Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cXDCnCDxV_2b8rJDmnzPOHRq5_o.roa
File: cXDCnCDxV_2b8rJDmnzPOHRq5_o.roa (raw, json)
Hash identifier: /W7iFl6sGq0NccJkde5UMxXWNkUM7eByQ7RU5LtVXs8=
Subject key identifier: 71:70:C2:9C:20:F1:57:FD:9B:F2:B2:43:9A:7C:CF:38:74:6A:E7:FA
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0A27B13E
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cXDCnCDxV_2b8rJDmnzPOHRq5_o.roa
Signing time: Wed 06 Apr 2022 05:22:41 +0000
ROA not before: Wed 06 Apr 2022 05:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.80.0/22 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.96.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.188.0/24 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.216.0/23 maxlen: 24
89.117.218.0/24 maxlen: 24
89.117.226.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
84.46.234.0/23 maxlen: 24
89.117.168.0/23 maxlen: 24
89.117.167.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.146.0/23 maxlen: 24
89.116.158.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.116.52.0/23 maxlen: 24
89.116.68.0/23 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.76.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.91.0/24 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.239.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.250.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.117.6.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.164.0/23 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.202.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
86.38.182.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.117.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170373438 (0xa27b13e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Apr 6 05:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7170c29c20f157fd9bf2b2439a7ccf38746ae7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:35:7d:f6:49:2d:82:9d:cb:9a:b7:e7:5c:0e:
fa:bf:24:42:ae:e8:d0:b6:49:d4:07:47:ea:00:70:
50:e9:b5:01:74:2a:ba:c6:4a:78:5d:e3:d4:36:9d:
c8:09:f0:b2:aa:87:f7:56:70:85:53:b2:43:f7:1a:
6c:84:5b:9e:7c:6e:39:96:47:18:5a:e8:13:53:ce:
8d:30:ed:e1:7a:9d:32:7c:5a:23:3b:e9:d6:fd:ac:
71:4f:5a:6c:ad:33:26:c1:5c:10:58:01:e7:89:ba:
62:8c:7d:f7:bd:6e:1c:ac:c0:ae:60:a0:2f:df:e6:
dd:7d:37:af:50:c4:49:99:45:6d:38:4c:6c:4f:0a:
c2:ae:9a:a0:7b:a5:43:89:f9:16:b3:4b:2d:b1:7e:
61:54:18:df:ef:6e:0a:6f:a7:5d:5f:08:80:1a:3f:
e9:3a:ae:aa:e2:6d:08:30:81:2a:96:6b:52:63:aa:
6e:84:d3:74:35:33:29:1a:82:6e:d5:ff:b6:73:82:
c0:63:8c:90:81:2f:1b:b6:d1:49:6d:91:f1:1e:89:
0e:4f:7b:6d:da:55:1a:5e:fe:4c:fe:05:cb:31:75:
65:4a:9f:6f:95:89:5c:91:f6:a9:73:08:5a:d4:26:
80:3d:a0:44:7c:45:25:c8:87:3b:54:9c:22:78:5d:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:70:C2:9C:20:F1:57:FD:9B:F2:B2:43:9A:7C:CF:38:74:6A:E7:FA
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cXDCnCDxV_2b8rJDmnzPOHRq5_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.182.0-86.38.187.255
86.38.202.0/23
86.38.246.0/23
89.116.52.0/23
89.116.58.0/23
89.116.68.0-89.116.70.255
89.116.76.0/24
89.116.88.0/23
89.116.91.0-89.116.92.255
89.116.106.0-89.116.108.255
89.116.125.0-89.116.128.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.146.0-89.116.150.255
89.116.153.0-89.116.154.255
89.116.158.0/24
89.116.161.0/24
89.116.163.0-89.116.166.255
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.202.0/24
89.116.210.0/23
89.116.218.0/24
89.116.239.0/24
89.116.250.0/24
