Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/0dbCw_00L1n0YXM_jI0qyIv7MZo.roa
File: 0dbCw_00L1n0YXM_jI0qyIv7MZo.roa (raw, json)
Hash identifier: lkrTEDOL/DPqIrp3sgVYrhLUuH+uVrhs5a6fhRFkq4c=
Subject key identifier: D1:D6:C2:C3:FD:34:2F:59:F4:61:73:3F:8C:8D:2A:C8:8B:FB:31:9A
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018873C68CC021B82CCC0D2E509F13E37DA3
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/0dbCw_00L1n0YXM_jI0qyIv7MZo.roa
Signing time: Wed 31 May 2023 21:46:11 +0000
ROA not before: Wed 31 May 2023 21:46:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.237.208.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.215.0/24 maxlen: 24
85.237.214.0/24 maxlen: 24
85.237.216.0/24 maxlen: 24
85.237.223.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.158.61.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
85.158.62.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
185.93.35.0/24 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:73:c6:8c:c0:21:b8:2c:cc:0d:2e:50:9f:13:e3:7d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: May 31 21:46:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1d6c2c3fd342f59f461733f8c8d2ac88bfb319a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:50:62:79:73:94:88:bc:f3:6c:ad:3b:37:
a0:eb:ee:34:71:be:f2:0c:67:79:64:fc:e9:30:c6:
63:55:b3:64:59:4c:bb:0f:93:31:1e:2d:29:cb:2c:
29:22:32:ca:d9:cb:aa:11:41:22:95:b5:21:b5:b3:
97:fc:cb:af:7c:97:7a:89:a9:81:18:c9:09:fb:83:
b0:7e:db:bc:81:97:d2:45:9f:d3:2f:27:dc:3e:c6:
50:6f:2c:84:12:11:f6:c6:27:3a:5b:a6:65:7e:06:
d2:d1:ca:ee:32:9a:d4:30:eb:86:2e:80:97:60:0e:
ed:81:da:55:f9:a2:bb:1e:20:25:22:61:63:81:78:
26:2c:53:18:93:12:32:a5:64:8b:48:d5:e7:6f:41:
3e:2d:8e:c4:d3:a5:83:fe:22:3c:38:fa:f2:58:86:
53:32:74:76:e6:b1:55:75:f6:65:aa:b8:3e:8e:d8:
7d:47:b1:4b:1f:40:d4:90:9e:cc:df:8d:3e:de:da:
33:32:3a:03:8a:c5:6f:d0:c6:a6:e4:5b:1c:5c:0c:
71:b1:8c:81:de:12:28:d9:7f:2e:a8:07:54:2a:61:
2a:a7:32:4b:1c:70:83:37:3d:c5:f8:53:4d:f5:e1:
e0:63:68:99:2d:63:b9:a7:a8:0d:a0:30:91:dc:d5:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D6:C2:C3:FD:34:2F:59:F4:61:73:3F:8C:8D:2A:C8:8B:FB:31:9A
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/0dbCw_00L1n0YXM_jI0qyIv7MZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.158.60.0/22
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
38:39:49:44:07:7b:54:aa:e8:a5:61:09:d9:be:ab:97:f7:11:
0a:6f:bd:4f:f3:19:cb:bc:7f:0f:c9:00:9b:b1:c7:15:7e:23:
99:de:90:dd:10:78:2e:ad:96:46:ff:fd:f4:1a:18:45:7c:d2:
46:1e:0a:5e:98:ec:7c:8c:e6:de:36:00:8e:20:8c:7b:e7:c6:
01:3c:8a:dd:65:40:09:ec:fc:e3:7e:dd:26:2d:4b:46:d9:56:
ec:50:ae:7a:21:02:eb:8d:63:38:7a:08:43:58:5e:ab:c0:45:
5e:ff:21:4a:8c:12:74:2c:01:f3:39:41:ed:0a:1b:cb:5b:04:
27:77:c1:45:94:0a:0d:d9:01:45:ad:5d:67:a1:52:74:4f:6f:
d3:24:93:5f:e1:b1:8b:8e:83:83:c8:a6:71:8f:1f:8f:0a:df:
b3:1c:4e:92:06:07:f7:8a:07:f8:d3:6c:2d:c2:02:a9:a5:1e:
07:2f:81:3f:04:e4:da:e4:79:91:a3:bb:2c:7d:53:d0:8f:a4:
e3:b7:11:91:9e:95:06:d0:02:68:4e:65:07:ea:d2:88:00:cd:
31:95:41:e8:9c:ff:2c:fa:78:e5:83:26:96:ab:40:4d:28:38:
4c:6c:91:48:5b:e7:72:d2:5b:66:5e:7f:0f:44:ad:b7:82:67:
1c:9b:88:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYhzxozAIbgszA0uUJ8T432jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTMxMjE0NjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ2YzJjM2ZkMzQyZjU5ZjQ2MTczM2Y4YzhkMmFjODhiZmIzMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu15QYnlzlIi882ytOzeg6+40cb7y
DGd5ZPzpMMZjVbNkWUy7D5MxHi0pyywpIjLK2cuqEUEilbUhtbOX/MuvfJd6iamB
GMkJ+4Owftu8gZfSRZ/TLyfcPsZQbyyEEhH2xic6W6ZlfgbS0cruMprUMOuGLoCX
YA7tgdpV+aK7HiAlImFjgXgmLFMYkxIypWSLSNXnb0E+LY7E06WD/iI8OPryWIZT
MnR25rFVdfZlqrg+jth9R7FLH0DUkJ7M340+3tozMjoDisVv0Mam5FscXAxxsYyB
3hIo2X8uqAdUKmEqpzJLHHCDNz3F+FNN9eHgY2iZLWO5p6gNoDCR3NXYCQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNHWwsP9NC9Z9GFzP4yNKsiL+zGaMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvMGRiQ3dfMDBMMW4wWVhNX2pJMHF5SXY3TVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBABVnjkD
BABVnjoDBAJVnjwDBABV7cQDBABV7csDBABV7c0DBARV7dADBAC5XSADBAG5XSID
BADCqdkwDQYJKoZIhvcNAQELBQADggEBADg5SUQHe1Sq6KVhCdm+q5f3EQpvvU/z
Gcu8fw/JAJuxxxV+I5nekN0QeC6tlkb//fQaGEV80kYeCl6Y7HyM5t42AI4gjHvn
xgE8it1lQAns/ON+3SYtS0bZVuxQrnohAuuNYzh6CENYXqvARV7/IUqMEnQsAfM5
Qe0KG8tbBCd3wUWUCg3ZAUWtXWehUnRPb9Mkk1/hsYuOg4PIpnGPH48K37McTpIG
B/eKB/jTbC3CAqmlHgcvgT8E5NrkeZGjuyx9U9CPpOO3EZGelQbQAmhOZQfq0ogA
zTGVQeic/yz6eOWDJparQE0oOExskUhb53LSW2Zefw9ErbeCZxybiNw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org