Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AAbMaLac--Ar9SNIWTEVS3EWR2Q.roa
File: AAbMaLac--Ar9SNIWTEVS3EWR2Q.roa (raw, json)
Hash identifier: VQHCOMDOJGyRyvzl9o4pEENrU0Wnx2wT2AlDHkt4kkc=
Subject key identifier: 00:06:CC:68:B6:9C:FB:E0:2B:F5:23:48:59:31:15:4B:71:16:47:64
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01882C47F918DA53E9D1F8140B403180210B
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AAbMaLac--Ar9SNIWTEVS3EWR2Q.roa
Signing time: Thu 18 May 2023 00:34:54 +0000
ROA not before: Thu 18 May 2023 00:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.158.61.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2c:47:f9:18:da:53:e9:d1:f8:14:0b:40:31:80:21:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: May 18 00:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0006cc68b69cfbe02bf523485931154b71164764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ea:fd:a8:4b:9c:5a:02:05:84:f9:26:28:7c:
dd:4e:29:2c:96:54:42:fd:ec:63:ae:7b:11:03:91:
cf:c0:ac:a0:f2:9a:9a:df:d2:86:ff:6b:d1:b8:75:
86:e1:64:f3:f2:d1:aa:80:02:de:e3:26:14:b5:1b:
0c:2d:1c:bc:9e:54:49:68:c4:98:45:6c:0b:d4:4e:
78:a3:fb:39:10:a8:1a:06:2e:f5:24:3b:23:29:b1:
bf:7e:c5:53:29:57:82:69:b2:8e:23:7a:9b:83:bf:
c5:1e:7f:71:17:5c:a3:28:aa:82:9e:43:c5:07:f2:
06:d7:ac:ab:f0:11:f4:be:c9:29:12:8a:a6:34:67:
b2:df:c6:6d:e1:e4:30:f5:8d:85:56:fd:41:4a:f4:
65:b5:48:a0:ab:8e:4a:cf:73:73:2e:0e:35:f1:ee:
71:63:c7:ef:85:2e:d1:97:62:e4:8a:36:31:ea:8c:
3e:b9:34:e0:e6:63:fd:a0:b0:3e:6c:7d:9b:0d:e2:
19:f5:54:9b:06:d4:0e:f5:68:2c:81:ad:60:8c:4e:
ee:cd:0f:20:20:2a:7e:ac:21:9c:d7:77:9f:09:21:
4b:1d:5c:67:da:ae:30:e7:1c:cb:02:47:d4:d6:fd:
39:50:b4:fd:2b:4b:9a:66:0a:94:13:66:04:07:f8:
eb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:06:CC:68:B6:9C:FB:E0:2B:F5:23:48:59:31:15:4B:71:16:47:64
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AAbMaLac--Ar9SNIWTEVS3EWR2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.158.60.0/23
85.158.63.0/24
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:e2:78:f6:80:c3:ac:2d:bf:52:03:c3:c6:ff:47:b7:53:10:
95:3e:18:3b:fd:d6:32:3e:af:27:95:4d:82:8d:31:cf:15:6f:
83:6f:bc:a2:79:c1:a9:41:31:1e:81:61:5c:1d:4c:49:09:7f:
89:bf:c3:ec:a3:c6:f1:4a:f7:9f:ca:6c:63:ae:e0:00:a9:41:
8a:ce:a0:93:a2:45:76:3f:71:d1:30:f9:0c:be:e3:1f:df:03:
ee:5b:d4:c0:c0:25:7a:4b:2a:b7:c6:f2:59:b6:db:10:6b:0f:
72:ae:a8:f1:ef:a5:ce:28:cc:f8:90:f0:68:ab:f5:98:40:49:
d3:7e:76:05:eb:86:49:af:d8:fb:77:dd:ae:f4:0a:3b:3b:97:
ec:d3:9c:c2:a3:6c:7f:b8:78:93:ab:81:42:56:97:b2:eb:38:
58:a7:1f:a4:87:c1:c8:30:0c:49:65:ce:23:df:9d:2e:cc:d9:
06:95:74:33:77:d6:c9:8f:35:05:32:7a:e0:89:80:99:53:ec:
7f:7f:82:17:64:bb:d5:87:cc:6c:8c:b6:87:e7:6a:cd:59:84:
e2:78:ca:f4:6e:2d:ad:13:46:4a:34:40:d8:97:0c:31:e7:37:
d0:a9:8d:5f:51:b9:65:cc:9c:62:32:d7:ee:b6:ad:e0:19:f5:
fe:db:cd:f9
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYgsR/kY2lPp0fgUC0AxgCELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTE4MDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA2Y2M2OGI2OWNmYmUwMmJmNTIzNDg1OTMxMTU0YjcxMTY0NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOr9qEucWgIFhPkmKHzdTiksllRC
/exjrnsRA5HPwKyg8pqa39KG/2vRuHWG4WTz8tGqgALe4yYUtRsMLRy8nlRJaMSY
RWwL1E54o/s5EKgaBi71JDsjKbG/fsVTKVeCabKOI3qbg7/FHn9xF1yjKKqCnkPF
B/IG16yr8BH0vskpEoqmNGey38Zt4eQw9Y2FVv1BSvRltUigq45Kz3NzLg418e5x
Y8fvhS7Rl2LkijYx6ow+uTTg5mP9oLA+bH2bDeIZ9VSbBtQO9Wgsga1gjE7uzQ8g
ICp+rCGc13efCSFLHVxn2q4w5xzLAkfU1v05ULT9K0uaZgqUE2YEB/jrhwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAAGzGi2nPvgK/UjSFkxFUtxFkdkMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvQUFiTWFMYWMtLUFyOVNOSVdURVZTM0VXUjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBABVnjkD
BABVnjoDBAFVnjwDBABVnj8DBABV7cQDBABV7csDBABV7c0DBARV7dADBAC5XSAD
BAG5XSIDBADCqdkwDQYJKoZIhvcNAQELBQADggEBAKXiePaAw6wtv1IDw8b/R7dT
EJU+GDv91jI+ryeVTYKNMc8Vb4NvvKJ5walBMR6BYVwdTEkJf4m/w+yjxvFK95/K
bGOu4ACpQYrOoJOiRXY/cdEw+Qy+4x/fA+5b1MDAJXpLKrfG8lm22xBrD3KuqPHv
pc4ozPiQ8Gir9ZhASdN+dgXrhkmv2Pt33a70Cjs7l+zTnMKjbH+4eJOrgUJWl7Lr
OFinH6SHwcgwDEllziPfnS7M2QaVdDN31smPNQUyeuCJgJlT7H9/ghdku9WHzGyM
tofnas1ZhOJ4yvRuLa0TRko0QNiXDDHnN9CpjV9RuWXMnGIy1+62reAZ9f7bzfk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org