Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/VPNh2BosA1OTIN7vLLLeRx8sDxA.roa
File: VPNh2BosA1OTIN7vLLLeRx8sDxA.roa (raw, json)
Hash identifier: zUIgnG4lbJlbKTJEVV0/knj+uwnwAHpfqigHyC8S4PU=
Subject key identifier: 54:F3:61:D8:1A:2C:03:53:93:20:DE:EF:2C:B2:DE:47:1F:2C:0F:10
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0185BC3E0F3E976E750FD7DC29C75BF32A02
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/VPNh2BosA1OTIN7vLLLeRx8sDxA.roa
Signing time: Mon 16 Jan 2023 20:21:01 +0000
ROA not before: Mon 16 Jan 2023 20:21:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 85.237.201.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bc:3e:0f:3e:97:6e:75:0f:d7:dc:29:c7:5b:f3:2a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 16 20:21:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54f361d81a2c03539320deef2cb2de471f2c0f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:98:8e:e9:ee:66:4b:ea:3d:7c:cb:a3:7f:c0:
c6:07:04:3f:64:9e:01:64:9f:7c:d1:51:6b:e1:69:
54:d4:dd:6a:aa:f3:93:26:17:06:e1:f9:1a:84:ec:
f4:02:e2:f0:a2:fc:a7:8a:17:cb:0e:7d:82:d8:0c:
67:27:97:99:6d:5a:b1:4f:e4:94:67:47:f1:50:76:
40:22:7e:53:3f:3e:a1:06:9d:e1:73:a1:72:de:cc:
1d:f8:eb:3d:94:a6:7f:81:41:d3:1e:6b:20:ad:38:
9e:a2:4f:3f:57:45:e8:82:7c:63:81:6c:04:83:06:
d3:2b:ba:b9:60:2b:05:80:f4:5a:60:b5:75:29:38:
36:4b:0e:d5:01:71:0d:5c:b2:81:98:d2:39:a0:07:
6a:e4:ac:59:ce:3a:0a:08:0c:87:c6:ec:93:ae:b7:
e7:69:17:1c:6e:b4:d1:20:b0:98:1b:ca:33:74:0a:
a1:40:7f:e8:c9:51:21:81:72:4c:3d:3d:85:c9:ce:
9a:c2:85:01:fe:5a:92:49:70:83:e1:4d:e7:f8:0d:
dc:fd:49:82:58:55:18:ff:75:0f:44:e0:3b:58:e6:
7a:9e:bc:cb:f7:01:fb:cb:ff:1a:3d:39:7a:9e:ce:
2d:9d:a6:67:f8:ed:90:62:e2:02:8d:b5:e2:aa:93:
6a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F3:61:D8:1A:2C:03:53:93:20:DE:EF:2C:B2:DE:47:1F:2C:0F:10
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/VPNh2BosA1OTIN7vLLLeRx8sDxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.201.0/24
85.237.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:7d:61:79:8e:7f:bf:c1:3e:6b:ff:2c:52:c2:cc:8e:c3:bc:
a2:80:d3:4d:b1:ce:1a:b9:3d:f8:81:93:20:8b:d7:2e:4e:e7:
2f:5f:3d:52:99:62:e9:f0:65:8e:d3:17:7f:41:fe:45:4b:31:
c4:86:af:9c:7a:44:39:d1:8b:16:dd:b8:65:d4:f2:b1:3d:7e:
ae:72:65:eb:f0:39:69:3c:52:8f:95:e3:b4:39:6c:bb:e0:01:
eb:39:81:2e:23:55:2f:05:48:19:30:2b:2e:ef:e6:03:5b:ee:
01:f8:61:e8:34:27:f0:53:39:62:e6:0d:d5:d8:c3:7e:11:ea:
9b:47:69:02:fd:90:b9:25:92:cc:1a:2d:c3:c9:13:63:b5:0e:
63:73:fb:07:07:a2:1b:70:68:85:e9:9c:2e:71:d9:d9:1b:c8:
94:40:68:9d:9b:de:59:e9:12:83:45:ae:76:9f:1b:c9:b6:08:
9f:2d:6b:bf:bd:2e:6d:31:e5:fb:5d:86:38:46:64:62:d0:f5:
83:6f:d9:e7:c4:ff:ae:3a:5b:2f:b2:a5:3b:7b:b0:af:30:38:
23:c1:b5:a9:78:de:69:91:5c:96:92:f9:a6:ec:33:1d:43:64:
0c:09:1e:27:0d:7c:c5:7d:c9:49:fb:c1:e1:00:f2:4b:95:0c:
b3:db:93:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW8Pg8+l251D9fcKcdb8yoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTE2MjAyMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGYzNjFkODFhMmMwMzUzOTMyMGRlZWYyY2IyZGU0NzFmMmMwZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5iO6e5mS+o9fMujf8DGBwQ/ZJ4B
ZJ980VFr4WlU1N1qqvOTJhcG4fkahOz0AuLwovynihfLDn2C2AxnJ5eZbVqxT+SU
Z0fxUHZAIn5TPz6hBp3hc6Fy3swd+Os9lKZ/gUHTHmsgrTieok8/V0XognxjgWwE
gwbTK7q5YCsFgPRaYLV1KTg2Sw7VAXENXLKBmNI5oAdq5KxZzjoKCAyHxuyTrrfn
aRccbrTRILCYG8ozdAqhQH/oyVEhgXJMPT2Fyc6awoUB/lqSSXCD4U3n+A3c/UmC
WFUY/3UPROA7WOZ6nrzL9wH7y/8aPTl6ns4tnaZn+O2QYuICjbXiqpNqOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFTzYdgaLANTkyDe7yyy3kcfLA8QMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvVlBOaDJCb3NBMU9USU43dkxMTGVSeDhzRHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3JAwQA
Ve3TMA0GCSqGSIb3DQEBCwUAA4IBAQCjfWF5jn+/wT5r/yxSwsyOw7yigNNNsc4a
uT34gZMgi9cuTucvXz1SmWLp8GWO0xd/Qf5FSzHEhq+cekQ50YsW3bhl1PKxPX6u
cmXr8DlpPFKPleO0OWy74AHrOYEuI1UvBUgZMCsu7+YDW+4B+GHoNCfwUzli5g3V
2MN+EeqbR2kC/ZC5JZLMGi3DyRNjtQ5jc/sHB6IbcGiF6ZwucdnZG8iUQGidm95Z
6RKDRa52nxvJtgifLWu/vS5tMeX7XYY4RmRi0PWDb9nnxP+uOlsvsqU7e7CvMDgj
wbWpeN5pkVyWkvmm7DMdQ2QMCR4nDXzFfclJ+8HhAPJLlQyz25PC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org