Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aVc0AplpWWwJcHZ-ncZblG7tk2Q.roa
File: aVc0AplpWWwJcHZ-ncZblG7tk2Q.roa (raw, json)
Hash identifier: 4XbUATxBsrLcTaK8Nt6ajLPLTruxGZ4jyNq9zT70oHo=
Subject key identifier: 69:57:34:02:99:69:59:6C:09:70:76:7E:9D:C6:5B:94:6E:ED:93:64
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0184F7868BBA2FA076955041C75CB58C1A42
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aVc0AplpWWwJcHZ-ncZblG7tk2Q.roa
Signing time: Fri 09 Dec 2022 15:35:00 +0000
ROA not before: Fri 09 Dec 2022 15:35:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211373
IP address blocks: 85.237.200.0/24 maxlen: 24
85.158.56.0/24 maxlen: 24
185.89.77.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f7:86:8b:ba:2f:a0:76:95:50:41:c7:5c:b5:8c:1a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Dec 9 15:35:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=695734029969596c0970767e9dc65b946eed9364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:28:a6:bf:48:51:b0:fa:f8:9b:f5:c4:22:d8:
e0:e0:e6:f9:8f:7c:97:b8:c4:81:e5:06:d3:1c:b3:
ed:c2:a8:58:ed:e2:a1:b5:26:44:6f:17:8c:d6:f9:
d0:f7:c6:6a:ab:d8:6a:3f:81:ed:54:90:b2:74:7f:
62:2d:77:14:75:54:23:db:a1:8a:ab:69:4e:d8:ce:
e5:b3:0b:69:1f:c3:b2:9e:99:3e:83:ed:60:50:78:
ec:47:28:df:17:0f:65:0a:26:35:af:72:4c:6c:af:
7e:b3:f2:c1:75:7f:77:17:91:54:cb:16:69:40:7a:
82:e0:b5:f1:e6:85:4a:c8:e0:2b:4a:64:89:31:55:
b2:d9:9f:38:23:05:b6:d0:5d:34:6a:3e:ab:87:3f:
da:f1:96:88:d7:58:fc:53:38:61:29:b5:67:5f:f9:
39:c0:57:86:8c:c7:3e:47:ad:21:4c:f4:69:17:c5:
e8:27:8d:f9:6e:95:71:ee:dc:ca:db:b3:fc:d7:16:
c8:87:94:24:f1:e4:88:eb:59:32:f9:91:6f:47:f4:
58:c2:dd:61:e1:7a:7d:72:28:5f:9c:7b:ef:7d:bf:
43:c2:ad:38:a2:d6:bf:62:db:3b:bc:6a:1d:86:1d:
30:77:50:d2:10:41:82:37:a2:8e:18:cf:66:7c:cc:
14:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:57:34:02:99:69:59:6C:09:70:76:7E:9D:C6:5B:94:6E:ED:93:64
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aVc0AplpWWwJcHZ-ncZblG7tk2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
85.237.200.0/24
185.89.77.0/24
185.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
12:22:a8:52:38:ce:48:cf:6b:a9:aa:7c:25:e0:19:53:a9:c8:
95:a6:c3:02:19:7b:8d:1a:c0:da:3a:0b:a1:dd:5c:a2:1a:32:
29:79:c7:1f:20:d7:b0:c1:9d:e6:7a:73:89:4f:c8:80:c5:61:
23:c0:5a:ab:00:cd:21:9c:ab:99:7a:60:41:25:4b:86:e5:61:
42:a0:81:d1:be:be:6a:4c:e3:40:24:82:04:25:b7:e2:4a:db:
4b:7a:92:18:2d:47:3f:6d:9b:08:43:92:05:b2:c9:92:a3:5e:
85:d2:e0:c1:f8:58:12:32:42:12:c3:19:96:30:7d:77:af:b6:
aa:08:2f:64:fc:bc:6b:65:49:fd:f7:05:c7:20:54:e6:61:a1:
06:b7:c2:89:05:cf:f3:9a:d6:3f:39:9f:24:a5:cb:3d:ff:7b:
e9:11:40:92:54:76:da:7c:74:42:22:d1:6f:0d:6d:e2:13:13:
66:0d:23:0f:8a:fb:58:1a:13:80:f5:68:ad:23:d2:d3:5a:ff:
1b:f6:77:bf:fd:c3:7f:e4:b3:8c:1d:51:8d:7b:e9:cb:9e:22:
5c:2a:b6:6e:5b:ce:11:fb:f1:67:fa:cf:c0:0e:20:de:ee:e7:
4e:7b:31:45:f0:de:24:9a:86:9b:56:c8:f0:3d:82:1a:ca:24:
71:06:0a:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYT3hou6L6B2lVBBx1y1jBpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMjA5MTUzNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU3MzQwMjk5Njk1OTZjMDk3MDc2N2U5ZGM2NWI5NDZlZWQ5MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Simv0hRsPr4m/XEItjg4Ob5j3yX
uMSB5QbTHLPtwqhY7eKhtSZEbxeM1vnQ98Zqq9hqP4HtVJCydH9iLXcUdVQj26GK
q2lO2M7lswtpH8Oynpk+g+1gUHjsRyjfFw9lCiY1r3JMbK9+s/LBdX93F5FUyxZp
QHqC4LXx5oVKyOArSmSJMVWy2Z84IwW20F00aj6rhz/a8ZaI11j8UzhhKbVnX/k5
wFeGjMc+R60hTPRpF8XoJ435bpVx7tzK27P81xbIh5Qk8eSI61ky+ZFvR/RYwt1h
4Xp9cihfnHvvfb9Dwq04ota/Yts7vGodhh0wd1DSEEGCN6KOGM9mfMwUzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGlXNAKZaVlsCXB2fp3GW5Ru7ZNkMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvYVZjMEFwbHBXV3dKY0haLW5jWmJsRzd0azJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZ44AwQA
Ve3IAwQAuVlNAwQAuV0hMA0GCSqGSIb3DQEBCwUAA4IBAQASIqhSOM5Iz2upqnwl
4BlTqciVpsMCGXuNGsDaOguh3VyiGjIpeccfINewwZ3menOJT8iAxWEjwFqrAM0h
nKuZemBBJUuG5WFCoIHRvr5qTONAJIIEJbfiSttLepIYLUc/bZsIQ5IFssmSo16F
0uDB+FgSMkISwxmWMH13r7aqCC9k/LxrZUn99wXHIFTmYaEGt8KJBc/zmtY/OZ8k
pcs9/3vpEUCSVHbafHRCItFvDW3iExNmDSMPivtYGhOA9WitI9LTWv8b9ne//cN/
5LOMHVGNe+nLniJcKrZuW84R+/Fn+s/ADiDe7udOezFF8N4kmoabVsjwPYIayiRx
Bgoc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org