Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/T9BGvFELysoQg7mOtw9nF--PnGA.roa
File: T9BGvFELysoQg7mOtw9nF--PnGA.roa (raw, json)
Hash identifier: vJBNqhI/vg6JqjYrP9/jTmqIBEbnZMORt21MASxX0Tc=
Subject key identifier: 4F:D0:46:BC:51:0B:CA:CA:10:83:B9:8E:B7:0F:67:17:EF:8F:9C:60
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0184065D3B84154739CB5A49FAF297BF012C
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/T9BGvFELysoQg7mOtw9nF--PnGA.roa
Signing time: Sun 23 Oct 2022 19:41:24 +0000
ROA not before: Sun 23 Oct 2022 19:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:06:5d:3b:84:15:47:39:cb:5a:49:fa:f2:97:bf:01:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 23 19:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fd046bc510bcaca1083b98eb70f6717ef8f9c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7d:19:cb:1c:7c:72:09:8f:5b:39:b5:07:7c:
ba:de:3e:78:ac:13:7f:d0:5c:1e:32:17:78:f2:6a:
7c:ae:bc:45:14:91:ce:3b:fd:fa:6e:7b:1d:d5:0c:
cb:83:0e:fc:73:13:51:c7:bb:7d:71:b3:53:14:28:
97:52:de:e2:27:1c:49:3a:f2:d7:0d:ac:48:92:c9:
23:79:6d:53:bb:e1:8c:c0:50:8d:d3:25:c6:b1:28:
e8:53:9e:22:10:20:1f:a7:13:2f:83:1b:f8:71:90:
49:84:89:5a:af:5b:88:e9:e2:5b:26:96:cb:fb:f9:
b2:b9:99:f6:9a:f7:ef:3c:92:06:b8:34:73:60:3b:
ee:29:17:3d:16:9d:ce:2c:37:a7:72:bb:f3:02:4b:
8c:83:4d:93:39:c3:02:c2:85:a7:55:28:f3:45:26:
bd:d0:4a:52:7f:84:af:b1:cb:7b:3e:58:3b:ca:b8:
46:9d:f2:e0:0c:61:40:be:82:8a:ae:77:a5:f0:f0:
9c:57:5e:f4:09:dc:1f:93:7e:51:6b:9a:c6:82:9d:
08:2f:90:4e:96:ed:83:99:32:f5:f1:88:ad:dd:a0:
19:8e:79:c8:c2:a2:0f:2a:a7:89:bf:06:73:3f:74:
40:19:e8:cf:60:2d:d2:2f:2d:d7:65:3d:21:bb:34:
74:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D0:46:BC:51:0B:CA:CA:10:83:B9:8E:B7:0F:67:17:EF:8F:9C:60
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/T9BGvFELysoQg7mOtw9nF--PnGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
65:32:e1:1b:1e:6a:1f:44:23:57:b6:ae:c6:f3:f7:5e:cc:14:
a6:c1:cb:9e:a6:02:26:de:cc:bc:2d:33:e1:ba:db:14:78:d6:
26:e3:81:5e:78:69:0f:14:a2:78:19:11:66:b3:1a:60:df:10:
99:6c:d5:7e:d9:b7:ae:07:bc:af:98:f7:bf:07:5b:4f:b6:a2:
de:8a:4b:cb:94:2c:83:4a:03:07:14:ae:65:5b:16:77:94:e0:
42:5c:bb:1e:3c:07:cf:ab:c5:69:61:68:58:ba:d4:34:3d:d1:
48:7f:f0:f0:f1:05:a6:0e:61:67:c0:59:c6:83:8a:61:4c:4b:
4a:ae:f7:a1:34:8a:1d:1d:83:94:06:13:9a:95:b2:e5:e1:a7:
c5:45:27:2c:63:42:bc:86:c3:63:d7:8f:9c:cd:6e:63:fe:b2:
d8:ab:75:a3:ce:41:ed:97:28:14:07:30:2b:07:6d:a6:f2:c1:
65:94:e1:f4:5c:6c:08:6d:6f:b5:9b:63:d7:77:70:e0:92:4a:
96:31:48:0d:e9:d0:c5:c9:a4:69:ae:c7:c0:24:ea:b3:95:35:
fe:ef:49:82:02:e0:25:f1:e5:48:f6:6a:be:b4:48:be:e5:ad:
4b:21:75:4e:0f:bb:5e:a4:79:6c:1d:21:a2:c5:b1:f5:bd:e5:
19:02:1e:46
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYQGXTuEFUc5y1pJ+vKXvwEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDIzMTk0MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQwNDZiYzUxMGJjYWNhMTA4M2I5OGViNzBmNjcxN2VmOGY5YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn30Zyxx8cgmPWzm1B3y63j54rBN/
0FweMhd48mp8rrxFFJHOO/36bnsd1QzLgw78cxNRx7t9cbNTFCiXUt7iJxxJOvLX
DaxIkskjeW1Tu+GMwFCN0yXGsSjoU54iECAfpxMvgxv4cZBJhIlar1uI6eJbJpbL
+/myuZn2mvfvPJIGuDRzYDvuKRc9Fp3OLDencrvzAkuMg02TOcMCwoWnVSjzRSa9
0EpSf4Svsct7Plg7yrhGnfLgDGFAvoKKrnel8PCcV170Cdwfk35Ra5rGgp0IL5BO
lu2DmTL18Yit3aAZjnnIwqIPKqeJvwZzP3RAGejPYC3SLy3XZT0huzR0DQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFE/QRrxRC8rKEIO5jrcPZxfvj5xgMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvVDlCR3ZGRUx5c29RZzdtT3R3OW5GLS1QbkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBABZdMEDBAFZ
dNIDBABZdNoDBABZdPwDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAME
All1WAMEAVl1XgMEAFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgME
AFl11wMEAFl13gMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAZTLhGx5q
H0QjV7auxvP3XswUpsHLnqYCJt7MvC0z4brbFHjWJuOBXnhpDxSieBkRZrMaYN8Q
mWzVftm3rge8r5j3vwdbT7ai3opLy5Qsg0oDBxSuZVsWd5TgQly7HjwHz6vFaWFo
WLrUND3RSH/w8PEFpg5hZ8BZxoOKYUxLSq73oTSKHR2DlAYTmpWy5eGnxUUnLGNC
vIbDY9ePnM1uY/6y2Kt1o85B7ZcoFAcwKwdtpvLBZZTh9FxsCG1vtZtj13dw4JJK
ljFIDenQxcmkaa7HwCTqs5U1/u9JggLgJfHlSPZqvrRIvuWtSyF1Tg+7XqR5bB0h
osWx9b3lGQIeRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org