Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/llzBe03rQnDo7REp7_xhYIpbWhQ.roa
File: llzBe03rQnDo7REp7_xhYIpbWhQ.roa (raw, json)
Hash identifier: QeBvGbjx/sn/VgXb1GXRMf3xQESDtxaRmW5p+sI1Q5M=
Subject key identifier: 96:5C:C1:7B:4D:EB:42:70:E8:ED:11:29:EF:FC:61:60:8A:5B:5A:14
Certificate issuer: /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial: 01841E27D9744E604B512FCEF768E16907E2
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/llzBe03rQnDo7REp7_xhYIpbWhQ.roa
Signing time: Fri 28 Oct 2022 10:33:58 +0000
ROA not before: Fri 28 Oct 2022 10:33:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 89.117.72.0/21 maxlen: 24
89.117.84.0/23 maxlen: 24
89.117.88.0/22 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.109.0/24 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.28.0/22 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.190.0/24 maxlen: 24
86.38.178.0/23 maxlen: 24
89.117.215.0/24 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.132.0/22 maxlen: 24
89.117.129.0/24 maxlen: 24
89.117.142.0/23 maxlen: 24
84.46.234.0/23 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.245.0/24 maxlen: 24
86.38.202.0/23 maxlen: 24
89.117.250.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.172.0/23 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:27:d9:74:4e:60:4b:51:2f:ce:f7:68:e1:69:07:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Validity
Not Before: Oct 28 10:33:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=965cc17b4deb4270e8ed1129effc61608a5b5a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:cd:c7:f8:03:e4:25:20:29:02:45:b2:40:
cf:e3:90:bf:5c:50:b7:bf:73:45:34:56:af:6d:17:
03:0d:17:b5:37:c9:e2:fe:40:52:09:a4:56:0a:53:
de:e9:9d:74:bb:fa:8f:ab:fc:16:c6:2f:e0:b4:bd:
11:39:00:9c:a7:58:05:85:21:17:be:07:1c:ef:bc:
e5:1c:6f:27:73:60:3d:bb:64:5b:af:88:e2:06:55:
d7:f3:82:e3:b5:e7:40:2f:30:14:a4:4a:d1:0e:ca:
d0:99:2e:43:a7:e0:74:e4:4d:3f:18:d0:d4:81:e4:
b8:94:15:00:2d:fb:07:12:23:6e:7b:e0:36:7a:e7:
a4:65:bc:0d:57:6e:19:0d:f8:37:2b:cc:17:c4:ec:
ac:c7:fb:ff:82:a8:9f:88:d1:d5:d3:45:bc:e3:50:
1f:fa:0d:61:6e:86:f5:74:2a:b0:9b:5b:94:b7:54:
84:ef:d5:23:81:65:99:ba:1e:81:da:b8:af:ba:f0:
1c:21:b6:d7:d4:ba:1e:48:ba:2d:4e:42:8c:8d:6b:
dd:3b:8f:e1:18:d3:13:b6:23:da:37:e8:13:f8:51:
3f:7e:34:00:12:2d:41:87:9b:98:0f:8c:2d:19:2e:
90:22:c4:ed:e9:b0:a4:14:b0:15:7e:8f:53:d8:fc:
1e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:5C:C1:7B:4D:EB:42:70:E8:ED:11:29:EF:FC:61:60:8A:5B:5A:14
X509v3 Authority Key Identifier:
keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/llzBe03rQnDo7REp7_xhYIpbWhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.234.0/23
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.108.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.172.0/23
