Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/dzUvi-tKlD96y4p2ocUOgEYGAIw.roa
File: dzUvi-tKlD96y4p2ocUOgEYGAIw.roa (raw, json)
Hash identifier: flE+LpYGMHBu8ONaDZQf9o52TV6PMFVOcTfmadWHB2U=
Subject key identifier: 77:35:2F:8B:EB:4A:94:3F:7A:CB:8A:76:A1:C5:0E:80:46:06:00:8C
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182866F1998ADFC7C66A4B5CDFDD83A3F42
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/dzUvi-tKlD96y4p2ocUOgEYGAIw.roa
Signing time: Wed 10 Aug 2022 06:26:44 +0000
ROA not before: Wed 10 Aug 2022 06:26:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.158.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:6f:19:98:ad:fc:7c:66:a4:b5:cd:fd:d8:3a:3f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 06:26:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77352f8beb4a943f7acb8a76a1c50e804606008c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:af:5e:f0:d5:8d:b6:dd:9a:08:d6:fc:fd:
5b:f3:cc:35:c9:34:08:f9:ff:86:3d:96:48:31:3c:
63:af:a8:0f:45:c6:3a:ec:c8:11:e0:9d:43:1b:3e:
be:dd:17:c1:f4:02:c9:54:c8:9c:84:5a:85:79:b9:
66:16:07:3d:31:04:cd:6a:64:8f:1a:40:c2:51:7e:
99:29:41:dd:fe:1e:fe:4a:38:94:33:7f:6f:af:26:
f4:35:f0:49:90:a7:90:7e:d4:64:bc:f2:83:4f:e2:
2f:5c:12:61:cd:05:ba:28:93:a8:b0:4a:25:9a:71:
ea:ef:dc:46:81:59:3c:fe:00:17:c6:2e:e2:f9:36:
32:ab:d8:d1:50:37:81:44:50:1e:d3:11:64:81:bd:
f2:ca:dc:b0:73:bd:be:43:52:c5:4c:05:10:54:52:
0d:fe:f1:78:27:7a:a7:84:0a:c7:64:1e:2c:d3:bf:
f6:e6:ec:47:25:29:8c:04:44:74:24:27:36:49:50:
ba:0b:3a:b8:96:d9:a9:01:ea:ec:2a:10:8c:2b:69:
f2:42:de:ea:c9:bc:ea:48:3c:21:8a:cf:fc:68:39:
6b:3c:44:44:9e:03:2e:4c:44:0a:93:40:47:f6:b7:
30:39:e6:48:90:97:27:16:1b:fe:4b:6d:9e:72:b7:
bc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:35:2F:8B:EB:4A:94:3F:7A:CB:8A:76:A1:C5:0E:80:46:06:00:8C
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/dzUvi-tKlD96y4p2ocUOgEYGAIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.127.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.148.0-89.116.150.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.252.0/23
89.116.255.0/24
89.117.8.0/23
89.117.12.0/23
89.117.32.0/23
89.117.36.0/23
89.117.70.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.158.0/23
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d6:98:06:e8:aa:34:94:e2:b5:85:91:22:77:60:54:80:e4:
4d:ac:ee:88:a0:49:b5:d5:74:c4:fe:33:2a:03:6f:59:4d:01:
f8:28:6f:b4:23:6c:11:21:38:02:56:9b:aa:7e:42:0c:1d:05:
19:82:11:5a:e7:17:77:ef:56:49:01:93:8a:ec:74:f9:ca:5e:
4d:db:48:f7:16:9f:35:cb:23:b0:73:9b:96:3c:33:c8:ae:12:
95:dc:cb:0d:95:93:21:74:8e:48:46:03:6b:dd:40:b0:23:3c:
03:d0:78:2e:fc:3b:55:c6:2a:a7:80:ab:16:c3:38:71:a5:8f:
ca:e5:bb:3f:dc:5d:2a:f7:f1:bb:83:33:0a:f8:ee:c3:d9:c0:
05:54:0a:38:92:5a:44:26:5c:0b:69:be:f8:d8:5c:49:0a:e2:
84:a0:f3:2a:2a:3f:b0:e1:4d:89:25:28:18:1a:d0:b9:39:b9:
aa:1d:01:c8:a3:63:16:41:05:d7:61:0e:90:05:d7:91:a6:37:
f0:c5:71:71:00:3e:c1:1b:20:ea:b4:fb:a3:64:47:c5:39:f1:
1a:88:4f:12:f4:ee:09:52:e0:0d:cb:c3:22:d7:5e:3d:fd:1d:
6d:74:91:42:0d:4f:1b:89:ba:02:80:e6:6d:26:8d:37:09:42:
ab:aa:e9:7b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYKGbxmYrfx8ZqS1zf3YOj9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMDYyNjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM1MmY4YmViNGE5NDNmN2FjYjhhNzZhMWM1MGU4MDQ2MDYwMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm6vXvDVjbbdmgjW/P1b88w1yTQI
+f+GPZZIMTxjr6gPRcY67MgR4J1DGz6+3RfB9ALJVMichFqFeblmFgc9MQTNamSP
GkDCUX6ZKUHd/h7+SjiUM39vryb0NfBJkKeQftRkvPKDT+IvXBJhzQW6KJOosEol
mnHq79xGgVk8/gAXxi7i+TYyq9jRUDeBRFAe0xFkgb3yytywc72+Q1LFTAUQVFIN
/vF4J3qnhArHZB4s07/25uxHJSmMBER0JCc2SVC6Czq4ltmpAersKhCMK2nyQt7q
ybzqSDwhis/8aDlrPEREngMuTEQKk0BH9rcwOeZIkJcnFhv+S22ecre8DwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFHc1L4vrSpQ/esuKdqHFDoBGBgCMMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvZHpVdmktdEtsRDk2eTRwMm9jVU9nRVlHQUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQBViayAwQCVia4AwQBVibKAwQBVib2AwQBWXQ6AwQBWXRYAwQAWXRcMAwDBAFZ
dGoDBABZdGwwDAMEAFl0fQMEB1l0ADAMAwQBWXSCAwQAWXSEAwQAWXSHAwQAWXSJ
MAwDBAJZdJQDBABZdJYDBABZdKEDBABZdKMDBABZdKYDBABZdLMwDAMEA1l0uAME
AFl0ugMEAVl00gMEAVl0/AMEAFl0/wMEAVl1CAMEAVl1DAMEAVl1IAMEAVl1JAME
AVl1RgMEAVl1XgMEAVl1ZgMEAVl1dAMEAVl1ngMEAFl1vgMEAFl13gMEAVl15AME
AFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAX9aYBuiqNJTitYWRIndgVIDk
TazuiKBJtdV0xP4zKgNvWU0B+ChvtCNsESE4Alabqn5CDB0FGYIRWucXd+9WSQGT
iux0+cpeTdtI9xafNcsjsHObljwzyK4SldzLDZWTIXSOSEYDa91AsCM8A9B4Lvw7
VcYqp4CrFsM4caWPyuW7P9xdKvfxu4MzCvjuw9nABVQKOJJaRCZcC2m++NhcSQri
hKDzKio/sOFNiSUoGBrQuTm5qh0ByKNjFkEF12EOkAXXkaY38MVxcQA+wRsg6rT7
o2RHxTnxGohPEvTuCVLgDcvDItdePf0dbXSRQg1PG4m6AoDmbSaNNwlCq6rpew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org