Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WHHAg0AKaktqSN9aYxEh-rZvoQs.roa
File: WHHAg0AKaktqSN9aYxEh-rZvoQs.roa (raw, json)
Hash identifier: Rzs/4hQiB+JZBR785WKSkl+NZI1Mxq2uKaPbUMC0muQ=
Subject key identifier: 58:71:C0:83:40:0A:6A:4B:6A:48:DF:5A:63:11:21:FA:B6:6F:A1:0B
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D9AD9B7FEF66D3039A5817F013E122FE
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WHHAg0AKaktqSN9aYxEh-rZvoQs.roa
Signing time: Fri 26 Aug 2022 10:23:29 +0000
ROA not before: Fri 26 Aug 2022 10:23:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:ad:9b:7f:ef:66:d3:03:9a:58:17:f0:13:e1:22:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 26 10:23:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5871c083400a6a4b6a48df5a631121fab66fa10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:2b:60:a4:f7:d1:cb:e4:03:0d:69:ef:fa:
e1:35:60:b6:1b:ff:46:56:32:8c:c2:f8:0a:8d:8e:
fc:92:77:47:84:8d:df:c7:45:9f:82:b2:7f:80:ef:
d7:b5:02:b4:44:e4:ba:7b:b1:66:ce:9e:f6:c3:4c:
60:34:f9:0c:32:28:20:65:f1:93:0b:e9:31:c8:63:
69:ec:2e:2e:b3:ea:04:b6:b3:0e:76:a9:56:32:89:
16:40:72:11:ea:24:92:96:08:f3:70:66:62:be:05:
cd:7b:00:12:38:16:9d:bb:6c:a8:c9:db:3f:b0:59:
93:b5:2d:64:28:35:27:38:7b:c9:fa:01:cd:3d:cb:
a6:56:29:fb:f3:8f:17:82:16:a9:c8:02:cf:45:25:
32:e2:a6:26:24:82:50:8d:e6:1e:b1:3e:2c:dc:40:
37:5f:52:d1:fb:0f:65:e2:15:80:a4:10:c5:83:cd:
95:86:d0:45:14:6c:4a:7d:9a:d7:99:fb:24:b6:f6:
ac:8e:3a:f1:94:ab:57:eb:3f:ae:dc:64:f1:42:5b:
b9:91:b1:b1:f0:52:67:62:b6:a0:21:ea:d6:14:bf:
0f:3b:e1:89:d3:a9:ae:69:79:2f:73:2c:91:97:28:
e0:4d:3c:c4:6d:a2:df:1c:e3:71:2b:11:09:bd:a5:
3d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:71:C0:83:40:0A:6A:4B:6A:48:DF:5A:63:11:21:FA:B6:6F:A1:0B
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WHHAg0AKaktqSN9aYxEh-rZvoQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.99.0/24
89.116.103.0/24
89.116.112.0/23
89.116.115.0/24
89.116.135.0/24
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/24
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
14:53:83:7f:fd:59:b9:5d:11:cc:98:0d:0a:0a:37:cf:f9:98:
ba:cd:45:4a:19:e2:b9:a7:da:68:8f:91:07:33:49:63:cb:b7:
93:b4:72:40:ab:6c:64:c5:d1:a1:d6:a2:f4:be:f0:89:b3:d5:
db:32:77:bc:cb:70:20:36:7d:f6:52:ae:f5:b5:e6:20:5e:7d:
83:6b:4a:7a:42:09:88:cd:26:9e:73:5c:d9:ea:3c:cf:70:dd:
52:db:12:aa:43:71:23:d9:1d:1c:ae:e9:41:44:34:e1:f4:0a:
7e:7c:ea:b2:f9:e8:55:f1:29:e1:48:58:b7:2b:c0:f3:92:1e:
c4:a6:51:ef:3b:36:ae:6a:f5:6e:34:97:49:27:22:9c:62:f5:
70:ef:94:0a:31:7e:6e:d0:27:ed:3e:c7:80:78:c0:69:8c:b0:
93:f8:8f:a2:c0:be:03:b8:83:4e:5b:16:6b:91:c6:2b:74:3e:
24:26:d5:b0:f4:10:09:ef:9b:0f:18:cc:b8:17:8e:f5:40:c7:
d6:65:cb:a8:d1:5d:48:ea:ff:5c:e7:32:1a:2b:dd:e9:fd:c9:
64:a0:24:a0:55:76:55:c4:3d:01:9f:a1:fa:08:d1:f4:aa:c1:
47:23:f3:d4:be:bd:08:74:44:7c:16:5f:2d:20:30:43:5d:99:
ed:c8:c6:19
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYLZrZt/72bTA5pYF/AT4SL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI2MTAyMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODcxYzA4MzQwMGE2YTRiNmE0OGRmNWE2MzExMjFmYWI2NmZhMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp34rYKT30cvkAw1p7/rhNWC2G/9G
VjKMwvgKjY78kndHhI3fx0WfgrJ/gO/XtQK0ROS6e7Fmzp72w0xgNPkMMiggZfGT
C+kxyGNp7C4us+oEtrMOdqlWMokWQHIR6iSSlgjzcGZivgXNewASOBadu2yoyds/
sFmTtS1kKDUnOHvJ+gHNPcumVin7848XghapyALPRSUy4qYmJIJQjeYesT4s3EA3
X1LR+w9l4hWApBDFg82VhtBFFGxKfZrXmfsktvasjjrxlKtX6z+u3GTxQlu5kbGx
8FJnYragIerWFL8PO+GJ06muaXkvcyyRlyjgTTzEbaLfHONxKxEJvaU9LQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFFhxwINACmpLakjfWmMRIfq2b6ELMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvV0hIQWcwQUtha3RxU045YVl4RWgtclp2b1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAFU
LuoDBAFWJsoDBABZdDYDBABZdEYDBABZdGMDBABZdGcDBAFZdHADBABZdHMDBABZ
dIcDBABZdJwDBABZdKEDBABZdKsDBABZdK8DBABZdLEDBABZdMEDBABZdMsDBAJZ
dNADBABZdNoDBAFZdNwDBABZdN8DBABZdOkDBABZdPwwDAMEAll1HAMEAVl1IAME
AFl1RAMEA1l1SAMEAVl1VAMEAll1WAMEAVl1ZgMEAFl1bTAMAwQAWXWBAwQAWXWC
AwQCWXWEAwQBWXWOAwQAWXXXMA0GCSqGSIb3DQEBCwUAA4IBAQAUU4N//Vm5XRHM
mA0KCjfP+Zi6zUVKGeK5p9poj5EHM0ljy7eTtHJAq2xkxdGh1qL0vvCJs9XbMne8
y3AgNn32Uq71teYgXn2Da0p6QgmIzSaec1zZ6jzPcN1S2xKqQ3Ej2R0crulBRDTh
9Ap+fOqy+ehV8SnhSFi3K8Dzkh7EplHvOzauavVuNJdJJyKcYvVw75QKMX5u0Cft
PseAeMBpjLCT+I+iwL4DuINOWxZrkcYrdD4kJtWw9BAJ75sPGMy4F471QMfWZcuo
0V1I6v9c5zIaK93p/clkoCSgVXZVxD0Bn6H6CNH0qsFHI/PUvr0IdER8Fl8tIDBD
XZntyMYZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org