Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/KpNwtbCAVUcu_zrJpephMmktFiY.roa
File: KpNwtbCAVUcu_zrJpephMmktFiY.roa (raw, json)
Hash identifier: U+11Nt+4JZ29/i8h5vGwZ6Fyy7+exwQX0vMh6Jm/hko=
Subject key identifier: 2A:93:70:B5:B0:80:55:47:2E:FF:3A:C9:A5:EA:61:32:69:2D:16:26
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D4A51ACCFA4729257CF19B223756621E
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/KpNwtbCAVUcu_zrJpephMmktFiY.roa
Signing time: Thu 25 Aug 2022 10:56:06 +0000
ROA not before: Thu 25 Aug 2022 10:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d4:a5:1a:cc:fa:47:29:25:7c:f1:9b:22:37:56:62:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 25 10:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a9370b5b08055472eff3ac9a5ea6132692d1626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:37:b3:81:f4:b8:1f:f2:04:fc:d3:4f:81:
c6:de:46:fe:b3:a0:f2:65:1d:1a:76:00:2c:4f:ba:
be:dc:b7:ca:c8:d3:28:ce:c8:d2:50:6c:df:a9:4d:
3d:7e:e7:65:24:dc:e3:b6:09:9d:c7:6a:5e:af:82:
64:26:2b:61:6d:66:c8:92:79:44:16:59:6e:9e:63:
3c:38:31:03:71:96:20:e3:a4:49:ae:3f:ef:8e:62:
99:62:c8:82:e2:7c:b4:b1:b3:cf:c0:2a:74:eb:96:
4d:90:35:c6:6d:40:6d:5c:16:5b:f6:e8:8b:41:ed:
7a:34:d5:88:bb:96:70:ba:9b:69:82:b1:78:94:4d:
5c:f6:96:69:52:cf:18:a9:07:16:b7:9c:87:07:c6:
f8:50:57:0c:fd:07:4f:72:bc:e0:9b:4e:54:c7:79:
52:18:fb:30:06:36:43:44:1e:ac:ff:07:e8:23:13:
f2:a8:e7:e2:76:22:34:9a:2a:5d:37:fb:ff:b6:b0:
f8:74:ec:70:d1:1e:aa:59:d1:b4:51:18:8f:22:b6:
9d:83:f2:b2:71:08:5f:58:d3:c6:01:c8:44:10:27:
d2:5a:ee:6a:f2:68:c6:7f:25:19:e4:54:7e:74:59:
04:78:20:48:74:98:07:7c:59:62:fb:f2:24:76:0f:
66:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:70:B5:B0:80:55:47:2E:FF:3A:C9:A5:EA:61:32:69:2D:16:26
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/KpNwtbCAVUcu_zrJpephMmktFiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0/23
89.116.135.0/24
89.116.148.0/23
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/24
89.117.12.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:eb:94:d7:3f:6d:fc:15:90:19:be:fb:6f:c4:3c:55:0d:25:
7f:26:86:23:9e:8f:a8:66:8b:99:35:36:d0:83:77:45:b5:8b:
84:e7:e2:57:30:27:4a:ae:33:b4:d7:3a:25:44:e6:38:e4:69:
e8:ab:ad:18:40:99:16:ea:d9:0d:b4:ef:68:1c:29:bd:60:c4:
63:2e:d8:61:af:6e:ba:a1:1f:c8:c2:cd:4c:a7:22:77:99:72:
13:90:98:7a:e1:c6:21:65:40:6d:a1:dd:b4:7a:d1:b3:c8:94:
f2:7a:d5:f3:a0:05:56:bc:95:bd:3a:f8:18:aa:07:28:44:eb:
db:04:d1:59:11:93:8e:03:7a:79:0b:ea:3a:3d:49:a0:b8:91:
eb:8e:e1:f3:cc:89:c0:7d:0b:45:dc:b0:db:e5:05:be:f3:64:
b5:5c:a7:a5:70:48:84:1b:c3:7a:39:c1:5a:2e:67:8d:22:a1:
5a:77:ee:ae:0e:19:9e:82:01:c8:bd:9a:e4:7a:95:89:06:c3:
e3:f8:80:51:11:d2:fc:df:b4:11:be:04:6a:85:b7:d0:ff:01:
4e:e8:86:80:84:9e:d5:eb:c2:ec:86:c0:2b:4c:c8:c8:38:d2:
31:0e:68:d8:f3:32:32:9f:e0:72:a2:24:ea:78:78:66:53:9c:
fd:2c:26:c5
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYLUpRrM+kcpJXzxmyI3VmIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI1MTA1NjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzNzBiNWIwODA1NTQ3MmVmZjNhYzlhNWVhNjEzMjY5MmQxNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu503s4H0uB/yBPzTT4HG3kb+s6Dy
ZR0adgAsT7q+3LfKyNMozsjSUGzfqU09fudlJNzjtgmdx2per4JkJithbWbIknlE
FllunmM8ODEDcZYg46RJrj/vjmKZYsiC4ny0sbPPwCp065ZNkDXGbUBtXBZb9uiL
Qe16NNWIu5ZwuptpgrF4lE1c9pZpUs8YqQcWt5yHB8b4UFcM/QdPcrzgm05Ux3lS
GPswBjZDRB6s/wfoIxPyqOfidiI0mipdN/v/trD4dOxw0R6qWdG0URiPIradg/Ky
cQhfWNPGAchEECfSWu5q8mjGfyUZ5FR+dFkEeCBIdJgHfFli+/Ikdg9mCQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFCqTcLWwgFVHLv86yaXqYTJpLRYmMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvS3BOd3RiQ0FWVWN1X3pySnBlcGhNbWt0RmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AVQu6gMEAVYmygMEAFl0NgMEAFl0RgMEAVl0WAMEAFl0YwMEAFl0ZwMEAVl0agME
AVl0cAMEAFl0cwMEAVl0fgMEAFl0hwMEAVl0lAMEAFl0nAMEAFl0oQMEAFl0qwME
AFl0rwMEAFl0sQMEAFl0wQMEAFl0ywMEAll00AMEAFl02gMEAVl03AMEAFl03wME
AFl06QMEAFl0/AMEAVl1DDAMAwQCWXUcAwQBWXUgAwQAWXVEAwQDWXVIAwQBWXVU
AwQCWXVYAwQBWXVmAwQAWXVtMAwDBABZdYEDBABZdYIDBAJZdYQDBAFZdY4DBABZ
ddcwDQYJKoZIhvcNAQELBQADggEBAJzrlNc/bfwVkBm++2/EPFUNJX8mhiOej6hm
i5k1NtCDd0W1i4Tn4lcwJ0quM7TXOiVE5jjkaeirrRhAmRbq2Q2072gcKb1gxGMu
2GGvbrqhH8jCzUynIneZchOQmHrhxiFlQG2h3bR60bPIlPJ61fOgBVa8lb06+Biq
ByhE69sE0VkRk44DenkL6jo9SaC4keuO4fPMicB9C0XcsNvlBb7zZLVcp6VwSIQb
w3o5wVouZ40ioVp37q4OGZ6CAci9muR6lYkGw+P4gFER0vzftBG+BGqFt9D/AU7o
hoCEntXrwuyGwCtMyMg40jEOaNjzMjKf4HKiJOp4eGZTnP0sJsU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org