Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/12nqiUDwUipvBewR4uUBg0ZQ76s.roa
File: 12nqiUDwUipvBewR4uUBg0ZQ76s.roa (raw, json)
Hash identifier: HEP/0nZzwKgyzacP+FmppFgxcBx5vDp4ynOo7IDF5Gg=
Subject key identifier: D7:69:EA:89:40:F0:52:2A:6F:05:EC:11:E2:E5:01:83:46:50:EF:AB
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 0184332D32088E1EB4E6A67497AEB48E2724
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/12nqiUDwUipvBewR4uUBg0ZQ76s.roa
Signing time: Tue 01 Nov 2022 12:31:50 +0000
ROA not before: Tue 01 Nov 2022 12:31:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 89.117.72.0/21 maxlen: 21
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.222.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.193.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:2d:32:08:8e:1e:b4:e6:a6:74:97:ae:b4:8e:27:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Nov 1 12:31:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d769ea8940f0522a6f05ec11e2e501834650efab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:27:f0:c9:95:12:95:7f:12:58:68:7d:aa:e3:
18:cc:40:7f:da:87:13:9f:c3:59:81:63:de:98:dd:
44:c8:6e:93:b8:a9:f0:5b:9a:e6:bb:88:4d:ee:d6:
a5:64:b7:9e:ca:52:f5:a7:31:11:c1:1c:ae:47:ac:
6e:59:1b:56:20:fd:6a:cb:04:5d:6c:b8:5c:3b:98:
f1:5c:1f:ca:a4:aa:1e:44:b7:5f:45:41:fb:3d:48:
f1:62:9c:7a:0e:85:bd:4b:9f:43:6a:d2:61:22:dd:
32:23:35:5f:32:45:30:a0:c6:9c:6c:a6:6a:0f:41:
07:b5:de:03:cb:9b:6b:f6:87:9a:78:0e:b5:76:0d:
7f:0c:1f:f9:8a:00:2e:7f:05:ae:66:e1:b1:eb:66:
e9:7e:4a:cc:72:0f:b7:43:43:11:23:30:24:2a:0c:
4c:8d:1e:1f:16:77:4a:b4:c4:26:7b:c4:c4:bf:98:
2d:8e:c8:b5:0b:d3:bb:ff:bb:b8:0a:7d:8c:9f:e3:
5c:59:7f:dd:cb:9b:e7:2f:b2:52:7e:2d:fc:74:23:
18:fb:c4:33:1e:41:e9:85:6e:46:15:48:6b:4b:ba:
a2:14:92:6d:29:a3:76:ae:7c:b7:43:fa:d6:03:23:
57:66:ed:09:ba:57:54:dd:08:ba:c0:2d:8e:e4:df:
e3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:69:EA:89:40:F0:52:2A:6F:05:EC:11:E2:E5:01:83:46:50:EF:AB
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/12nqiUDwUipvBewR4uUBg0ZQ76s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.193.0/24
89.116.210.0/23
89.116.218.0/24
89.116.252.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.222.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:8e:d4:e8:f2:53:76:3a:25:3c:c7:20:dc:b6:d5:e0:ad:33:
18:d6:e4:f8:0a:66:4a:e3:5b:47:07:b9:8f:95:a9:6f:b4:01:
1e:c7:82:db:f3:57:e7:91:f8:88:53:67:ef:92:f1:e1:cd:66:
a1:a8:a5:0e:51:ad:0c:22:fe:de:34:b6:6a:19:21:0c:48:c7:
00:b4:a4:ed:4b:a3:57:cb:5e:19:1a:5a:89:31:50:c0:50:71:
6b:08:d5:b2:fa:9e:9a:13:8f:46:ae:0f:74:4e:93:aa:78:08:
bd:9d:c6:5b:98:8a:44:76:20:a5:73:ee:37:fd:af:37:e1:20:
d2:6e:92:df:3d:f4:33:84:fa:8b:78:37:81:44:be:e9:1d:df:
d7:d2:63:a1:12:ba:fb:e1:0a:d7:aa:b9:49:06:f1:f5:0b:24:
03:64:a5:2c:32:67:ac:1f:79:b4:ac:95:53:aa:59:41:02:68:
e0:2d:cd:fe:d0:e0:45:c6:40:1c:bf:f8:dc:79:fc:a1:1f:75:
2d:e4:54:db:8c:ea:eb:73:37:b4:72:3c:6d:0e:3f:81:a5:cd:
ec:7a:27:62:2f:55:9e:0e:20:54:29:58:ae:72:89:e6:1f:ef:
85:27:d3:dc:ce:6f:75:3c:ca:2c:01:09:34:dc:ee:ab:b5:5b:
6f:10:20:db
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYQzLTIIjh605qZ0l660jickMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMTAxMTIzMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY5ZWE4OTQwZjA1MjJhNmYwNWVjMTFlMmU1MDE4MzQ2NTBlZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CfwyZUSlX8SWGh9quMYzEB/2ocT
n8NZgWPemN1EyG6TuKnwW5rmu4hN7talZLeeylL1pzERwRyuR6xuWRtWIP1qywRd
bLhcO5jxXB/KpKoeRLdfRUH7PUjxYpx6DoW9S59DatJhIt0yIzVfMkUwoMacbKZq
D0EHtd4Dy5tr9oeaeA61dg1/DB/5igAufwWuZuGx62bpfkrMcg+3Q0MRIzAkKgxM
jR4fFndKtMQme8TEv5gtjsi1C9O7/7u4Cn2Mn+NcWX/dy5vnL7JSfi38dCMY+8Qz
HkHphW5GFUhrS7qiFJJtKaN2rny3Q/rWAyNXZu0JuldU3Qi6wC2O5N/jXQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFNdp6olA8FIqbwXsEeLlAYNGUO+rMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvMTJucWlVRHdVaXB2QmV3UjR1VUJnMFpRNzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBABZdMEDBAFZ
dNIDBABZdNoDBABZdPwDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAME
All1WAMEAVl1XgMEAFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgME
AFl13gMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAPY7U6PJTdjolPMcg
3LbV4K0zGNbk+ApmSuNbRwe5j5Wpb7QBHseC2/NX55H4iFNn75Lx4c1moailDlGt
DCL+3jS2ahkhDEjHALSk7UujV8teGRpaiTFQwFBxawjVsvqemhOPRq4PdE6TqngI
vZ3GW5iKRHYgpXPuN/2vN+Eg0m6S3z30M4T6i3g3gUS+6R3f19JjoRK6++EK16q5
SQbx9QskA2SlLDJnrB95tKyVU6pZQQJo4C3N/tDgRcZAHL/43Hn8oR91LeRU24zq
63M3tHI8bQ4/gaXN7HonYi9Vng4gVClYrnKJ5h/vhSfT3M5vdTzKLAEJNNzuq7Vb
bxAg2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org