89.116.252.0/23
89.116.255.0/24
89.117.6.0-89.117.9.255
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.36.0/23
89.117.64.0-89.117.68.255
89.117.70.0-89.117.85.255
89.117.88.0/22
89.117.94.0-89.117.99.255
89.117.102.0/23
89.117.109.0/24
89.117.112.0-89.117.117.255
89.117.129.0/24
89.117.132.0/22
89.117.139.0/24
89.117.142.0/23
89.117.158.0-89.117.163.255
89.117.167.0-89.117.169.255
89.117.188.0/24
89.117.190.0/24
89.117.215.0-89.117.218.255
89.117.222.0/24
89.117.226.0-89.117.229.255
89.117.245.0/24
89.117.250.0/24
89.117.254.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:9d:b2:14:1d:f7:f8:fa:4e:83:99:2b:b8:42:fb:0a:57:c9:
18:b6:0c:af:d8:6d:28:68:bd:dc:c3:32:43:f6:7c:7d:45:3e:
d7:89:27:4b:80:b1:8e:d0:00:23:6c:27:44:e9:36:36:c2:9e:
38:41:86:55:df:e5:19:44:89:1d:26:67:a5:7f:61:83:79:f0:
84:b1:f9:33:8f:e1:e5:d1:01:fc:77:2e:08:b9:1e:0b:56:a9:
9c:1c:ac:d7:d0:52:04:f7:aa:ff:4b:5e:5c:88:62:a8:e6:95:
94:4e:65:2b:9f:04:dd:97:2a:28:18:cc:fa:0e:4a:ca:22:bd:
70:bf:d9:10:26:59:c6:45:47:66:0a:24:03:bb:34:34:d3:84:
fd:f7:88:66:3e:d4:27:e7:77:97:74:d1:e5:d8:76:61:86:39:
b8:9d:95:e3:27:d5:cf:1a:d2:ef:d7:6f:40:a2:d8:19:69:31:
7d:97:99:74:39:60:1b:2a:a8:63:06:d9:c2:1a:0d:63:8d:3e:
a5:47:08:43:b0:ec:b6:75:14:c4:0e:b3:b8:d4:b9:7b:7c:05:
c4:9b:53:14:cc:bc:37:be:4f:24:a3:b9:62:c8:64:4f:dd:ab:
cd:66:5a:bf:fe:8b:ae:4a:3e:7b:71:6b:f5:ae:a7:a4:34:8d:
48:6d:28:39
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIECiexPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQw
NjA1MjI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE3MGMyOWMyMGYx
NTdmZDliZjJiMjQzOWE3Y2NmMzg3NDZhZTdmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOo1ffZJLYKdy5q351wO+r8kQq7o0LZJ1AdH6gBwUOm1AXQq
usZKeF3j1DadyAnwsqqH91ZwhVOyQ/cabIRbnnxuOZZHGFroE1POjTDt4XqdMnxa
Izvp1v2scU9abK0zJsFcEFgB54m6Yox9971uHKzArmCgL9/m3X03r1DESZlFbThM
bE8Kwq6aoHulQ4n5FrNLLbF+YVQY3+9uCm+nXV8IgBo/6TququJtCDCBKpZrUmOq
boTTdDUzKRqCbtX/tnOCwGOMkIEvG7bRSW2R8R6JDk97bdpVGl7+TP4FyzF1ZUqf
b5WJXJH2qXMIWtQmgD2gRHxFJciHO1ScInhdoxECAwEAAaOCBCMwggQfMB0GA1Ud
DgQWBBRxcMKcIPFX/ZvyskOafM84dGrn+jAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2NYRENuQ0R4Vl8yYjhySkRtbnpQT0hScTVfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AjcGCCsGAQUFBwEHAQH/BIICJjCCAiIwggIeBAIAATCCAhYDBAFULuoDBAFWJrIw
DAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0NAMEAVl0OjAMAwQCWXREAwQA
WXRGAwQAWXRMAwQBWXRYMAwDBABZdFsDBABZdFwwDAMEAVl0agMEAFl0bDAMAwQA
WXR9AwQAWXSAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkDBABZdI0wDAMEAVl0
kgMEAFl0ljAMAwQAWXSZAwQAWXSaAwQAWXSeAwQAWXShMAwDBABZdKMDBABZdKYD
BAFZdKwDBABZdK8DBABZdLEDBABZdLMwDAMEA1l0uAMEAFl0ujAMAwQAWXS9AwQA
WXS+AwQAWXTKAwQBWXTSAwQAWXTaAwQAWXTvAwQAWXT6AwQBWXT8AwQAWXT/MAwD
BAFZdQYDBAFZdQgDBAFZdQwDBAFZdRgwDAMEAll1HAMEAVl1IAMEAVl1JDAMAwQG
WXVAAwQAWXVEMAwDBAFZdUYDBAFZdVQDBAJZdVgwDAMEAVl1XgMEAll1YAMEAVl1
ZgMEAFl1bTAMAwQEWXVwAwQBWXV0AwQAWXWBAwQCWXWEAwQAWXWLAwQBWXWOMAwD
BAFZdZ4DBAJZdaAwDAMEAFl1pwMEAVl1qAMEAFl1vAMEAFl1vjAMAwQAWXXXAwQA
WXXaAwQAWXXeMAwDBAFZdeIDBAFZdeQDBABZdfUDBABZdfoDBABZdf4wDQYJKoZI
hvcNAQELBQADggEBAL2dshQd9/j6ToOZK7hC+wpXyRi2DK/YbShovdzDMkP2fH1F
PteJJ0uAsY7QACNsJ0TpNjbCnjhBhlXf5RlEiR0mZ6V/YYN58ISx+TOP4eXRAfx3
Lgi5HgtWqZwcrNfQUgT3qv9LXlyIYqjmlZROZSufBN2XKigYzPoOSsoivXC/2RAm
WcZFR2YKJAO7NDTThP33iGY+1Cfnd5d00eXYdmGGObidleMn1c8a0u/Xb0Ci2Blp
MX2XmXQ5YBsqqGMG2cIaDWONPqVHCEOw7LZ1FMQOs7jUuXt8BcSbUxTMvDe+TySj
uWLIZE/dq81mWr/+i65KPntxa/Wup6Q0jUhtKDk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org