Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/9tuZih9cHOjjfPwwIMoOiLjduIk.roa
File: 9tuZih9cHOjjfPwwIMoOiLjduIk.roa (raw, json)
Hash identifier: /KJ+5N3+0uTqt2tm+YxHLw+FKhUjtcW3i/g4qzUaabE=
Subject key identifier: F6:DB:99:8A:1F:5C:1C:E8:E3:7C:FC:30:20:CA:0E:88:B8:DD:B8:89
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018410ACD17D1019FAC2DBB1748AEF90EEBE
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/9tuZih9cHOjjfPwwIMoOiLjduIk.roa
Signing time: Tue 25 Oct 2022 19:44:31 +0000
ROA not before: Tue 25 Oct 2022 19:44:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.192.0/21 maxlen: 24
193.109.192.0/21 maxlen: 24
85.237.206.0/23 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.200.0/23 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.216.0/24 maxlen: 24
185.89.76.0/22 maxlen: 24
185.89.77.0/24 maxlen: 24
85.158.56.0/21 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:ac:d1:7d:10:19:fa:c2:db:b1:74:8a:ef:90:ee:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Oct 25 19:44:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6db998a1f5c1ce8e37cfc3020ca0e88b8ddb889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:36:b9:89:d3:65:25:d1:45:7b:ce:50:01:
e5:09:8a:73:06:d7:fa:71:75:ab:13:d4:53:e4:2c:
ed:a1:00:3d:e4:a3:b5:4e:e6:61:f1:f4:09:6a:3a:
0a:46:a4:09:04:c2:50:55:1e:70:5e:fe:0c:a3:e6:
07:40:54:8e:92:59:e7:b9:95:cd:79:e7:07:97:36:
80:9d:06:7b:df:fe:29:9c:51:4a:2e:d2:b9:d6:80:
85:0e:8a:ce:d2:d4:81:b0:2e:66:8d:2a:49:99:7b:
7f:07:9b:d0:3d:ee:f4:f9:fb:83:90:2d:ce:f2:19:
e9:cd:27:87:df:aa:89:3f:a3:ce:55:40:37:9d:22:
9a:f0:75:4c:76:bf:61:ab:40:ea:29:97:94:01:a2:
33:6e:e6:e0:94:4d:ef:1b:3c:19:b3:d8:8a:40:3f:
bf:05:40:b2:ea:32:27:18:bd:52:1d:76:02:02:b6:
56:e6:de:46:dc:83:61:4e:bb:b6:3c:5e:dd:75:4d:
89:db:54:79:ca:33:73:87:bc:e8:a8:dc:e8:9a:8e:
07:cd:ad:c6:6c:56:d8:ac:5a:97:42:df:68:6b:a0:
d8:d1:32:34:3d:4a:b4:9a:eb:70:b9:d0:cc:e4:ae:
d3:88:e2:c4:f2:ad:c7:22:78:c2:23:19:00:4f:62:
49:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DB:99:8A:1F:5C:1C:E8:E3:7C:FC:30:20:CA:0E:88:B8:DD:B8:89
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/9tuZih9cHOjjfPwwIMoOiLjduIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/21
85.237.192.0-85.237.203.255
85.237.205.0-85.237.223.255
185.89.76.0/22
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
28:e5:fa:15:f1:eb:63:27:2f:11:8f:b6:ac:c5:56:0e:e2:98:
d6:dc:2c:9c:0d:14:53:7d:33:8a:ab:14:08:e0:49:97:82:5d:
28:1a:82:0b:03:93:e9:2f:80:66:b5:50:96:37:03:e1:55:d4:
60:66:af:a9:75:17:5b:37:16:44:47:fd:f9:92:b8:19:db:a0:
46:e3:16:08:51:c4:9e:b9:5d:a9:80:82:e4:9c:3e:b7:71:24:
88:e6:88:69:d6:7f:e2:4e:2a:78:bb:9d:f9:ca:6b:54:2d:cd:
83:a5:fc:23:85:36:04:5e:87:43:c3:2b:6b:f7:70:38:61:ec:
49:24:cb:97:f5:67:5d:dd:00:da:0f:4f:ae:4e:f7:6a:d6:e0:
57:13:66:86:cc:95:9c:6a:b0:1d:b8:fd:da:5e:31:bd:29:3a:
58:65:a0:de:51:b0:d0:0d:17:8d:e4:93:4a:d6:f9:f6:2f:58:
62:4b:07:a5:e6:92:06:a5:f8:71:03:9d:96:2d:c3:55:57:e0:
07:3f:0d:19:d9:98:bd:7d:c4:b6:9d:b0:81:a6:9d:55:02:b8:
d9:f9:35:7c:a6:19:91:7c:fd:86:e0:18:4e:92:9b:ad:21:f7:
46:01:71:cd:4e:88:cd:97:45:3d:0c:71:84:d0:db:34:5a:ed:
44:f5:68:16
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYQQrNF9EBn6wtuxdIrvkO6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMDI1MTk0NDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmRiOTk4YTFmNWMxY2U4ZTM3Y2ZjMzAyMGNhMGU4OGI4ZGRiODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtow2uYnTZSXRRXvOUAHlCYpzBtf6
cXWrE9RT5CztoQA95KO1TuZh8fQJajoKRqQJBMJQVR5wXv4Mo+YHQFSOklnnuZXN
eecHlzaAnQZ73/4pnFFKLtK51oCFDorO0tSBsC5mjSpJmXt/B5vQPe70+fuDkC3O
8hnpzSeH36qJP6POVUA3nSKa8HVMdr9hq0DqKZeUAaIzbubglE3vGzwZs9iKQD+/
BUCy6jInGL1SHXYCArZW5t5G3INhTru2PF7ddU2J21R5yjNzh7zoqNzomo4Hza3G
bFbYrFqXQt9oa6DY0TI0PUq0mutwudDM5K7TiOLE8q3HInjCIxkAT2JJlwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPbbmYofXBzo43z8MCDKDoi43biJMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvOXR1WmloOWNIT2pqZlB3d0lNb09pTGpkdUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQDVZ44MAwD
BAZV7cADBAJV7cgwDAMEAFXtzQMEBVXtwAMEArlZTAMEALldIAMEAbldIgMEA8Ft
wAMEAMKp2TANBgkqhkiG9w0BAQsFAAOCAQEAKOX6FfHrYycvEY+2rMVWDuKY1tws
nA0UU30ziqsUCOBJl4JdKBqCCwOT6S+AZrVQljcD4VXUYGavqXUXWzcWREf9+ZK4
GdugRuMWCFHEnrldqYCC5Jw+t3EkiOaIadZ/4k4qeLud+cprVC3Ng6X8I4U2BF6H
Q8Mra/dwOGHsSSTLl/VnXd0A2g9Prk73atbgVxNmhsyVnGqwHbj92l4xvSk6WGWg
3lGw0A0XjeSTStb59i9YYksHpeaSBqX4cQOdli3DVVfgBz8NGdmYvX3Etp2wgaad
VQK42fk1fKYZkXz9huAYTpKbrSH3RgFxzU6IzZdFPQxxhNDbNFrtRPVoFg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org