Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PIjXoRlnLJCLiFZtV8Psxup3MZU.roa
File: PIjXoRlnLJCLiFZtV8Psxup3MZU.roa (raw, json)
Hash identifier: Pbgx9pPQoeye62zxLL9XTe9lP+tM2bAAs5BhmrDcZgY=
Subject key identifier: 3C:88:D7:A1:19:67:2C:90:8B:88:56:6D:57:C3:EC:C6:EA:77:31:95
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0AEC523A
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PIjXoRlnLJCLiFZtV8Psxup3MZU.roa
Signing time: Wed 18 May 2022 13:02:17 +0000
ROA not before: Wed 18 May 2022 13:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 89.117.109.0/24 maxlen: 24
82.140.183.0/24 maxlen: 24
86.38.4.0/23 maxlen: 24
89.117.48.0/20 maxlen: 24
89.117.64.0/22 maxlen: 24
86.38.180.0/23 maxlen: 24
89.117.120.0/22 maxlen: 24
84.46.200.0/24 maxlen: 24
89.117.160.0/22 maxlen: 24
86.38.246.0/23 maxlen: 24
86.38.242.0/23 maxlen: 24
86.38.241.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
86.38.189.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.200.0/24 maxlen: 24
89.116.68.0/23 maxlen: 24
86.38.214.0/24 maxlen: 24
86.38.220.0/23 maxlen: 24
86.38.226.0/24 maxlen: 24
89.116.96.0/24 maxlen: 24
86.38.238.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.242.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
89.117.11.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183259706 (0xaec523a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 18 13:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c88d7a119672c908b88566d57c3ecc6ea773195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e8:4d:e5:2f:e3:d9:4b:5f:46:e2:36:5f:a1:
6e:95:69:2c:17:2a:4a:b3:f3:0f:cc:36:01:ec:fe:
30:0b:67:44:70:b6:09:23:3a:6d:e2:e3:38:9e:9b:
69:a5:d5:a2:b6:84:b6:1c:52:18:82:aa:7b:c0:79:
49:75:69:35:5b:10:e2:46:78:5f:4e:9c:c6:96:82:
12:da:20:dd:72:a2:a6:d9:71:a3:05:4f:db:a5:51:
d0:4e:a9:cb:0c:54:7f:97:1c:4b:0c:fd:ba:62:0a:
29:0c:1a:e6:ef:73:f3:4a:6b:1c:a0:13:c3:1d:b6:
03:87:5e:ba:1e:53:73:ab:85:73:56:b4:1f:64:ef:
14:5e:41:c2:46:2d:a3:e4:59:90:b0:12:eb:d2:5a:
e7:d1:54:6e:33:f3:c2:3b:cb:80:c4:f0:61:be:14:
0d:9e:a4:4e:87:f0:2e:8d:4c:f0:e5:1d:b6:73:db:
2a:57:27:f0:4b:cc:8c:5c:9f:ae:10:70:6b:b9:98:
96:e8:be:85:b9:db:88:64:54:e8:44:b3:5b:56:31:
1e:a7:32:fa:4d:58:cf:05:2b:3c:ef:dd:27:ad:33:
a5:e2:fe:5b:3f:50:32:0e:92:30:30:13:c6:e0:b0:
16:40:96:63:bb:0f:4d:4c:89:f5:ab:f9:06:31:b7:
0e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:88:D7:A1:19:67:2C:90:8B:88:56:6D:57:C3:EC:C6:EA:77:31:95
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/PIjXoRlnLJCLiFZtV8Psxup3MZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.183.0/24
84.46.200.0/24
86.38.4.0/23
86.38.180.0/23
86.38.189.0/24
86.38.200.0/24
86.38.214.0/24
86.38.220.0/23
86.38.226.0/24
86.38.238.0/24
