAQH/BIIBpjCCAaIwggGeBAIAATCCAZYDBAFULuoDBAFWJrID
BAJWJrgDBAFWJsoDBAFWJvYDBAFZdDoDBAFZdEQDBAFZdFgDBABZdFwwDAMEAVl0
agMEAFl0bDAMAwQAWXR9AwQHWXQAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkD
BABZdI0wDAMEAll0lAMEAFl0lgMEAFl0ngMEAFl0oQMEAFl0owMEAFl0pgMEAVl0
rAMEAFl0rwMEAFl0sQMEAFl0szAMAwQDWXS4AwQAWXS6MAwDBABZdL0DBABZdL4D
BABZdMEDBAFZdNIDBABZdNoDBAFZdPwDBABZdP8DBAFZdQgDBAFZdQwDBAFZdRgw
DAMEAll1HAMEAVl1IAMEAVl1JDAMAwQBWXVGAwQEWXVAAwQBWXVUAwQCWXVYMAwD
BAFZdV4DBAJZdWADBAFZdWYDBABZdW0wDAMEBFl1cAMEAVl1dAMEAFl1gQMEAll1
hAMEAVl1jjAMAwQBWXWeAwQCWXWgAwQAWXW+AwQAWXXXAwQAWXXeAwQBWXXkAwQA
WXX1AwQAWXX6MA0GCSqGSIb3DQEBCwUAA4IBAQBMDCJn4AUZXsZOCMVUDII57bIq
8BN83p7tS9wId/r1kGk34brmvOSuofNfltSgIqx0YDUzAoCA2ukimjYUYnKivHIE
Wg59AOcOHVBTYcwJj/n4W49zjubCHTFUi27nIOB38wHmcoF6TBM9oghMtTGkmpNx
ApyIoPxIecFzLINTqZZLXtGD3wsNb8KK8elwCW/fbr0RmV+M5bgp3arS6Xw2khJ6
OpatVP2vtUh3TBTGFMtUE2lWZcxJII8dpZZkY0SmU5IJUH+Z4xc17iqoSbliyOCl
/ndtcQ7Btct80GuHJ8P4NmPz1+Krq+IGeSMKbfxGXARVzmUes7nozqVejwNh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org