Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/XFCaAGbeXzKWrrCVfbpCKmbAS3U.roa
File: XFCaAGbeXzKWrrCVfbpCKmbAS3U.roa (raw, json)
Hash identifier: Gfgym8nVXTHqdXYX9eOdHXA32ru6N9fBN6uk6AcYwI0=
Subject key identifier: 5C:50:9A:00:66:DE:5F:32:96:AE:B0:95:7D:BA:42:2A:66:C0:4B:75
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0A954D16
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/XFCaAGbeXzKWrrCVfbpCKmbAS3U.roa
Signing time: Tue 03 May 2022 09:54:34 +0000
ROA not before: Tue 03 May 2022 09:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.70.0/23 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.80.0/22 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.188.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.218.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.139.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.70.0/24 maxlen: 24
89.116.68.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.91.0/24 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177556758 (0xa954d16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 3 09:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c509a0066de5f3296aeb0957dba422a66c04b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:66:9a:bf:a4:7e:ad:db:13:15:68:82:09:28:
ed:b2:12:16:96:49:ab:e1:e0:cb:ff:67:69:45:f4:
83:a3:c0:36:0c:12:8e:3d:59:59:2e:8c:9d:b3:c9:
01:8a:c1:13:66:22:02:c1:df:60:81:15:4a:2f:ca:
8d:20:25:da:76:bf:46:cc:4b:d5:9d:c6:bf:0a:b3:
c3:e5:ae:c1:60:2e:f1:eb:98:fc:51:28:d0:89:06:
fa:b1:8f:01:56:1e:50:51:dc:6b:58:95:a2:9a:1c:
71:35:0b:32:86:04:92:a2:5f:89:f4:29:11:ea:85:
8d:a1:f5:a1:18:a4:8a:da:2b:ed:2d:29:48:2e:94:
f5:20:d5:a9:45:26:fa:5d:55:64:ab:ad:ab:30:f7:
ab:5d:67:fb:a5:46:9e:e1:93:20:02:dd:a5:d3:b2:
1a:32:d5:2d:5a:88:ac:d2:52:5f:88:31:8f:aa:14:
67:3c:91:ce:4a:ef:2b:3d:78:1e:80:a8:d5:ba:25:
41:37:35:32:6b:cb:f2:b5:11:6f:85:eb:dd:b6:18:
4f:3b:5f:05:da:c7:dc:80:35:15:e8:2f:db:7d:b9:
4f:8c:f5:23:57:26:6a:18:a9:52:49:b9:83:d2:2f:
12:50:b0:65:f1:5c:4e:7d:70:b7:4a:7c:d7:d0:d8:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:50:9A:00:66:DE:5F:32:96:AE:B0:95:7D:BA:42:2A:66:C0:4B:75
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/XFCaAGbeXzKWrrCVfbpCKmbAS3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.182.0-86.38.187.255
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0-89.116.70.255
89.116.76.0/24
89.116.88.0/23
89.116.91.0-89.116.92.255
89.116.106.0-89.116.108.255
89.116.125.0-89.116.128.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.153.0-89.116.154.255
89.116.158.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/23
89.116.255.0/24
89.117.6.0-89.117.9.255
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.64.0-89.117.68.255
89.117.70.0-89.117.85.255
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.102.0/23
89.117.109.0/24
89.117.112.0-89.117.117.255
89.117.129.0/24
89.117.132.0/22
89.117.139.0/24
