Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/vDOXKv3s3E_4WM_IaQw4StvhV7c.roa
File: vDOXKv3s3E_4WM_IaQw4StvhV7c.roa (raw, json)
Hash identifier: uWVRX8yZ/fjWKsUivV5ranNq5033P9p+Kz2MLCAm/hA=
Subject key identifier: BC:33:97:2A:FD:EC:DC:4F:F8:58:CF:C8:69:0C:38:4A:DB:E1:57:B7
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182866F1749323B190B5CACAE35AEE77B9F
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/vDOXKv3s3E_4WM_IaQw4StvhV7c.roa
Signing time: Wed 10 Aug 2022 06:26:43 +0000
ROA not before: Wed 10 Aug 2022 06:26:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:86:6f:17:49:32:3b:19:0b:5c:ac:ae:35:ae:e7:7b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 10 06:26:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc33972afdecdc4ff858cfc8690c384adbe157b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e5:43:c4:56:b6:30:cf:01:e6:b9:91:c4:0b:
d1:51:93:47:1f:c6:c7:77:36:23:78:50:5f:0d:3b:
a5:2a:b0:d7:89:a9:85:4a:e1:10:af:65:b5:1a:e6:
2f:ec:2a:66:42:3f:7c:e5:94:04:ae:6b:a4:74:4e:
46:a5:6b:49:bb:b1:d0:1f:8c:a1:4f:25:cb:98:aa:
11:59:2b:29:10:9f:9b:12:0d:d9:99:8d:51:8d:b2:
d4:be:b0:ac:30:b2:53:03:de:af:df:95:79:5b:8a:
a8:5e:7a:2d:97:bf:84:d7:de:59:b7:9c:43:6a:a1:
37:84:98:2c:2f:79:1e:6d:3e:eb:77:02:11:de:6e:
21:fe:e6:89:af:d1:da:0f:95:2a:53:80:72:1b:1c:
a3:3d:25:44:55:d6:0f:df:1f:d6:65:d3:4d:9e:96:
f1:2c:8e:67:66:2c:93:08:71:ff:2b:67:74:18:ee:
50:80:69:13:5b:95:14:ce:55:c0:fa:22:ab:29:c9:
88:15:20:47:b1:f7:3b:d4:fe:f7:26:21:73:41:3d:
5f:71:a3:19:fb:bd:88:41:39:74:93:1d:a7:2c:3c:
37:f5:35:53:20:92:09:28:73:15:1b:78:5e:b7:75:
6e:f2:18:c0:64:83:ee:94:c5:3b:74:55:b1:2b:52:
bc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:33:97:2A:FD:EC:DC:4F:F8:58:CF:C8:69:0C:38:4A:DB:E1:57:B7
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/vDOXKv3s3E_4WM_IaQw4StvhV7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0/23
89.116.130.0/23
89.116.135.0/24
89.116.148.0/23
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/23
89.116.255.0/24
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.112.0/22
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b4:32:37:70:8f:1b:af:2c:14:09:bb:21:dd:c7:70:6e:52:
98:73:f4:c5:63:15:ef:37:29:6a:f8:0a:3e:36:b3:47:c1:08:
4f:41:3c:93:d7:51:9b:2d:77:5d:29:74:f5:ca:22:59:3c:39:
33:e7:d7:14:7d:c2:fa:5c:72:70:03:c5:c0:97:c6:37:2c:bb:
92:53:3c:0a:cf:15:73:bd:d0:73:9f:3a:03:d3:27:30:e1:1c:
53:a3:44:42:5f:6e:4f:1f:65:9d:aa:a4:a2:ee:d7:22:31:6c:
20:1f:10:23:23:61:59:56:28:6d:84:a6:13:03:30:db:14:a0:
ce:ba:16:27:7e:d9:71:9f:da:60:79:3b:64:95:06:05:fb:22:
87:8d:d5:78:d1:6b:e0:17:90:e2:ea:74:bc:88:42:1d:e6:37:
4c:03:7c:77:63:79:7a:c7:9f:27:d3:ee:aa:ab:07:c6:49:c8:
64:32:28:12:bf:fe:42:86:8a:26:d6:68:cb:96:13:c3:0c:8f:
7b:e3:4c:24:6d:91:d3:eb:ed:a7:e8:48:06:d4:77:bc:d7:3c:
b4:2d:66:50:7a:fe:3b:d1:39:5b:95:b1:4e:f0:36:04:5f:17:
17:70:17:9c:67:4a:40:ab:f5:2f:35:ff:c2:30:ff:bf:a3:ba:
3a:c9:91:88
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYKGbxdJMjsZC1ysrjWu53ufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODEwMDYyNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzMzOTcyYWZkZWNkYzRmZjg1OGNmYzg2OTBjMzg0YWRiZTE1N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneVDxFa2MM8B5rmRxAvRUZNHH8bH
dzYjeFBfDTulKrDXiamFSuEQr2W1GuYv7CpmQj985ZQErmukdE5GpWtJu7HQH4yh
TyXLmKoRWSspEJ+bEg3ZmY1RjbLUvrCsMLJTA96v35V5W4qoXnotl7+E195Zt5xD
aqE3hJgsL3kebT7rdwIR3m4h/uaJr9HaD5UqU4ByGxyjPSVEVdYP3x/WZdNNnpbx
LI5nZiyTCHH/K2d0GO5QgGkTW5UUzlXA+iKrKcmIFSBHsfc71P73JiFzQT1fcaMZ
+72IQTl0kx2nLDw39TVTIJIJKHMVG3het3Vu8hjAZIPulMU7dFWxK1K8iwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFLwzlyr97NxP+FjPyGkMOErb4Ve3MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvdkRPWEt2M3MzRV80V01fSWFRdzRTdHZoVjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEAVQu6gMEAVYmygMEAFl0NgMEAFl0RgMEAVl0WAMEAFl0YwMEAFl0ZwMEAVl0
agMEAVl0cAMEAFl0cwMEAVl0fgMEAVl0ggMEAFl0hwMEAVl0lAMEAFl0nAMEAFl0
oQMEAFl0qwMEAFl0rwMEAFl0sQMEAFl0wQMEAFl0ywMEAll00AMEAFl02gMEAVl0
3AMEAFl03wMEAFl06QMEAVl0/AMEAFl0/wMEAVl1DAMEAVl1GDAMAwQCWXUcAwQB
WXUgAwQAWXVEAwQDWXVIAwQBWXVUAwQCWXVYAwQBWXVmAwQAWXVtAwQCWXVwMAwD
BABZdYEDBABZdYIDBAJZdYQDBAFZdY4DBABZddcwDQYJKoZIhvcNAQELBQADggEB
AH60MjdwjxuvLBQJuyHdx3BuUphz9MVjFe83KWr4Cj42s0fBCE9BPJPXUZstd10p
dPXKIlk8OTPn1xR9wvpccnADxcCXxjcsu5JTPArPFXO90HOfOgPTJzDhHFOjREJf
bk8fZZ2qpKLu1yIxbCAfECMjYVlWKG2EphMDMNsUoM66Fid+2XGf2mB5O2SVBgX7
IoeN1XjRa+AXkOLqdLyIQh3mN0wDfHdjeXrHnyfT7qqrB8ZJyGQyKBK//kKGiibW
aMuWE8MMj3vjTCRtkdPr7afoSAbUd7zXPLQtZlB6/jvROVuVsU7wNgRfFxdwF5xn
SkCr9S81/8Iw/7+jujrJkYg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org