Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OsmrQchELOxdGnf3gsNyknznDkY.roa
File: OsmrQchELOxdGnf3gsNyknznDkY.roa (raw, json)
Hash identifier: Z3MmXPA049gSQMqOztTFtma40M0r28QPn0jYSKyGHPM=
Subject key identifier: 3A:C9:AB:41:C8:44:2C:EC:5D:1A:77:F7:82:C3:72:92:7C:E7:0E:46
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0183E56BD4D7FDD6FD0C2F11F89D9561BC3C
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OsmrQchELOxdGnf3gsNyknznDkY.roa
Signing time: Mon 17 Oct 2022 10:09:52 +0000
ROA not before: Mon 17 Oct 2022 10:09:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:6b:d4:d7:fd:d6:fd:0c:2f:11:f8:9d:95:61:bc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 17 10:09:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ac9ab41c8442cec5d1a77f782c372927ce70e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:77:fe:fe:a9:f9:e9:28:e9:b9:97:1f:0e:
b7:3d:39:85:cf:4f:63:1b:b8:b0:6d:cf:3c:88:26:
ab:0e:21:fa:5f:d4:b0:cf:5b:89:6a:83:0e:c0:3e:
f7:52:96:0f:87:5d:e3:97:55:12:e6:66:ad:e2:6b:
ff:05:3a:0f:8d:6e:7c:7e:82:f5:33:40:8e:9a:1e:
2a:ce:e5:cb:7e:71:51:16:df:40:a9:09:69:65:43:
81:c7:22:92:9c:bb:46:2b:de:87:41:de:58:7b:a1:
89:38:3a:4a:b5:2a:10:34:af:f0:56:b4:48:11:e9:
2a:6c:7c:22:91:b6:59:2c:8d:1b:12:f0:c3:35:6c:
b6:d1:ea:43:96:d7:93:04:52:72:48:2a:bf:15:7e:
e5:ee:12:11:ca:51:21:9e:89:1e:bc:c8:9f:71:df:
68:f5:12:5e:8b:64:6d:a0:6d:fd:93:5a:e9:78:19:
d4:d6:00:80:8c:11:81:ba:cc:b7:98:16:66:05:cf:
40:b6:8b:d7:5a:47:65:ba:e2:e0:cd:f3:06:4f:43:
9b:8d:73:7d:f2:1a:94:c5:a0:9e:c0:68:d1:21:2d:
5f:9a:e8:c3:af:5e:9e:3e:c6:db:88:1f:58:33:1c:
2a:d6:4d:5f:00:e0:c1:8c:b9:d9:db:3b:29:15:88:
7a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C9:AB:41:C8:44:2C:EC:5D:1A:77:F7:82:C3:72:92:7C:E7:0E:46
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/OsmrQchELOxdGnf3gsNyknznDkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
47:39:48:2d:dd:47:aa:46:d5:5e:5b:b4:fc:d6:29:81:1d:7d:
11:0d:a0:8c:85:7c:bf:11:67:5a:53:d6:6f:81:17:5b:34:97:
52:4c:15:03:f5:a4:12:67:c7:b5:eb:97:26:4c:71:e0:c4:c1:
29:f8:67:1e:3d:75:9a:99:93:cc:58:8f:ea:7e:c0:af:96:7b:
5b:95:33:d9:cb:f4:c3:75:05:b7:af:b6:dc:a1:69:40:68:50:
5b:cf:36:c9:25:6b:04:66:51:34:4c:78:12:11:da:f3:3c:a2:
5a:c7:54:5a:25:62:49:8b:33:14:70:4c:30:2c:e9:9f:6c:e4:
04:3f:bf:4c:38:44:31:df:fb:6e:85:56:02:3f:f0:e6:bd:26:
88:62:79:cd:98:29:ce:5b:c3:d1:e6:a2:03:18:fd:40:6e:fa:
77:be:cf:a1:cc:f6:f9:d4:1c:d0:05:46:3d:c9:71:86:f4:31:
e3:aa:4d:e1:ed:85:61:80:09:6a:7d:66:f1:1b:f8:e4:2a:86:
c8:cd:8c:3e:db:25:63:7b:08:69:38:7e:18:ba:a9:28:d2:81:
4d:a5:50:a5:b6:08:e6:8a:d6:76:f1:59:b2:8b:84:37:37:b0:
31:51:45:8d:c6:e3:88:72:22:86:eb:e6:94:2a:4b:b7:97:6b:
b2:f9:6f:c4
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYPla9TX/db9DC8R+J2VYbw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDE3MTAwOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM5YWI0MWM4NDQyY2VjNWQxYTc3Zjc4MmMzNzI5MjdjZTcwZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna13/v6p+eko6bmXHw63PTmFz09j
G7iwbc88iCarDiH6X9Swz1uJaoMOwD73UpYPh13jl1US5mat4mv/BToPjW58foL1
M0COmh4qzuXLfnFRFt9AqQlpZUOBxyKSnLtGK96HQd5Ye6GJODpKtSoQNK/wVrRI
EekqbHwikbZZLI0bEvDDNWy20epDlteTBFJySCq/FX7l7hIRylEhnokevMifcd9o
9RJei2RtoG39k1rpeBnU1gCAjBGBusy3mBZmBc9AtovXWkdluuLgzfMGT0ObjXN9
8hqUxaCewGjRIS1fmujDr16ePsbbiB9YMxwq1k1fAODBjLnZ2zspFYh6SwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFDrJq0HIRCzsXRp394LDcpJ85w5GMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvT3NtclFjaEVMT3hkR25mM2dzTnlrbnpuRGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBABZdMEDBAFZ
dNIDBABZdNoDBABZdPwDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAME
All1WAMEAVl1XgMEAFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgME
AFl11wMEAFl13gMEAVl15AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEA
RzlILd1HqkbVXlu0/NYpgR19EQ2gjIV8vxFnWlPWb4EXWzSXUkwVA/WkEmfHteuX
Jkxx4MTBKfhnHj11mpmTzFiP6n7Ar5Z7W5Uz2cv0w3UFt6+23KFpQGhQW882ySVr
BGZRNEx4EhHa8zyiWsdUWiViSYszFHBMMCzpn2zkBD+/TDhEMd/7boVWAj/w5r0m
iGJ5zZgpzlvD0eaiAxj9QG76d77Pocz2+dQc0AVGPclxhvQx46pN4e2FYYAJan1m
8Rv45CqGyM2MPtslY3sIaTh+GLqpKNKBTaVQpbYI5orWdvFZsouENzewMVFFjcbj
iHIihuvmlCpLt5drsvlvxA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org