Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ZsCCPHo0Uh-UbnA4Br9AC7hEicQ.roa
File: ZsCCPHo0Uh-UbnA4Br9AC7hEicQ.roa (raw, json)
Hash identifier: lKcwG0kTSv6cHH+TLVyiCEh8tXMdXAOTl8JOgM1TwOY=
Subject key identifier: 66:C0:82:3C:7A:34:52:1F:94:6E:70:38:06:BF:40:0B:B8:44:89:C4
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 094C2295
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ZsCCPHo0Uh-UbnA4Br9AC7hEicQ.roa
Signing time: Thu 03 Feb 2022 06:01:35 +0000
ROA not before: Thu 03 Feb 2022 06:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.80.0/22 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.216.0/23 maxlen: 24
89.117.226.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
89.117.168.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.146.0/23 maxlen: 24
89.116.52.0/23 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.68.0/23 maxlen: 24
89.116.72.0/22 maxlen: 24
86.38.220.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.246.0/23 maxlen: 24
89.116.242.0/23 maxlen: 24
89.117.6.0/23 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.164.0/23 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.180.0/22 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.212.0/22 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.4.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155984533 (0x94c2295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 3 06:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66c0823c7a34521f946e703806bf400bb84489c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:92:a5:7c:ca:fc:95:bf:51:05:9e:47:c7:
cb:08:e8:5e:5e:4e:c8:8b:f2:8b:ac:65:a8:28:a7:
92:c9:14:58:46:3a:23:aa:7e:8d:9e:7d:84:a4:19:
1a:21:96:7b:9f:1b:86:36:ce:8e:03:b3:cc:64:42:
6a:2f:fe:20:49:4d:7d:1f:8a:d0:23:96:f6:d7:df:
2a:2c:6e:56:5c:ae:7b:de:c6:f8:bb:0b:ed:c6:81:
44:e3:2b:55:6a:e2:c0:8d:37:09:dd:b1:cc:5e:50:
d5:dd:33:ed:ee:8a:ee:4a:f3:5d:dc:b9:d2:ed:1d:
75:88:f1:e9:10:8b:c0:f4:dd:28:c2:55:07:73:ca:
72:1d:1f:10:79:f3:03:5c:5a:14:ed:b2:5f:34:b8:
af:07:51:b2:86:3f:68:e9:48:b9:51:28:44:26:59:
48:57:83:e6:6f:8b:b8:1c:ec:86:44:cc:d6:fa:28:
04:c2:6e:c4:de:8a:8c:9e:15:3f:20:a8:36:56:c6:
7d:5c:6e:58:7e:16:c0:a4:11:50:6f:75:e9:d7:b3:
a2:19:45:1e:59:ea:d6:1f:5e:7e:b4:d8:a8:a4:9c:
39:e4:d0:85:0c:4b:06:dc:94:e6:db:ff:1d:b9:e5:
8b:3f:77:d2:86:77:3f:cd:58:09:77:65:04:62:29:
67:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C0:82:3C:7A:34:52:1F:94:6E:70:38:06:BF:40:0B:B8:44:89:C4
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/ZsCCPHo0Uh-UbnA4Br9AC7hEicQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.4.0/23
86.38.178.0/23
86.38.182.0-86.38.187.255
86.38.202.0/23
86.38.220.0/23
86.38.246.0/23
89.116.52.0/23
89.116.58.0/23
89.116.68.0/23
89.116.72.0/22
89.116.88.0/23
89.116.106.0/23
89.116.126.0/23
89.116.130.0/23
89.116.146.0-89.116.149.255
89.116.164.0/23
89.116.172.0/23
89.116.180.0-89.116.185.255
89.116.210.0-89.116.215.255
89.116.242.0/23
