Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iDL90uLhkiwiQdWs3LkClY6LWbM.roa
File: iDL90uLhkiwiQdWs3LkClY6LWbM.roa (raw, json)
Hash identifier: q8qoRwtSrzQbzMI9NS1sRv3fO7VB5MgwPqDptKrD9cs=
Subject key identifier: 88:32:FD:D2:E2:E1:92:2C:22:41:D5:AC:DC:B9:02:95:8E:8B:59:B3
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D9AD9D1DE17E7833C35C1F6C80AE597C
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iDL90uLhkiwiQdWs3LkClY6LWbM.roa
Signing time: Fri 26 Aug 2022 10:23:29 +0000
ROA not before: Fri 26 Aug 2022 10:23:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:ad:9d:1d:e1:7e:78:33:c3:5c:1f:6c:80:ae:59:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 26 10:23:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8832fdd2e2e1922c2241d5acdcb902958e8b59b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:99:be:9a:ed:d2:46:c4:e4:ee:cf:41:fb:e2:
6e:be:d0:26:01:f5:e2:48:ea:ed:7b:72:ec:bf:25:
af:e2:cb:73:ab:dd:9c:eb:2f:16:2d:2a:8d:0d:b2:
94:0d:ba:e9:21:d1:9f:59:c7:50:0f:3f:b0:9a:e5:
c0:95:5a:ed:82:85:7c:98:03:e2:71:5a:03:c4:78:
d3:54:fb:82:f5:eb:64:94:7d:15:40:38:53:cf:7a:
95:5a:7b:d5:af:a7:89:bb:a9:d2:db:fb:ba:cf:69:
86:3c:17:4b:2d:01:5b:b5:a0:dc:56:e3:e5:b3:c2:
ae:b6:2a:f6:34:f2:1b:70:7c:4a:8a:bf:42:ff:bf:
f2:06:b8:6e:68:cd:ab:89:12:be:6e:2e:af:a0:39:
d9:12:87:bc:f3:61:b9:6b:71:4a:bc:ff:af:e1:77:
47:7f:66:c2:30:db:59:c1:79:e5:cb:57:4c:83:b7:
d8:55:0a:4a:65:08:fc:6d:82:6c:6c:fd:dc:42:49:
99:4b:46:26:cc:c8:f2:b8:1f:f4:6e:51:3b:08:8e:
9f:8d:e4:3a:2d:72:48:2f:51:76:9b:f6:bd:4e:9b:
ee:68:c2:de:35:0d:cb:cc:e9:36:6b:a6:14:55:6b:
aa:22:fd:02:25:99:e9:68:c2:c6:19:44:ba:f0:b4:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:32:FD:D2:E2:E1:92:2C:22:41:D5:AC:DC:B9:02:95:8E:8B:59:B3
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/iDL90uLhkiwiQdWs3LkClY6LWbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.92.0/24
89.116.108.0/24
89.116.125.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.184.0-89.116.186.255
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.102.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:2b:b1:ad:b1:13:f9:93:d8:6a:4e:28:8f:25:dd:c0:00:0e:
92:75:a0:d3:1e:21:1e:c6:ab:44:ed:a2:7d:23:64:1d:4d:c6:
1c:89:7a:36:da:a8:05:0f:b7:76:ff:f7:a8:1c:25:26:b7:c4:
17:61:53:05:fe:bb:d5:a8:5e:18:9a:cf:ac:10:4e:72:0b:b0:
4e:08:93:25:04:94:19:d3:9d:70:64:a8:1e:d8:19:02:af:5e:
49:ea:e2:d6:17:09:68:be:22:75:e4:a0:99:05:84:9a:81:0c:
38:da:cf:46:79:cf:98:de:bc:77:07:0f:fb:ff:64:cd:a9:95:
1c:67:93:27:3d:8e:b6:e7:d1:8f:35:c8:53:7c:de:8c:f9:0a:
b5:55:03:7d:6a:71:d6:07:bc:36:18:5c:38:44:ed:27:89:56:
59:6b:94:87:52:1d:ed:b2:fa:b2:c2:3d:e2:68:5b:ce:98:b9:
86:6e:8b:42:ee:4b:d8:8a:6f:80:6f:49:e3:4a:d5:f4:63:c8:
f0:0b:ac:8b:7a:93:56:9c:9c:54:79:c6:37:f6:22:7c:42:18:
78:a8:76:2f:7b:04:81:b3:13:7a:61:75:2c:87:1b:b4:c1:4f:
11:09:5b:4a:6e:c4:d9:1d:28:a3:ef:a2:ae:43:04:90:64:83:
a2:8e:50:6c
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYLZrZ0d4X54M8NcH2yArll8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI2MTAyMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMyZmRkMmUyZTE5MjJjMjI0MWQ1YWNkY2I5MDI5NThlOGI1OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZm+mu3SRsTk7s9B++JuvtAmAfXi
SOrte3LsvyWv4stzq92c6y8WLSqNDbKUDbrpIdGfWcdQDz+wmuXAlVrtgoV8mAPi
cVoDxHjTVPuC9etklH0VQDhTz3qVWnvVr6eJu6nS2/u6z2mGPBdLLQFbtaDcVuPl
s8Kutir2NPIbcHxKir9C/7/yBrhuaM2riRK+bi6voDnZEoe882G5a3FKvP+v4XdH
f2bCMNtZwXnly1dMg7fYVQpKZQj8bYJsbP3cQkmZS0YmzMjyuB/0blE7CI6fjeQ6
LXJIL1F2m/a9TpvuaMLeNQ3LzOk2a6YUVWuqIv0CJZnpaMLGGUS68LQjSwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFIgy/dLi4ZIsIkHVrNy5ApWOi1mzMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvaURMOTB1TGhraXdpUWRXczNMa0NsWTZMV2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAVQu6gMEAVYmsgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OgMEAFl0XAMEAFl0
bAMEAFl0fQMEAFl0hAMEAFl0hwMEAFl0lgMEAFl0oQMEAFl0owMEAFl0pgMEAVl0
rAMEAFl0rwMEAFl0sTAMAwQDWXS4AwQAWXS6AwQAWXTBAwQBWXTSAwQAWXTaAwQA
WXT8AwQBWXUIMAwDBAJZdRwDBAFZdSADBANZdUgDBAFZdVQDBAJZdVgDBAFZdV4D
BAFZdWYDBABZdW0DBAFZdXQDBABZdYEDBAJZdYQDBAFZdY4DBABZdb4DBABZddcD
BABZdd4DBAFZdeQDBABZdfUDBABZdfowDQYJKoZIhvcNAQELBQADggEBAA0rsa2x
E/mT2GpOKI8l3cAADpJ1oNMeIR7Gq0Tton0jZB1NxhyJejbaqAUPt3b/96gcJSa3
xBdhUwX+u9WoXhiaz6wQTnILsE4IkyUElBnTnXBkqB7YGQKvXknq4tYXCWi+InXk
oJkFhJqBDDjaz0Z5z5jevHcHD/v/ZM2plRxnkyc9jrbn0Y81yFN83oz5CrVVA31q
cdYHvDYYXDhE7SeJVllrlIdSHe2y+rLCPeJoW86YuYZui0LuS9iKb4BvSeNK1fRj
yPALrIt6k1acnFR5xjf2InxCGHiodi97BIGzE3phdSyHG7TBTxEJW0puxNkdKKPv
oq5DBJBkg6KOUGw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org