Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kDkmPe-fSe6jR_iyxC861AU9PsE.roa
File: kDkmPe-fSe6jR_iyxC861AU9PsE.roa (raw, json)
Hash identifier: +cx/WIGcRQ55ikimHC0B1Ikve3VPMWGwVJqxq5nmkYA=
Subject key identifier: 90:39:26:3D:EF:9F:49:EE:A3:47:F8:B2:C4:2F:3A:D4:05:3D:3E:C1
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182D9AD9C68F8715F5C99C9D0C2829AB444
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kDkmPe-fSe6jR_iyxC861AU9PsE.roa
Signing time: Fri 26 Aug 2022 10:23:29 +0000
ROA not before: Fri 26 Aug 2022 10:23:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:ad:9c:68:f8:71:5f:5c:99:c9:d0:c2:82:9a:b4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 26 10:23:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9039263def9f49eea347f8b2c42f3ad4053d3ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:cc:04:a6:8c:d4:ac:aa:1a:0b:22:b6:3f:
58:12:d3:49:e1:6d:bf:b6:bd:1f:f6:e9:cd:96:ab:
3f:99:a9:d8:19:e8:ef:f0:d0:9d:60:3b:06:e8:ce:
5b:16:b3:e6:5b:9d:43:b8:16:51:38:eb:ee:e2:2e:
13:cf:96:c1:87:e2:2d:5d:d2:54:2f:ee:ee:d0:c0:
d0:ee:dd:ad:38:ca:05:46:03:f5:d8:af:ea:72:3f:
a7:d8:08:4c:6b:bc:0f:02:28:f9:28:2e:52:8a:59:
e5:9e:e6:b8:5a:a7:44:79:be:de:96:3f:28:79:b1:
26:94:77:19:29:64:d8:d3:ff:df:b8:ea:8d:0d:3f:
eb:4a:b8:ed:cb:c5:a7:5e:f9:d7:ad:57:07:1b:ad:
22:16:19:fe:fd:d3:86:00:e7:c3:fb:b8:eb:7d:76:
a2:ba:c6:51:39:4c:3f:25:ba:38:ba:c9:57:5c:0b:
76:92:3c:a2:97:a2:53:6d:b4:2b:f0:08:4d:35:e6:
10:9c:a2:2e:97:95:55:fa:4d:49:aa:b4:0d:a0:ae:
47:b6:24:bf:82:be:c5:53:cc:63:35:e7:7a:1c:ac:
bf:8b:d4:c9:01:f8:7e:02:5a:aa:85:8b:18:d3:9f:
c2:e7:1c:4b:1d:88:82:69:0a:84:1a:7b:f0:2f:cf:
8f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:39:26:3D:EF:9F:49:EE:A3:47:F8:B2:C4:2F:3A:D4:05:3D:3E:C1
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kDkmPe-fSe6jR_iyxC861AU9PsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.92.0/24
89.116.108.0/24
89.116.125.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.184.0-89.116.186.255
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.102.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
50:19:41:d8:b6:59:56:82:d2:50:2a:70:e9:88:90:37:3c:d0:
af:19:08:4b:b4:87:c0:b6:a1:be:d1:84:6e:bd:5a:47:55:0b:
e4:e9:ed:3f:f5:83:08:55:0b:cf:52:74:5f:e7:e8:20:cc:01:
2e:e3:24:fb:00:bb:91:5d:fa:f3:24:af:41:c1:c6:96:58:0c:
de:b8:71:0e:0f:d0:48:1b:b7:31:19:58:bb:a9:c0:41:17:ef:
85:17:5c:e5:2c:7f:73:fb:ac:f3:7e:c6:42:3c:df:55:f9:33:
b4:00:08:87:2a:e9:a7:ea:9a:e8:3b:83:a8:d9:50:1c:7c:c1:
c6:be:89:a1:86:c3:77:14:f2:fd:91:e5:45:cd:cc:1b:d5:ab:
7e:30:d4:cb:e5:74:98:b8:97:84:88:8d:d9:74:00:8b:68:4c:
aa:61:e1:26:98:75:9e:2e:6d:af:66:20:eb:4e:f9:07:04:99:
58:6a:cc:6e:ab:88:c6:a2:dd:80:e7:03:b4:04:c2:79:b4:60:
e2:25:16:99:83:0f:00:37:60:48:31:12:2d:20:aa:de:e7:19:
af:7f:52:93:5e:d3:95:ed:8f:b0:98:79:ee:98:11:b6:ed:21:
31:d1:9c:e0:8e:be:6f:ac:f9:45:be:15:45:1c:90:f9:40:93:
31:b2:f4:71
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYLZrZxo+HFfXJnJ0MKCmrREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI2MTAyMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM5MjYzZGVmOWY0OWVlYTM0N2Y4YjJjNDJmM2FkNDA1M2QzZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPnMBKaM1KyqGgsitj9YEtNJ4W2/
tr0f9unNlqs/manYGejv8NCdYDsG6M5bFrPmW51DuBZROOvu4i4Tz5bBh+ItXdJU
L+7u0MDQ7t2tOMoFRgP12K/qcj+n2AhMa7wPAij5KC5Silnlnua4WqdEeb7elj8o
ebEmlHcZKWTY0//fuOqNDT/rSrjty8WnXvnXrVcHG60iFhn+/dOGAOfD+7jrfXai
usZROUw/Jbo4uslXXAt2kjyil6JTbbQr8AhNNeYQnKIul5VV+k1JqrQNoK5HtiS/
gr7FU8xjNed6HKy/i9TJAfh+AlqqhYsY05/C5xxLHYiCaQqEGnvwL8+PRwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFJA5Jj3vn0nuo0f4ssQvOtQFPT7BMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEva0RrbVBlLWZTZTZqUl9peXhDODYxQVU5UHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQBVC7qAwQBViayAwQCVia4AwQBVibKAwQBVib2AwQBWXQ6AwQAWXRcAwQAWXRs
AwQAWXR9AwQAWXSEAwQAWXSHAwQAWXSWAwQAWXShAwQAWXSjAwQAWXSmAwQBWXSs
AwQAWXSvAwQAWXSxMAwDBANZdLgDBABZdLoDBAFZdNIDBABZdNoDBABZdPwDBAFZ
dQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAMEAll1WAMEAVl1XgMEAVl1ZgME
AFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgMEAFl11wMEAVl15AME
AFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAUBlB2LZZVoLSUCpw6YiQNzzQ
rxkIS7SHwLahvtGEbr1aR1UL5OntP/WDCFULz1J0X+foIMwBLuMk+wC7kV368ySv
QcHGllgM3rhxDg/QSBu3MRlYu6nAQRfvhRdc5Sx/c/us837GQjzfVfkztAAIhyrp
p+qa6DuDqNlQHHzBxr6JoYbDdxTy/ZHlRc3MG9WrfjDUy+V0mLiXhIiN2XQAi2hM
qmHhJph1ni5tr2Yg6075BwSZWGrMbquIxqLdgOcDtATCebRg4iUWmYMPADdgSDES
LSCq3ucZr39Sk17Tle2PsJh57pgRtu0hMdGc4I6+b6z5Rb4VRRyQ+UCTMbL0cQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-ams.rpki-client.org