89.116.175.0/24
89.116.177.0/24
89.116.210.0/23
89.116.218.0/24
89.117.8.0/23
89.117.28.0-89.117.33.255
89.117.72.0/21
89.117.84.0/23
89.117.88.0/22
89.117.94.0/23
89.117.109.0/24
89.117.116.0/23
89.117.129.0/24
89.117.132.0/22
89.117.142.0/23
89.117.190.0/24
89.117.215.0/24
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:9b:c0:66:08:30:f8:2e:a1:a4:d1:0b:55:12:2a:a0:96:76:
bc:11:ca:e6:67:84:6f:d3:a9:2e:97:a8:22:be:c2:9d:7d:ea:
fd:70:54:70:5b:17:63:45:1b:19:b7:94:52:69:c4:36:30:12:
be:21:67:5f:4b:3c:37:6f:b8:11:2f:44:73:8b:59:33:e1:8f:
dd:b5:b8:3d:31:8e:22:50:24:31:41:a1:fc:da:90:95:1b:e3:
77:04:e2:bb:f7:66:ae:f5:e2:b2:5b:c1:a8:0f:4c:1e:2f:97:
6e:79:2f:5c:82:be:ea:7c:0f:ef:c1:fe:0e:87:60:3d:74:04:
63:82:20:47:b5:26:86:5a:40:bf:23:24:63:fc:ab:ec:03:83:
02:92:60:e6:a2:38:95:37:86:1d:ed:e6:a5:38:65:5c:03:87:
08:82:d3:a8:8d:8c:db:54:6f:a2:17:c2:58:60:04:c0:8b:46:
08:df:94:4c:a6:21:57:2c:fc:40:2f:92:2c:71:59:20:d6:a2:
cb:90:9c:4b:39:a8:0e:95:e0:88:33:f4:09:1b:27:b7:00:ce:
77:4b:b4:dd:db:8d:6b:65:35:f4:c2:8c:72:a9:8a:08:44:c0:
7b:5a:aa:df:7a:00:94:a3:d0:9d:af:01:56:71:cd:27:c0:35:
05:ce:dc:c0
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYQeJ9l0TmBLUS/O92jhaQfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMDI4MTAzMzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVjYzE3YjRkZWI0MjcwZThlZDExMjllZmZjNjE2MDhhNWI1YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU3Nx/gD5CUgKQJFskDP45C/XFC3
v3NFNFavbRcDDRe1N8ni/kBSCaRWClPe6Z10u/qPq/wWxi/gtL0ROQCcp1gFhSEX
vgcc77zlHG8nc2A9u2Rbr4jiBlXX84LjtedALzAUpErRDsrQmS5Dp+B05E0/GNDU
geS4lBUALfsHEiNue+A2euekZbwNV24ZDfg3K8wXxOysx/v/gqifiNHV00W841Af
+g1hbob1dCqwm1uUt1SE79UjgWWZuh6B2rivuvAcIbbX1LoeSLotTkKMjWvdO4/h
GNMTtiPaN+gT+FE/fjQAEi1Bh5uYD4wtGS6QIsTt6bCkFLAVfo9T2PwenQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFJZcwXtN60Jw6O0RKe/8YWCKW1oUMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvbGx6QmUwM3JRbkRvN1JFcDdfeGhZSXBiV2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAFU
LuoDBAFWJrIDBAJWJrgDBAFWJsoDBAFWJvYDBABZdGwDBABZdIQDBABZdIcDBABZ
dJYDBABZdKEDBABZdKMDBABZdKYDBAFZdKwDBABZdK8DBABZdLEDBAFZdNIDBABZ
dNoDBAFZdQgwDAMEAll1HAMEAVl1IAMEA1l1SAMEAVl1VAMEAll1WAMEAVl1XgME
AFl1bQMEAVl1dAMEAFl1gQMEAll1hAMEAVl1jgMEAFl1vgMEAFl11wMEAFl19QME
AFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAPpvAZggw+C6hpNELVRIqoJZ2vBHK5meE
b9OpLpeoIr7CnX3q/XBUcFsXY0UbGbeUUmnENjASviFnX0s8N2+4ES9Ec4tZM+GP
3bW4PTGOIlAkMUGh/NqQlRvjdwTiu/dmrvXislvBqA9MHi+XbnkvXIK+6nwP78H+
DodgPXQEY4IgR7UmhlpAvyMkY/yr7AODApJg5qI4lTeGHe3mpThlXAOHCILTqI2M
21RvohfCWGAEwItGCN+UTKYhVyz8QC+SLHFZINaiy5CcSzmoDpXgiDP0CRsntwDO
d0u03duNa2U19MKMcqmKCETAe1qq33oAlKPQna8BVnHNJ8A1Bc7cwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org