Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uch5fMGVKJqXidBkMAqvJHTkkrY.roa
File: uch5fMGVKJqXidBkMAqvJHTkkrY.roa (raw, json)
Hash identifier: TNNnCllGoE2gBsRe4NH3Cag3hMrF/qusP1YfUoulLhw=
Subject key identifier: B9:C8:79:7C:C1:95:28:9A:97:89:D0:64:30:0A:AF:24:74:E4:92:B6
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0184065D3AE106E9387CA2885525E96F5F17
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uch5fMGVKJqXidBkMAqvJHTkkrY.roa
Signing time: Sun 23 Oct 2022 19:41:23 +0000
ROA not before: Sun 23 Oct 2022 19:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.245.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:06:5d:3a:e1:06:e9:38:7c:a2:88:55:25:e9:6f:5f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Oct 23 19:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9c8797cc195289a9789d064300aaf2474e492b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:2d:8b:45:85:47:ca:19:7e:de:29:be:39:
39:83:a1:65:21:82:1b:f2:40:dc:b4:09:4a:82:54:
6f:b9:69:a8:5c:77:2d:d5:15:cb:98:60:dc:3d:96:
43:93:16:43:f6:71:b2:84:4f:bf:73:21:62:98:f0:
07:a8:d4:42:76:6f:c6:b3:2a:77:e9:a7:95:b9:6d:
95:a0:c1:99:6f:3f:84:c1:7e:d5:7b:98:85:38:cc:
a0:4b:0f:12:91:96:78:f7:48:1a:65:b5:8f:8b:08:
0d:3b:e0:0f:31:c1:bc:ba:19:8a:16:c3:fb:73:a0:
5a:12:0a:41:7d:c2:1c:b4:dc:b1:88:3d:62:a3:b7:
02:e9:5f:b8:30:1f:fe:39:7d:c8:ff:f0:3e:7d:05:
fc:dc:dc:7d:e3:9a:86:50:d0:45:52:aa:a3:7d:66:
00:89:63:bc:57:53:c9:12:6f:46:92:99:c0:e6:80:
cd:36:51:6a:6b:70:49:d2:7c:6f:69:50:8f:c5:5d:
06:13:b6:33:9d:2a:cf:f2:bb:ef:38:96:33:68:5d:
9d:7e:80:03:ea:5f:04:1c:6f:4d:4c:04:eb:0a:0c:
60:57:c8:bc:ef:04:74:dd:0a:13:90:ac:a6:8f:c8:
c9:b0:c0:f5:6c:aa:0a:e2:09:df:13:c6:80:7e:66:
b6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C8:79:7C:C1:95:28:9A:97:89:D0:64:30:0A:AF:24:74:E4:92:B6
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/uch5fMGVKJqXidBkMAqvJHTkkrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.210.0/23
89.116.218.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
09:37:21:f6:dc:d2:3e:4a:10:78:42:be:23:47:1a:27:9f:bc:
37:94:cb:b7:01:87:3c:21:16:56:55:be:f3:73:f2:34:84:68:
58:fb:89:3f:96:f1:25:0a:1a:4e:97:7c:b7:2c:c5:fc:b6:5e:
95:7f:1e:7b:95:59:e4:59:10:c6:b0:3c:53:5c:f5:d9:97:15:
8f:58:a9:a2:07:db:bd:3e:97:38:29:12:cf:99:3e:15:bd:5a:
d8:07:06:03:3b:67:09:44:51:3b:cc:24:31:36:24:b4:dd:91:
cd:5b:ed:2a:6a:67:c4:96:a7:ac:ae:02:b9:96:95:8e:f5:ea:
27:58:ec:08:65:a0:fb:2e:f7:c9:34:79:f2:62:e6:a5:99:05:
3f:4a:9a:2d:92:a1:5b:4b:06:6e:7a:28:66:82:44:65:64:64:
5a:77:b2:02:05:b9:87:f8:fc:9e:b4:e2:81:0d:ef:c6:fa:c3:
9a:28:0f:74:28:b7:5e:7b:90:bb:69:e1:90:26:39:85:cb:f5:
af:ba:e0:87:23:b2:b3:2e:8b:28:29:4d:07:72:2d:99:dd:e7:
23:ab:66:5a:d7:7e:e4:bb:8c:f4:c6:be:50:a0:60:ae:5a:74:
ae:7e:71:90:f0:fb:b4:f1:ad:12:ce:b9:95:13:9e:01:5c:ac:
05:92:f3:f4
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYQGXTrhBuk4fKKIVSXpb18XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDIzMTk0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM4Nzk3Y2MxOTUyODlhOTc4OWQwNjQzMDBhYWYyNDc0ZTQ5MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHoti0WFR8oZft4pvjk5g6FlIYIb
8kDctAlKglRvuWmoXHct1RXLmGDcPZZDkxZD9nGyhE+/cyFimPAHqNRCdm/Gsyp3
6aeVuW2VoMGZbz+EwX7Ve5iFOMygSw8SkZZ490gaZbWPiwgNO+APMcG8uhmKFsP7
c6BaEgpBfcIctNyxiD1io7cC6V+4MB/+OX3I//A+fQX83Nx945qGUNBFUqqjfWYA
iWO8V1PJEm9GkpnA5oDNNlFqa3BJ0nxvaVCPxV0GE7YznSrP8rvvOJYzaF2dfoAD
6l8EHG9NTATrCgxgV8i87wR03QoTkKymj8jJsMD1bKoK4gnfE8aAfma2ZQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFLnIeXzBlSial4nQZDAKryR05JK2MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvdWNoNWZNR1ZLSnFYaWRCa01BcXZKSFRra3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBAFZdNIDBABZ
dNoDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAMEAll1WAMEAVl1XgME
AFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgMEAFl11wMEAFl19QME
AFl1+jANBgkqhkiG9w0BAQsFAAOCAQEACTch9tzSPkoQeEK+I0caJ5+8N5TLtwGH
PCEWVlW+83PyNIRoWPuJP5bxJQoaTpd8tyzF/LZelX8ee5VZ5FkQxrA8U1z12ZcV
j1ipogfbvT6XOCkSz5k+Fb1a2AcGAztnCURRO8wkMTYktN2RzVvtKmpnxJanrK4C
uZaVjvXqJ1jsCGWg+y73yTR58mLmpZkFP0qaLZKhW0sGbnooZoJEZWRkWneyAgW5
h/j8nrTigQ3vxvrDmigPdCi3XnuQu2nhkCY5hcv1r7rghyOysy6LKClNB3Itmd3n
I6tmWtd+5LuM9Ma+UKBgrlp0rn5xkPD7tPGtEs65lROeAVysBZLz9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org