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.188.0/24
89.117.190.0/24
89.117.215.0/24
89.117.218.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
39:2c:bd:64:16:e6:83:46:fd:e2:f9:a6:79:73:fc:aa:10:3a:
4c:1a:04:87:71:f5:3e:62:18:b1:de:5a:0d:1d:17:68:cd:38:
fa:0c:92:4c:e1:52:2f:45:09:d0:e9:b7:35:48:f8:9f:8c:57:
ca:19:9e:32:af:4a:9d:08:4c:8b:a2:07:64:0a:c3:25:f8:8c:
fa:c0:83:42:a0:9e:5f:82:0b:95:5f:ee:e3:cf:57:aa:84:37:
78:63:a0:74:fa:da:f3:02:43:8d:b6:ec:05:a1:f3:f2:22:b5:
55:19:36:aa:b8:f0:2b:23:5d:27:93:1c:60:99:cf:a6:65:4d:
ea:67:b4:c1:ef:50:b2:91:b1:cc:d0:dc:4e:e0:f7:92:78:e7:
aa:39:73:5d:27:52:2e:82:a9:63:14:76:ec:5f:19:36:a9:a5:
50:9e:02:bd:b9:d1:ce:63:d4:e4:b6:98:f0:5a:96:a1:90:b4:
2d:b3:de:5f:fe:a9:de:0d:56:75:69:55:91:1f:9e:82:80:e1:
20:51:1a:36:ff:19:61:1c:47:a8:6e:fc:a9:35:b8:8a:a0:15:
4f:fc:8a:5a:03:62:a7:5d:db:7e:40:11:57:91:89:bf:27:af:
fb:7f:03:06:26:5d:9b:27:a7:12:ce:73:45:b8:31:d7:d9:db:
eb:b3:0a:69
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgIECpVNFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUw
MzA5NTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM1MDlhMDA2NmRl
NWYzMjk2YWViMDk1N2RiYTQyMmE2NmMwNGI3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP1mmr+kfq3bExVoggko7bISFpZJq+Hgy/9naUX0g6PANgwS
jj1ZWS6MnbPJAYrBE2YiAsHfYIEVSi/KjSAl2na/RsxL1Z3Gvwqzw+WuwWAu8euY
/FEo0IkG+rGPAVYeUFHca1iVopoccTULMoYEkqJfifQpEeqFjaH1oRikitor7S0p
SC6U9SDVqUUm+l1VZKutqzD3q11n+6VGnuGTIALdpdOyGjLVLVqIrNJSX4gxj6oU
ZzyRzkrvKz14HoCo1bolQTc1MmvL8rURb4Xr3bYYTztfBdrH3IA1Fegv2325T4z1
I1cmahipUkm5g9IvElCwZfFcTn1wt0p819DYmf0CAwEAAaOCA/EwggPtMB0GA1Ud
DgQWBBRcUJoAZt5fMpausJV9ukIqZsBLdTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L1hGQ2FBR2JlWHpLV3JyQ1ZmYnBDS21iQVMzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AgUGCCsGAQUFBwEHAQH/BIIB9DCCAfAwggHsBAIAATCCAeQDBAFULuoDBAFWJrIw
DAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OjAMAwQCWXREAwQAWXRGAwQA
WXRMAwQBWXRYMAwDBABZdFsDBABZdFwwDAMEAVl0agMEAFl0bDAMAwQAWXR9AwQA
WXSAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkDBABZdI0wDAMEAll0lAMEAFl0
ljAMAwQAWXSZAwQAWXSaAwQAWXSeAwQAWXShAwQAWXSjAwQAWXSmAwQAWXSvAwQA
WXSxAwQAWXSzMAwDBANZdLgDBABZdLowDAMEAFl0vQMEAFl0vgMEAFl0wQMEAVl0
0gMEAFl02gMEAVl0/AMEAFl0/zAMAwQBWXUGAwQBWXUIAwQBWXUMAwQBWXUYMAwD
BAJZdRwDBAFZdSADBAFZdSQwDAMEBll1QAMEAFl1RDAMAwQBWXVGAwQBWXVUAwQC
WXVYMAwDBAFZdV4DBAJZdWADBAFZdWYDBABZdW0wDAMEBFl1cAMEAVl1dAMEAFl1
gQMEAll1hAMEAFl1iwMEAVl1jjAMAwQBWXWeAwQCWXWgAwQAWXW8AwQAWXW+AwQA
WXXXAwQAWXXaAwQAWXXeAwQBWXXkAwQAWXX1AwQAWXX6AwQAWXX+MA0GCSqGSIb3
DQEBCwUAA4IBAQA5LL1kFuaDRv3i+aZ5c/yqEDpMGgSHcfU+Yhix3loNHRdozTj6
DJJM4VIvRQnQ6bc1SPifjFfKGZ4yr0qdCEyLogdkCsMl+Iz6wINCoJ5fgguVX+7j
z1eqhDd4Y6B0+trzAkONtuwFofPyIrVVGTaquPArI10nkxxgmc+mZU3qZ7TB71Cy
kbHM0NxO4PeSeOeqOXNdJ1IugqljFHbsXxk2qaVQngK9udHOY9TktpjwWpahkLQt
s95f/qneDVZ1aVWRH56CgOEgURo2/xlhHEeobvypNbiKoBVP/IpaA2KnXdt+QBFX
kYm/J6/7fwMGJl2bJ6cSznNFuDHX2dvrswpp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org