Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NvJBCmEsA21zCm9BnIyv8MmfGdM.roa
File: NvJBCmEsA21zCm9BnIyv8MmfGdM.roa (raw, json)
Hash identifier: oK2RLjHwFyr5jvjpN5hn578UI7HJI1b8cA61OdKZpsw=
Subject key identifier: 36:F2:41:0A:61:2C:03:6D:73:0A:6F:41:9C:8C:AF:F0:C9:9F:19:D3
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018796B2EF730DEEBFE126522D5FAFFEFD42
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NvJBCmEsA21zCm9BnIyv8MmfGdM.roa
Signing time: Tue 18 Apr 2023 23:28:41 +0000
ROA not before: Tue 18 Apr 2023 23:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.158.63.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:96:b2:ef:73:0d:ee:bf:e1:26:52:2d:5f:af:fe:fd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Apr 18 23:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36f2410a612c036d730a6f419c8caff0c99f19d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:27:e8:99:4c:ef:9b:d8:b3:cd:40:59:df:
62:a6:2d:aa:6f:ff:70:90:e9:18:a1:52:d8:62:79:
c8:b3:db:c2:32:e9:f2:85:dc:c1:f2:0e:61:e8:08:
1a:e1:9d:7d:50:27:a9:85:b6:9c:c2:f5:8c:95:c4:
80:51:a5:ce:71:18:76:69:57:07:cd:82:bc:84:64:
f7:21:ea:e7:e2:c9:6a:87:50:cc:82:aa:93:7e:c5:
ee:d8:7b:03:01:01:7c:9b:00:eb:1e:0b:e7:95:4c:
82:59:57:ff:7d:c6:5e:9a:52:ec:dd:be:2d:e1:cc:
34:fc:d3:d3:6b:ec:55:90:af:e5:1a:4a:57:59:ba:
f2:95:dd:15:67:14:b7:0b:ed:6e:a6:b5:41:4a:dc:
8f:bf:87:dc:fd:80:10:f3:07:25:09:1c:9d:d9:9b:
c7:1f:39:e6:02:6d:1e:3c:02:9d:f2:36:7b:1f:04:
9b:fa:84:29:5d:61:8e:53:09:bc:c2:fd:9e:b7:30:
1c:78:18:ab:4a:50:92:be:33:04:74:18:aa:2b:3b:
36:59:29:e0:4c:b7:8e:31:9e:b1:95:e9:9c:5d:56:
61:e0:c8:dc:0c:31:7c:c9:be:68:f2:4d:51:2c:22:
6c:87:5c:63:1d:b1:c1:f7:62:1e:e8:4b:f4:f7:87:
e4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F2:41:0A:61:2C:03:6D:73:0A:6F:41:9C:8C:AF:F0:C9:9F:19:D3
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/NvJBCmEsA21zCm9BnIyv8MmfGdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.158.60.0/24
85.158.63.0/24
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0a:a5:26:01:08:39:85:e4:0e:67:6b:83:eb:b4:76:cf:29:
1d:3f:93:36:57:d1:e0:77:5b:3b:c0:fe:67:58:82:5d:e5:5b:
22:be:df:66:df:6b:10:98:11:a6:58:1a:d6:8e:b2:bb:49:fa:
7f:b2:a7:a5:f9:e5:1f:a5:65:5e:94:65:dd:6b:ae:ff:d2:77:
d0:d1:e6:7b:43:d4:43:12:89:f2:91:97:7a:41:16:36:56:8d:
70:40:ac:66:57:da:05:f0:47:9a:c2:7c:6e:be:60:82:46:64:
a3:63:7c:b7:40:9b:f8:6f:c3:37:ec:94:d3:b5:0e:55:c4:e0:
e7:5a:ff:d7:6c:97:0c:2c:c3:9f:60:35:d0:45:ed:8b:2f:6e:
e1:25:01:9c:10:ef:1c:f3:fc:24:a1:c6:e8:26:7a:a7:00:80:
9b:a6:56:ca:7f:e5:91:91:9e:89:a1:59:ab:26:52:7c:a0:2f:
e3:62:6f:22:a9:d3:7a:c6:85:e8:2a:db:dc:60:b0:40:f3:e5:
45:ec:66:a7:ce:87:76:53:ec:02:e8:61:cc:27:64:e0:3a:e0:
09:ed:c8:e7:5d:9f:d3:73:71:fd:eb:17:11:5b:b0:fe:bf:44:
21:d5:4d:77:db:3c:de:d0:2e:32:3b:1b:35:1b:df:3f:0c:12:
d2:27:72:e9
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYeWsu9zDe6/4SZSLV+v/v1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNDE4MjMyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYyNDEwYTYxMmMwMzZkNzMwYTZmNDE5YzhjYWZmMGM5OWYxOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5Mn6JlM75vYs81AWd9ipi2qb/9w
kOkYoVLYYnnIs9vCMunyhdzB8g5h6Aga4Z19UCephbacwvWMlcSAUaXOcRh2aVcH
zYK8hGT3Iern4slqh1DMgqqTfsXu2HsDAQF8mwDrHgvnlUyCWVf/fcZemlLs3b4t
4cw0/NPTa+xVkK/lGkpXWbryld0VZxS3C+1uprVBStyPv4fc/YAQ8wclCRyd2ZvH
HznmAm0ePAKd8jZ7HwSb+oQpXWGOUwm8wv2etzAceBirSlCSvjMEdBiqKzs2WSng
TLeOMZ6xlemcXVZh4MjcDDF8yb5o8k1RLCJsh1xjHbHB92Ie6Ev094fkQwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDbyQQphLANtcwpvQZyMr/DJnxnTMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvTnZKQkNtRXNBMjF6Q205Qm5JeXY4TW1mR2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBABVnjkD
BABVnjoDBABVnjwDBABVnj8DBABV7cQDBABV7csDBABV7c0DBARV7dADBAC5XSAD
BAG5XSIDBADCqdkwDQYJKoZIhvcNAQELBQADggEBAJcKpSYBCDmF5A5na4PrtHbP
KR0/kzZX0eB3WzvA/mdYgl3lWyK+32bfaxCYEaZYGtaOsrtJ+n+yp6X55R+lZV6U
Zd1rrv/Sd9DR5ntD1EMSifKRl3pBFjZWjXBArGZX2gXwR5rCfG6+YIJGZKNjfLdA
m/hvwzfslNO1DlXE4Oda/9dslwwsw59gNdBF7YsvbuElAZwQ7xzz/CShxugmeqcA
gJumVsp/5ZGRnomhWasmUnygL+NibyKp03rGhegq29xgsEDz5UXsZqfOh3ZT7ALo
YcwnZOA64AntyOddn9Nzcf3rFxFbsP6/RCHVTXfbPN7QLjI7GzUb3z8MEtIncuk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org