Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/JUKBLJ9ioOi1WVv8H_38BG0v_70.roa
File: JUKBLJ9ioOi1WVv8H_38BG0v_70.roa (raw, json)
Hash identifier: aUCginQ0L8Ta3Q4dBjDBx+pi/QsGMATcEAHtdMKDjXM=
Subject key identifier: 25:42:81:2C:9F:62:A0:E8:B5:59:5B:FC:1F:FD:FC:04:6D:2F:FF:BD
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182E3D0381FB505FDC1D45BB84FAD220B11
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/JUKBLJ9ioOi1WVv8H_38BG0v_70.roa
Signing time: Sun 28 Aug 2022 09:37:30 +0000
ROA not before: Sun 28 Aug 2022 09:37:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:d0:38:1f:b5:05:fd:c1:d4:5b:b8:4f:ad:22:0b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 28 09:37:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2542812c9f62a0e8b5595bfc1ffdfc046d2fffbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:e6:57:2a:ac:a0:f5:d3:b0:52:a1:3e:8f:
bc:52:71:1e:52:1a:06:47:70:44:6d:14:55:dd:7e:
ad:fe:ca:6e:00:a2:68:26:70:94:a4:d5:d0:c7:04:
05:e7:b6:df:5a:02:84:3f:91:03:14:a0:38:e5:09:
91:df:e5:98:e1:9a:25:0a:67:00:b1:da:92:b7:5d:
a2:23:49:60:db:76:56:b9:59:6d:f9:ab:27:1c:df:
90:03:63:fe:f9:bf:96:4b:78:63:df:e3:86:01:a3:
86:82:8d:6c:85:b2:c0:de:f7:33:0c:b6:fb:5d:df:
7a:ee:91:34:17:19:33:3a:96:57:95:55:62:4f:81:
d6:3b:c4:35:0b:b9:c0:44:33:dd:ca:3d:da:1f:9e:
df:e6:44:eb:b9:16:5a:ef:c6:ed:e2:f2:a7:9b:03:
61:fa:c1:cb:a0:b0:0c:23:5f:ad:88:80:cb:51:e2:
50:2f:07:c3:50:a8:a4:3c:d6:e9:db:32:a6:2a:b5:
aa:e8:75:03:0f:f2:89:94:05:dd:d3:5b:7c:5c:38:
56:45:42:ac:7d:23:2e:6e:44:fb:f5:c3:61:d9:c8:
d1:c5:61:67:e4:d3:94:c3:fc:8f:8b:0f:40:3c:0a:
6d:cd:26:f4:f2:43:61:c0:62:f3:8f:4a:e7:55:91:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:42:81:2C:9F:62:A0:E8:B5:59:5B:FC:1F:FD:FC:04:6D:2F:FF:BD
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/JUKBLJ9ioOi1WVv8H_38BG0v_70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.92.0/24
89.116.108.0/24
89.116.125.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.184.0/23
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.102.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
88:30:ee:5f:94:41:54:21:48:0d:b0:40:42:c9:e6:fe:b6:5e:
ee:5a:57:a9:ed:fc:22:5a:ea:49:d0:df:0b:4d:2b:22:25:6a:
7e:e3:06:f1:95:5c:c6:55:ee:84:0c:43:54:32:7e:2f:ea:ab:
ff:00:6f:c9:d5:d6:d7:66:e6:7f:31:fa:4f:2c:65:f2:6c:14:
3e:c1:46:bc:e5:e1:5b:ce:94:75:e9:0f:7d:ab:63:85:42:4b:
1e:42:6c:a9:e4:fd:34:0b:cf:20:ac:83:ca:49:d9:1c:ae:02:
df:12:4b:7b:dd:43:a7:36:06:29:e8:04:8b:2b:a6:1d:15:f0:
42:55:43:73:db:d7:2c:00:4f:ed:d9:65:0e:e3:e0:0e:1e:04:
eb:a5:84:62:4c:98:92:bf:cc:07:ec:61:f0:24:77:98:f6:0c:
a0:0d:07:d0:13:a5:b1:87:ef:9a:1a:5c:33:67:d0:68:da:1f:
62:8b:52:4c:98:9c:eb:db:f0:51:33:ee:fd:30:e3:7d:05:f6:
b1:50:be:dc:3b:e2:26:32:24:c4:fb:22:9d:fe:b0:9d:0e:ab:
03:4c:83:ec:f3:ec:9b:16:a5:f7:11:fc:98:ac:a0:bf:21:a2:
e3:0a:25:b9:8e:31:1f:be:dd:73:5a:12:a8:61:71:9b:55:b6:
7c:e7:f9:13
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYLj0DgftQX9wdRbuE+tIgsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI4MDkzNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQyODEyYzlmNjJhMGU4YjU1OTViZmMxZmZkZmMwNDZkMmZmZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGjmVyqsoPXTsFKhPo+8UnEeUhoG
R3BEbRRV3X6t/spuAKJoJnCUpNXQxwQF57bfWgKEP5EDFKA45QmR3+WY4ZolCmcA
sdqSt12iI0lg23ZWuVlt+asnHN+QA2P++b+WS3hj3+OGAaOGgo1shbLA3vczDLb7
Xd967pE0FxkzOpZXlVViT4HWO8Q1C7nARDPdyj3aH57f5kTruRZa78bt4vKnmwNh
+sHLoLAMI1+tiIDLUeJQLwfDUKikPNbp2zKmKrWq6HUDD/KJlAXd01t8XDhWRUKs
fSMubkT79cNh2cjRxWFn5NOUw/yPiw9APAptzSb08kNhwGLzj0rnVZF8KwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFCVCgSyfYqDotVlb/B/9/ARtL/+9MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvSlVLQkxKOWlvT2kxV1Z2OEhfMzhCRzB2XzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQBVC7qAwQBViayAwQCVia4AwQBVibKAwQBVib2AwQBWXQ6AwQAWXRcAwQAWXRs
AwQAWXR9AwQAWXSEAwQAWXSHAwQAWXSWAwQAWXShAwQAWXSjAwQAWXSmAwQBWXSs
AwQAWXSvAwQAWXSxAwQBWXS4AwQAWXTBAwQBWXTSAwQAWXTaAwQAWXT8AwQBWXUI
MAwDBAJZdRwDBAFZdSADBANZdUgDBAFZdVQDBAJZdVgDBAFZdV4DBAFZdWYDBABZ
dW0DBAFZdXQDBABZdYEDBAJZdYQDBAFZdY4DBABZdb4DBABZddcDBABZdd4DBAFZ
deQDBABZdfUDBABZdfowDQYJKoZIhvcNAQELBQADggEBAIgw7l+UQVQhSA2wQELJ
5v62Xu5aV6nt/CJa6knQ3wtNKyIlan7jBvGVXMZV7oQMQ1Qyfi/qq/8Ab8nV1tdm
5n8x+k8sZfJsFD7BRrzl4VvOlHXpD32rY4VCSx5CbKnk/TQLzyCsg8pJ2RyuAt8S
S3vdQ6c2BinoBIsrph0V8EJVQ3Pb1ywAT+3ZZQ7j4A4eBOulhGJMmJK/zAfsYfAk
d5j2DKANB9ATpbGH75oaXDNn0GjaH2KLUkyYnOvb8FEz7v0w430F9rFQvtw74iYy
JMT7Ip3+sJ0OqwNMg+zz7JsWpfcR/JisoL8houMKJbmOMR++3XNaEqhhcZtVtnzn
+RM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org