89.116.246.0/23
89.117.6.0-89.117.9.255
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.64.0/22
89.117.70.0-89.117.85.255
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.102.0/23
89.117.112.0-89.117.117.255
89.117.132.0/22
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.168.0/23
89.117.216.0/23
89.117.226.0-89.117.229.255
Signature Algorithm: sha256WithRSAEncryption
7a:60:50:72:5d:60:8d:2c:3c:35:9f:04:c4:e1:eb:7e:9c:d4:
0d:4f:e5:87:c4:d4:49:b9:b9:d2:61:5b:b4:b3:72:70:09:c4:
ab:06:76:32:b5:91:e2:cc:a6:18:3b:f1:36:5b:08:58:9e:71:
85:56:96:86:71:f8:d2:d6:1a:50:2a:78:3f:d5:41:37:08:06:
73:08:75:bb:f2:43:83:0d:c7:36:f0:3e:3a:5f:b0:bd:9d:aa:
95:ca:22:e8:1a:32:b0:31:a7:3d:a8:dd:76:62:5f:f2:c9:a9:
e9:9d:35:17:a3:62:f7:a7:3a:97:04:26:3b:0f:7d:3b:b9:bf:
6c:f6:d1:fa:41:77:5c:46:62:5b:9b:a3:86:d0:40:60:f8:dc:
c8:a1:ab:06:b2:a8:ce:62:d9:e8:fc:d1:42:d1:94:6d:ae:f1:
11:19:ea:7e:4c:77:52:c7:26:6f:27:57:94:0e:b0:8f:cc:10:
4b:77:1a:75:87:e4:b5:1c:fd:b2:73:c2:c2:b9:09:6f:1f:f9:
f5:2f:50:54:ec:47:40:0b:96:e1:08:e2:56:37:84:71:2a:c8:
17:56:c7:76:03:07:f9:1b:08:2b:ae:64:16:c1:e3:c5:2d:bf:
ed:c1:a2:a0:01:ea:24:51:21:f9:e4:3c:9e:da:fa:f5:e2:b0:
ea:e3:52:90
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIECUwilTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIw
MzA2MDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjZjMDgyM2M3YTM0
NTIxZjk0NmU3MDM4MDZiZjQwMGJiODQ0ODljNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjskqV8yvyVv1EFnkfHywjoXl5OyIvyi6xlqCinkskUWEY6
I6p+jZ59hKQZGiGWe58bhjbOjgOzzGRCai/+IElNfR+K0COW9tffKixuVlyue97G
+LsL7caBROMrVWriwI03Cd2xzF5Q1d0z7e6K7krzXdy50u0ddYjx6RCLwPTdKMJV
B3PKch0fEHnzA1xaFO2yXzS4rwdRsoY/aOlIuVEoRCZZSFeD5m+LuBzshkTM1voo
BMJuxN6KjJ4VPyCoNlbGfVxuWH4WwKQRUG916dezohlFHlnq1h9efrTYqKScOeTQ
hQxLBtyU5tv/Hbnliz930oZ3P81YCXdlBGIpZ4MCAwEAAaOCA08wggNLMB0GA1Ud
DgQWBBRmwII8ejRSH5RucDgGv0ALuESJxDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L1pzQ0NQSG8wVWgtVWJuQTRCcjlBQzdoRWljUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWMGCCsGAQUFBwEHAQH/BIIBUjCCAU4wggFKBAIAATCCAUIDBAFULuoDBAFWJgQD
BAFWJrIwDAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm3AMEAVYm9gMEAVl0NAMEAVl0
OgMEAVl0RAMEAll0SAMEAVl0WAMEAVl0agMEAVl0fgMEAVl0gjAMAwQBWXSSAwQB
WXSUAwQBWXSkAwQBWXSsMAwDBAJZdLQDBAFZdLgwDAMEAVl00gMEA1l00AMEAVl0
8gMEAVl09jAMAwQBWXUGAwQBWXUIAwQBWXUMAwQBWXUYMAwDBAJZdRwDBAFZdSAD
BAFZdSQDBAJZdUAwDAMEAVl1RgMEAVl1VAMEAll1WDAMAwQBWXVeAwQCWXVgAwQB
WXVmMAwDBARZdXADBAFZdXQDBAJZdYQDBAFZdY4wDAMEAVl1ngMEAll1oAMEAVl1
qAMEAVl12DAMAwQBWXXiAwQBWXXkMA0GCSqGSIb3DQEBCwUAA4IBAQB6YFByXWCN
LDw1nwTE4et+nNQNT+WHxNRJubnSYVu0s3JwCcSrBnYytZHizKYYO/E2WwhYnnGF
VpaGcfjS1hpQKng/1UE3CAZzCHW78kODDcc28D46X7C9naqVyiLoGjKwMac9qN12
Yl/yyanpnTUXo2L3pzqXBCY7D307ub9s9tH6QXdcRmJbm6OG0EBg+NzIoasGsqjO
Ytno/NFC0ZRtrvERGep+THdSxyZvJ1eUDrCPzBBLdxp1h+S1HP2yc8LCuQlvH/n1
L1BU7EdAC5bhCOJWN4RxKsgXVsd2Awf5GwgrrmQWwePFLb/twaKgAeokUSH55Dye
2vr14rDq41KQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org