Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/TKQzYEHXpWaF1cZPw_G4N4NitNo.roa
File: TKQzYEHXpWaF1cZPw_G4N4NitNo.roa (raw, json)
Hash identifier: Z2j38e4dbSzR3p7MWzOxNnaEEZeX7X7JDEiGW7Y/shA=
Subject key identifier: 4C:A4:33:60:41:D7:A5:66:85:D5:C6:4F:C3:F1:B8:37:83:62:B4:DA
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0184CF72D77C43AE4987A0B05A49623FE88B
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/TKQzYEHXpWaF1cZPw_G4N4NitNo.roa
Signing time: Thu 01 Dec 2022 20:48:40 +0000
ROA not before: Thu 01 Dec 2022 20:48:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 193.109.197.0/24 maxlen: 24
193.109.198.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cf:72:d7:7c:43:ae:49:87:a0:b0:5a:49:62:3f:e8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Dec 1 20:48:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ca4336041d7a56685d5c64fc3f1b8378362b4da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:01:d5:7b:5d:5c:f9:69:1d:88:0b:df:73:08:
fa:9f:32:08:f9:90:b2:2a:d8:da:0c:71:21:34:28:
40:c1:53:24:10:9d:3f:bf:5d:08:d7:1a:74:74:d1:
af:59:ab:15:78:fe:96:6c:d8:16:5e:bf:a6:ed:00:
ee:03:7a:28:dc:e3:bd:a3:ca:3a:72:95:c4:51:76:
70:5d:fb:7e:88:bd:69:bb:4d:58:67:54:ff:d2:ee:
45:a2:05:54:89:45:e6:13:f6:98:79:b0:e6:cd:cc:
c2:50:63:e2:b7:4d:74:b2:0e:62:41:38:39:0f:d6:
f0:26:a4:10:15:9d:09:c9:f2:c2:1d:2f:29:92:6c:
5a:f2:a0:6a:7e:e3:b7:ef:84:f2:39:71:1f:18:83:
8b:e6:fe:bb:72:74:3e:8b:d1:b4:5d:9e:ef:36:2c:
1d:cd:d2:7d:44:58:92:17:83:43:b0:ab:47:2e:de:
f7:27:5d:63:82:f3:7c:6c:9e:74:03:ef:4e:3c:ec:
78:1e:49:fc:6f:73:0e:7b:73:52:94:71:fb:23:e7:
20:66:4a:53:64:e8:a8:28:7a:92:df:af:84:b5:1d:
82:be:8f:33:26:9c:c6:95:a1:d8:67:b8:75:b8:a2:
1d:86:9f:76:ab:0f:9e:79:d7:82:5c:7e:0c:45:75:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A4:33:60:41:D7:A5:66:85:D5:C6:4F:C3:F1:B8:37:83:62:B4:DA
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/TKQzYEHXpWaF1cZPw_G4N4NitNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.63.0/24
193.109.197.0-193.109.198.255
Signature Algorithm: sha256WithRSAEncryption
a2:e9:19:47:da:84:06:9f:8c:41:82:30:b2:22:00:a5:3c:e1:
89:9c:39:d8:9d:91:ba:93:e5:88:69:2d:eb:65:e7:f3:d7:d4:
10:4d:06:d0:7d:eb:fa:37:c9:d3:06:14:96:e9:46:c8:e8:24:
eb:6c:c6:b7:a3:13:0a:7c:7a:ba:c1:1d:ba:27:a3:2c:42:12:
e1:d7:f3:ff:80:16:23:f7:29:72:c5:91:f8:40:f0:ce:da:c5:
4b:8b:2c:01:d9:b7:83:31:19:0e:b8:ae:e9:60:c3:40:f5:c7:
ed:7f:3b:1b:58:7d:c4:59:e3:63:46:84:df:f3:dd:30:7c:40:
43:fb:83:1f:01:a1:ef:0f:67:8c:43:92:b7:7c:22:92:e6:5b:
b0:3e:09:f4:40:52:4e:fd:29:ea:d7:f2:fb:52:68:6d:7c:58:
9b:29:57:e4:5f:19:2e:2b:c7:26:ea:8e:1e:3a:6c:ea:74:1a:
a3:f8:0c:b2:09:e3:61:9e:b6:4d:3d:76:f2:94:31:7a:4e:ea:
c8:03:b9:ce:7e:79:99:cf:fe:c7:59:c5:55:0f:66:2c:9b:5f:
ed:24:ff:c2:c1:e2:19:37:1c:af:f7:ff:40:29:0c:3d:d1:73:
b9:14:ab:9f:7a:8d:3d:55:92:1d:6e:4d:72:ac:9c:83:d7:f3:
0a:e5:2a:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYTPctd8Q65Jh6CwWkliP+iLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMjAxMjA0ODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E0MzM2MDQxZDdhNTY2ODVkNWM2NGZjM2YxYjgzNzgzNjJiNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQHVe11c+WkdiAvfcwj6nzII+ZCy
KtjaDHEhNChAwVMkEJ0/v10I1xp0dNGvWasVeP6WbNgWXr+m7QDuA3oo3OO9o8o6
cpXEUXZwXft+iL1pu01YZ1T/0u5FogVUiUXmE/aYebDmzczCUGPit010sg5iQTg5
D9bwJqQQFZ0JyfLCHS8pkmxa8qBqfuO374TyOXEfGIOL5v67cnQ+i9G0XZ7vNiwd
zdJ9RFiSF4NDsKtHLt73J11jgvN8bJ50A+9OPOx4Hkn8b3MOe3NSlHH7I+cgZkpT
ZOioKHqS36+EtR2Cvo8zJpzGlaHYZ7h1uKIdhp92qw+eedeCXH4MRXVVGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEykM2BB16VmhdXGT8PxuDeDYrTaMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvVEtRellFSFhwV2FGMWNaUHdfRzRONE5pdE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVZ4/MAwD
BADBbcUDBADBbcYwDQYJKoZIhvcNAQELBQADggEBAKLpGUfahAafjEGCMLIiAKU8
4YmcOdidkbqT5YhpLetl5/PX1BBNBtB96/o3ydMGFJbpRsjoJOtsxrejEwp8errB
HbonoyxCEuHX8/+AFiP3KXLFkfhA8M7axUuLLAHZt4MxGQ64rulgw0D1x+1/OxtY
fcRZ42NGhN/z3TB8QEP7gx8Boe8PZ4xDkrd8IpLmW7A+CfRAUk79KerX8vtSaG18
WJspV+RfGS4rxybqjh46bOp0GqP4DLIJ42Getk09dvKUMXpO6sgDuc5+eZnP/sdZ
xVUPZiybX+0k/8LB4hk3HK/3/0ApDD3Rc7kUq596jT1Vkh1uTXKsnIPX8wrlKr0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:07 2023 by rpki-client on console-ams.rpki-client.org