86.38.241.0-86.38.243.255
86.38.246.0/23
89.116.56.0/24
89.116.58.0/23
89.116.68.0/23
89.116.96.0/24
89.116.135.0/24
89.116.156.0/24
89.116.158.0/24
89.116.175.0/24
89.116.177.0/24
89.116.218.0/24
89.116.242.0/23
89.116.246.0/23
89.117.11.0/24
89.117.48.0-89.117.67.255
89.117.109.0/24
89.117.120.0/22
89.117.160.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:bd:6b:9d:8b:3a:68:9e:0b:c2:31:ff:dc:f7:10:90:a6:87:
c4:a1:15:bf:de:e9:3f:a8:09:2f:5e:cc:6a:a6:e9:61:c2:06:
74:7f:52:ee:eb:8f:37:da:3e:ca:b2:06:10:a6:2d:87:a3:f3:
08:62:b0:7d:32:60:eb:af:be:21:1d:dd:4b:d3:77:cc:ca:92:
17:82:48:ad:62:3b:26:ca:d0:f5:a7:51:97:6b:09:3b:92:af:
be:11:bd:4a:d2:c3:0a:f4:71:5c:1d:e7:d8:1a:56:10:61:9f:
db:66:92:eb:fd:78:b8:ea:5e:53:37:2e:b7:11:7d:4d:4e:f5:
64:c2:bf:ad:d2:ad:03:d3:43:07:9d:a0:8c:bf:e2:7d:e4:09:
d7:95:9b:5b:b9:02:be:f8:87:4d:14:52:44:98:73:33:4b:f8:
9d:13:82:33:c3:01:43:91:81:f5:d2:72:e2:ee:81:fa:82:98:
e5:73:65:77:be:0b:73:f7:5a:19:b8:3a:8d:da:76:b9:5f:6e:
e5:e7:48:b0:07:2d:b3:98:e8:61:0a:07:a1:c0:5b:b8:ed:a3:
c8:16:28:41:79:5a:fc:ff:6c:76:3b:96:5f:5d:f0:ab:21:05:
24:6e:de:72:80:48:bb:c5:09:71:05:ab:cf:7e:ee:73:24:c8:
01:ad:27:51
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIECuxSOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
ODEzMDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M4OGQ3YTExOTY3
MmM5MDhiODg1NjZkNTdjM2VjYzZlYTc3MzE5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAILoTeUv49lLX0biNl+hbpVpLBcqSrPzD8w2Aez+MAtnRHC2
CSM6beLjOJ6baaXVoraEthxSGIKqe8B5SXVpNVsQ4kZ4X06cxpaCEtog3XKiptlx
owVP26VR0E6pywxUf5ccSwz9umIKKQwa5u9z80prHKATwx22A4deuh5Tc6uFc1a0
H2TvFF5BwkYto+RZkLAS69Ja59FUbjPzwjvLgMTwYb4UDZ6kTofwLo1M8OUdtnPb
Klcn8EvMjFyfrhBwa7mYlui+hbnbiGRU6ESzW1YxHqcy+k1YzwUrPO/dJ60zpeL+
Wz9QMg6SMDATxuCwFkCWY7sPTUyJ9av5BjG3DtkCAwEAAaOCAsYwggLCMB0GA1Ud
DgQWBBQ8iNehGWcskIuIVm1Xw+zG6ncxlTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L1BJalhvUmxuTEpDTGlGWnRWOFBzeHVwM01aVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2wYIKwYBBQUHAQcBAf8EgcswgcgwgcUEAgABMIG+AwQAUoy3AwQAVC7IAwQBViYE
AwQBVia0AwQAVia9AwQAVibIAwQAVibWAwQBVibcAwQAVibiAwQAVibuMAwDBABW
JvEDBAJWJvADBAFWJvYDBABZdDgDBAFZdDoDBAFZdEQDBABZdGADBABZdIcDBABZ
dJwDBABZdJ4DBABZdK8DBABZdLEDBABZdNoDBAFZdPIDBAFZdPYDBABZdQswDAME
BFl1MAMEAll1QAMEAFl1bQMEAll1eAMEAll1oDANBgkqhkiG9w0BAQsFAAOCAQEA
s71rnYs6aJ4LwjH/3PcQkKaHxKEVv97pP6gJL17MaqbpYcIGdH9S7uuPN9o+yrIG
EKYth6PzCGKwfTJg66++IR3dS9N3zMqSF4JIrWI7JsrQ9adRl2sJO5KvvhG9StLD
CvRxXB3n2BpWEGGf22aS6/14uOpeUzcutxF9TU71ZMK/rdKtA9NDB52gjL/ifeQJ
15WbW7kCvviHTRRSRJhzM0v4nROCM8MBQ5GB9dJy4u6B+oKY5XNld74Lc/daGbg6
jdp2uV9u5edIsActs5joYQoHocBbuO2jyBYoQXla/P9sdjuWX13wqyEFJG7ecoBI
u8UJcQWrz37ucyTIAa0nUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org