Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/zvXaQa2Ci_LcjrImTKSQbUPzes0.roa
File: zvXaQa2Ci_LcjrImTKSQbUPzes0.roa (raw, json)
Hash identifier: DCbQenU/ORRAa5rgsh5Mb9scnRdMiStjb643Ysrj55s=
Subject key identifier: CE:F5:DA:41:AD:82:8B:F2:DC:8E:B2:26:4C:A4:90:6D:43:F3:7A:CD
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182A668B13D5ED2E9A5BBADDF2F81B9264D
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/zvXaQa2Ci_LcjrImTKSQbUPzes0.roa
Signing time: Tue 16 Aug 2022 11:27:35 +0000
ROA not before: Tue 16 Aug 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.117.68.0/24 maxlen: 24
89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.112.0/22 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.130.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.112.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.113.0/24 maxlen: 24
89.116.115.0/24 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.156.0/24 maxlen: 24
89.116.54.0/24 maxlen: 24
89.116.70.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.103.0/24 maxlen: 24
89.116.99.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.223.0/24 maxlen: 24
89.116.221.0/24 maxlen: 24
89.116.220.0/24 maxlen: 24
89.116.233.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.171.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.203.0/24 maxlen: 24
89.116.209.0/24 maxlen: 24
89.116.208.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:68:b1:3d:5e:d2:e9:a5:bb:ad:df:2f:81:b9:26:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 16 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cef5da41ad828bf2dc8eb2264ca4906d43f37acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e4:13:68:a3:10:c1:b1:06:12:98:b9:41:9b:
48:0e:2e:57:64:93:92:a2:4c:79:3e:e5:31:97:ed:
67:5b:58:50:6d:a1:9c:d8:9b:3f:84:e1:45:74:0b:
96:35:a1:ff:e3:60:52:3a:0e:51:85:e8:e5:67:7d:
24:9b:c2:40:69:58:b4:4f:c7:aa:7f:ad:21:22:87:
b4:20:de:9c:f3:3e:be:e2:a2:37:d9:e4:38:a9:7e:
37:ea:49:73:8d:28:ad:7a:29:f8:c6:8c:da:83:03:
b5:74:ed:7d:0d:83:8d:30:be:1a:aa:07:9a:78:8e:
96:25:a0:17:09:e6:bc:89:43:69:37:e0:42:37:35:
e5:8e:9d:6b:51:de:d9:ac:87:39:a1:4c:af:9b:a3:
0a:7a:24:ba:9f:71:e8:1a:56:7c:c3:60:8b:ff:58:
43:08:bb:c8:1a:b0:be:79:0a:da:10:82:b9:23:99:
cb:50:7c:95:34:39:29:fe:c1:06:63:8f:3b:6b:5f:
14:3a:24:db:94:3f:6e:2d:94:86:22:de:f0:06:6b:
34:7e:09:35:f8:77:1e:03:a8:a7:c8:0a:d3:ad:e0:
ab:d8:f8:14:15:75:29:4e:15:b2:12:e1:c6:4d:2b:
a1:eb:a0:25:db:3c:c9:8e:af:29:a2:c4:e1:3f:d8:
11:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F5:DA:41:AD:82:8B:F2:DC:8E:B2:26:4C:A4:90:6D:43:F3:7A:CD
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/zvXaQa2Ci_LcjrImTKSQbUPzes0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.202.0/23
89.116.54.0/24
89.116.70.0/24
89.116.88.0/23
89.116.99.0/24
89.116.103.0/24
89.116.106.0/23
89.116.112.0/23
89.116.115.0/24
89.116.126.0/23
89.116.130.0/23
89.116.135.0/24
89.116.148.0/23
89.116.156.0/24
