Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NXufVbnPr1upEt8u7DeH9w8xkrw.roa
File: NXufVbnPr1upEt8u7DeH9w8xkrw.roa (raw, json)
Hash identifier: sR9dLCEGiqp4nv6JIDQ60VgU6BUS6EDPf3MNxhgneag=
Subject key identifier: 35:7B:9F:55:B9:CF:AF:5B:A9:12:DF:2E:EC:37:87:F7:0F:31:92:BC
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE960117C2500681D1330D7AF5FFD4
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NXufVbnPr1upEt8u7DeH9w8xkrw.roa
Signing time: Mon 02 Jan 2023 09:44:50 +0000
ROA not before: Mon 02 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 85.237.199.0/24 maxlen: 24
85.237.195.0/24 maxlen: 24
185.93.34.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:96:01:17:c2:50:06:81:d1:33:0d:7a:f5:ff:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357b9f55b9cfaf5ba912df2eec3787f70f3192bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:24:ee:28:7a:1a:01:06:7b:b0:34:e6:36:b3:
28:3f:a9:0c:e4:35:38:a6:17:8c:27:91:79:d0:b5:
5c:f9:16:8b:b5:4c:0b:2c:76:0f:24:7a:b0:2f:90:
05:6c:d1:ff:c1:66:92:a8:ec:ee:cd:fa:f6:97:d3:
79:8b:15:88:46:dd:ef:0f:5d:9a:d2:9d:1f:97:02:
f3:0d:26:16:04:4d:20:39:66:45:68:b5:a6:42:f1:
b4:cd:59:59:65:17:5a:6a:11:3b:49:0d:d9:1c:0f:
1c:47:3c:dd:50:61:42:fb:3f:79:d1:e7:30:80:b9:
e5:b3:57:74:f9:4c:ee:d0:f8:a9:41:e1:1a:69:fc:
ce:46:ee:4c:e2:43:47:0f:17:05:ff:8a:9f:35:af:
fc:32:d2:28:4f:17:05:e2:b0:a7:e6:74:5d:d1:2c:
98:cc:31:5c:c9:be:fb:20:ca:2b:df:9c:eb:5c:79:
90:17:d3:fb:e0:ff:e1:65:8f:b9:cd:37:99:1b:22:
79:5e:d6:94:0c:9b:11:5e:92:00:80:42:61:cf:da:
d1:b6:af:65:5b:e3:ff:af:55:7d:cd:67:b8:a7:ab:
a2:b4:71:19:a3:3f:80:9b:34:9f:99:6e:be:52:d6:
50:46:71:b8:24:f8:96:2d:6b:39:95:b9:e4:dc:b6:
c6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7B:9F:55:B9:CF:AF:5B:A9:12:DF:2E:EC:37:87:F7:0F:31:92:BC
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NXufVbnPr1upEt8u7DeH9w8xkrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.195.0/24
85.237.199.0/24
185.93.34.0/23
Signature Algorithm: sha256WithRSAEncryption
09:8b:e6:a8:1e:83:50:19:a5:9d:16:11:e3:55:4d:5d:86:0f:
8c:30:de:8a:03:47:29:ab:e1:d7:29:4e:67:67:65:1d:79:5f:
b2:e3:23:39:cb:d2:48:34:d5:7e:0f:d3:b3:fc:57:07:87:aa:
56:0e:de:8e:46:1c:dd:04:89:fc:39:47:24:c0:c0:10:21:87:
aa:0f:e3:d5:3e:a1:ba:20:ef:e1:a2:f6:29:0c:9f:08:0c:a7:
b2:58:99:16:fd:43:74:c1:2e:b6:e1:d2:c3:b0:8e:8d:13:cb:
1d:69:8e:f2:87:6d:10:c0:49:e2:c2:b6:b8:7c:12:4d:f9:73:
8e:89:b8:94:01:db:78:ab:17:af:6a:2b:fd:95:85:a5:75:34:
2d:18:0e:2d:cf:f6:6d:6c:dc:32:78:e4:fa:9c:13:aa:6e:5b:
88:5c:17:d1:2b:7f:06:8c:29:ba:6f:de:ed:2f:26:7c:7e:a0:
d4:7d:81:f1:5c:24:79:5f:80:6d:fb:b4:a3:cf:99:c2:f6:e8:
b4:1f:88:23:44:d1:aa:3c:0f:98:28:fc:c0:d3:b2:e2:ba:70:
16:e2:fa:0f:a4:cd:8d:ea:0e:0a:92:4a:ff:3a:d3:42:48:4c:
df:8f:8e:af:1c:d6:31:3a:d5:7a:16:60:c2:1c:30:b4:a1:42:
2e:28:5e:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx3pYBF8JQBoHRMw169f/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdiOWY1NWI5Y2ZhZjViYTkxMmRmMmVlYzM3ODdmNzBmMzE5MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySTuKHoaAQZ7sDTmNrMoP6kM5DU4
pheMJ5F50LVc+RaLtUwLLHYPJHqwL5AFbNH/wWaSqOzuzfr2l9N5ixWIRt3vD12a
0p0flwLzDSYWBE0gOWZFaLWmQvG0zVlZZRdaahE7SQ3ZHA8cRzzdUGFC+z950ecw
gLnls1d0+Uzu0PipQeEaafzORu5M4kNHDxcF/4qfNa/8MtIoTxcF4rCn5nRd0SyY
zDFcyb77IMor35zrXHmQF9P74P/hZY+5zTeZGyJ5XtaUDJsRXpIAgEJhz9rRtq9l
W+P/r1V9zWe4p6uitHEZoz+AmzSfmW6+UtZQRnG4JPiWLWs5lbnk3LbG2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDV7n1W5z69bqRLfLuw3h/cPMZK8MB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvTlh1ZlZiblByMXVwRXQ4dTdEZUg5dzh4a3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe3DAwQA
Ve3HAwQBuV0iMA0GCSqGSIb3DQEBCwUAA4IBAQAJi+aoHoNQGaWdFhHjVU1dhg+M
MN6KA0cpq+HXKU5nZ2UdeV+y4yM5y9JINNV+D9Oz/FcHh6pWDt6ORhzdBIn8OUck
wMAQIYeqD+PVPqG6IO/hovYpDJ8IDKeyWJkW/UN0wS624dLDsI6NE8sdaY7yh20Q
wEniwra4fBJN+XOOibiUAdt4qxevaiv9lYWldTQtGA4tz/ZtbNwyeOT6nBOqbluI
XBfRK38GjCm6b97tLyZ8fqDUfYHxXCR5X4Bt+7Sjz5nC9ui0H4gjRNGqPA+YKPzA
07LiunAW4voPpM2N6g4Kkkr/OtNCSEzfj46vHNYxOtV6FmDCHDC0oUIuKF57
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:07 2023 by rpki-client on console-ams.rpki-client.org