Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/S4gbOkyN6gPfPWqoLzSl2n_OOo0.roa
File: S4gbOkyN6gPfPWqoLzSl2n_OOo0.roa (raw, json)
Hash identifier: eQ/+qooYKHh9lAdee8tw5FYI4MIsrUwy3eRAWU9UpnE=
Subject key identifier: 4B:88:1B:3A:4C:8D:EA:03:DF:3D:6A:A8:2F:34:A5:DA:7F:CE:3A:8D
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018820A6E89A51CCE50E6C89D83F821B9241
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/S4gbOkyN6gPfPWqoLzSl2n_OOo0.roa
Signing time: Mon 15 May 2023 18:23:09 +0000
ROA not before: Mon 15 May 2023 18:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
85.237.201.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.237.216.0/24 maxlen: 24
185.93.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:a6:e8:9a:51:cc:e5:0e:6c:89:d8:3f:82:1b:92:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: May 15 18:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b881b3a4c8dea03df3d6aa82f34a5da7fce3a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:3f:42:a4:dc:e0:68:a0:49:08:e4:05:49:
11:42:ae:da:f3:0f:02:7a:2e:f4:96:6d:ce:26:db:
3b:a9:31:3e:cf:82:db:57:5e:02:92:67:17:57:b0:
51:d4:c2:e2:64:81:2f:d1:11:cf:1f:61:16:fa:ac:
46:0f:24:80:d5:e5:78:b2:1d:13:8b:46:a8:1b:1f:
df:9e:3d:02:36:9f:f2:b4:4c:2c:8b:81:3d:c7:4e:
12:77:59:aa:a6:d9:7a:1c:4b:0d:43:67:ed:1d:2c:
16:70:10:79:a3:d1:4b:2c:e3:bb:b1:94:58:47:e1:
33:e9:f6:d2:34:93:33:14:c0:62:cc:65:be:cd:c8:
1c:a8:55:36:f5:ae:7b:43:2d:5d:ab:63:38:0e:a0:
70:c6:e4:5c:2b:c6:67:ba:3a:46:e5:2d:80:74:85:
c4:d0:91:ee:ce:11:8a:b1:13:18:88:4f:be:08:25:
ee:ec:db:b1:07:58:74:2a:f3:41:7c:9e:60:96:8d:
63:0d:c5:5b:02:a6:52:01:19:25:a9:a5:df:ba:a0:
9c:7b:82:ec:b5:ea:f0:3d:88:70:03:c9:f1:f6:f3:
ea:5b:45:fb:0b:75:3b:49:17:3e:f9:31:34:ad:f7:
7a:53:cb:42:c5:a3:89:74:01:36:9e:7f:87:9b:1d:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:88:1B:3A:4C:8D:EA:03:DF:3D:6A:A8:2F:34:A5:DA:7F:CE:3A:8D
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/S4gbOkyN6gPfPWqoLzSl2n_OOo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.201.0-85.237.202.255
85.237.211.0/24
85.237.216.0/24
185.93.35.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:03:82:b8:5e:56:0b:90:96:1a:cf:2c:4e:0d:cf:df:cd:4e:
de:41:13:b4:45:26:bc:65:1a:49:66:59:04:9e:14:dc:21:9f:
ea:ff:ba:5c:82:66:04:5d:22:ed:bb:9e:49:37:00:f1:60:b5:
59:55:d6:74:42:90:16:f7:6e:cf:97:64:0e:f9:0e:1b:20:47:
a4:7a:f2:81:3d:a3:12:f8:47:28:73:ce:08:6b:5e:5e:21:06:
f1:ff:ea:40:61:89:fa:c9:e2:df:f5:44:92:6c:b3:0f:49:e9:
6b:13:22:c3:c5:14:49:4e:4d:14:92:a8:a8:92:62:f5:91:21:
52:2a:ab:a7:0e:91:7a:26:bc:ee:37:7c:e2:49:50:72:e9:20:
f8:97:8f:8b:c8:76:e3:6a:59:50:46:ec:c6:f5:b7:aa:e6:84:
ad:73:7f:1d:30:84:f9:01:09:f6:6f:08:b6:c9:08:fc:ab:06:
18:8a:0f:7d:1c:54:5f:81:42:e8:c1:73:a0:80:18:8f:c1:1a:
57:ba:e8:21:5e:5b:8d:38:28:45:16:76:0c:29:b9:c8:da:03:
a7:90:f2:ac:38:af:5b:d1:cd:99:dc:fe:b4:93:6e:68:89:e8:
41:35:6c:b7:78:23:ef:99:7d:0d:cd:21:60:89:f0:f9:e2:de:
5a:b3:74:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYggpuiaUczlDmyJ2D+CG5JBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTE1MTgyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjg4MWIzYTRjOGRlYTAzZGYzZDZhYTgyZjM0YTVkYTdmY2UzYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg30/QqTc4GigSQjkBUkRQq7a8w8C
ei70lm3OJts7qTE+z4LbV14CkmcXV7BR1MLiZIEv0RHPH2EW+qxGDySA1eV4sh0T
i0aoGx/fnj0CNp/ytEwsi4E9x04Sd1mqptl6HEsNQ2ftHSwWcBB5o9FLLOO7sZRY
R+Ez6fbSNJMzFMBizGW+zcgcqFU29a57Qy1dq2M4DqBwxuRcK8ZnujpG5S2AdIXE
0JHuzhGKsRMYiE++CCXu7NuxB1h0KvNBfJ5glo1jDcVbAqZSARklqaXfuqCce4Ls
terwPYhwA8nx9vPqW0X7C3U7SRc++TE0rfd6U8tCxaOJdAE2nn+Hmx3wCwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEuIGzpMjeoD3z1qqC80pdp/zjqNMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvUzRnYk9reU42Z1BmUFdxb0x6U2wybl9PT28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABV7ckD
BABV7coDBABV7dMDBABV7dgDBAC5XSMDBADBbcYwDQYJKoZIhvcNAQELBQADggEB
AHsDgrheVguQlhrPLE4Nz9/NTt5BE7RFJrxlGklmWQSeFNwhn+r/ulyCZgRdIu27
nkk3APFgtVlV1nRCkBb3bs+XZA75DhsgR6R68oE9oxL4RyhzzghrXl4hBvH/6kBh
ifrJ4t/1RJJssw9J6WsTIsPFFElOTRSSqKiSYvWRIVIqq6cOkXomvO43fOJJUHLp
IPiXj4vIduNqWVBG7Mb1t6rmhK1zfx0whPkBCfZvCLbJCPyrBhiKD30cVF+BQujB
c6CAGI/BGle66CFeW404KEUWdgwpucjaA6eQ8qw4r1vRzZnc/rSTbmiJ6EE1bLd4
I++ZfQ3NIWCJ8Pni3lqzdB4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org