89.116.161.0/24
89.116.171.0/24
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.203.0/24
89.116.208.0/22
89.116.218.0/24
89.116.220.0/23
89.116.223.0/24
89.116.233.0/24
89.116.252.0/23
89.117.12.0/23
89.117.24.0/23
89.117.28.0-89.117.33.255
89.117.68.0/24
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.102.0/23
89.117.109.0/24
89.117.112.0/22
89.117.129.0-89.117.130.255
89.117.132.0/22
89.117.142.0/23
89.117.215.0/24
Signature Algorithm: sha256WithRSAEncryption
16:5b:85:93:fe:c0:9b:f1:e4:37:82:e9:77:d6:df:9d:a9:e2:
cc:6d:a1:6e:39:65:cb:8d:b4:6b:66:ed:5a:29:43:a6:aa:58:
45:55:bf:f3:9c:60:ad:dd:42:5b:1f:e0:88:7f:f8:9e:a5:b5:
82:67:47:df:fb:35:b8:57:e3:ec:31:ab:78:8a:5b:84:42:fd:
71:33:f7:45:8a:7d:2d:d3:10:28:65:34:a8:d3:7b:ed:14:2a:
f9:23:23:16:76:67:35:fd:f2:49:4d:d0:56:0e:ca:c0:0e:e0:
e9:a7:b0:21:02:dd:ad:3d:54:cb:b3:75:e8:2c:82:b7:7f:c6:
7e:93:45:8a:a2:a9:aa:58:3c:09:e5:92:16:e8:37:4e:6f:f6:
d7:36:cf:46:07:b2:4c:55:20:51:ba:dd:1c:47:98:69:14:3b:
da:27:18:e2:0b:05:db:8e:5f:00:da:5d:ab:e3:cb:cb:31:a2:
d5:74:d6:1d:74:31:de:ad:e5:24:2e:dc:0c:91:7d:c5:ea:7e:
6b:06:59:b0:a4:95:df:df:97:38:2e:6e:35:43:ee:d2:52:13:
50:08:52:0d:f9:8d:ad:70:8a:95:b9:44:98:30:d2:bb:f5:b7:
0e:77:f9:fc:c1:05:01:0d:14:11:1e:14:23:b5:30:32:f4:11:
06:1f:1c:03
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYKmaLE9XtLppbut3y+BuSZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE2MTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWY1ZGE0MWFkODI4YmYyZGM4ZWIyMjY0Y2E0OTA2ZDQzZjM3YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieQTaKMQwbEGEpi5QZtIDi5XZJOS
okx5PuUxl+1nW1hQbaGc2Js/hOFFdAuWNaH/42BSOg5RhejlZ30km8JAaVi0T8eq
f60hIoe0IN6c8z6+4qI32eQ4qX436klzjSitein4xozagwO1dO19DYONML4aqgea
eI6WJaAXCea8iUNpN+BCNzXljp1rUd7ZrIc5oUyvm6MKeiS6n3HoGlZ8w2CL/1hD
CLvIGrC+eQraEIK5I5nLUHyVNDkp/sEGY487a18UOiTblD9uLZSGIt7wBms0fgk1
+HceA6inyArTreCr2PgUFXUpThWyEuHGTSuh66Al2zzJjq8posThP9gRVQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFM712kGtgovy3I6yJkykkG1D83rNMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvenZYYVFhMkNpX0xjanJJbVRLU1FiVVB6ZXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAVQu6gMEAVYmygMEAFl0NgMEAFl0RgMEAVl0WAMEAFl0YwMEAFl0ZwMEAVl0
agMEAVl0cAMEAFl0cwMEAVl0fgMEAVl0ggMEAFl0hwMEAVl0lAMEAFl0nAMEAFl0
oQMEAFl0qwMEAFl0rwMEAFl0sQMEAFl0wQMEAFl0ywMEAll00AMEAFl02gMEAVl0
3AMEAFl03wMEAFl06QMEAVl0/AMEAVl1DAMEAVl1GDAMAwQCWXUcAwQBWXUgAwQA
WXVEAwQDWXVIAwQBWXVUAwQCWXVYAwQBWXVmAwQAWXVtAwQCWXVwMAwDBABZdYED
BABZdYIDBAJZdYQDBAFZdY4DBABZddcwDQYJKoZIhvcNAQELBQADggEBABZbhZP+
wJvx5DeC6XfW352p4sxtoW45ZcuNtGtm7VopQ6aqWEVVv/OcYK3dQlsf4Ih/+J6l
tYJnR9/7NbhX4+wxq3iKW4RC/XEz90WKfS3TEChlNKjTe+0UKvkjIxZ2ZzX98klN
0FYOysAO4OmnsCEC3a09VMuzdegsgrd/xn6TRYqiqapYPAnlkhboN05v9tc2z0YH
skxVIFG63RxHmGkUO9onGOILBduOXwDaXavjy8sxotV01h10Md6t5SQu3AyRfcXq
fmsGWbCkld/flzgubjVD7tJSE1AIUg35ja1wipW5RJgw0rv1tw53+fzBBQENFBEe
FCO1MDL0EQYfHAM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:34 2025 by rpki-client