Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gNxKndLnyriHTDStUgMjEo9CR5A.roa
File: gNxKndLnyriHTDStUgMjEo9CR5A.roa (raw, json)
Hash identifier: z72HTL99hPk7nsEoRSydwbyKlnedQ9lkmBc+q36OA2w=
Subject key identifier: 80:DC:4A:9D:D2:E7:CA:B8:87:4C:34:AD:52:03:23:12:8F:42:47:90
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0186784166BE9002BCEECE55AF00C81D986C
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gNxKndLnyriHTDStUgMjEo9CR5A.roa
Signing time: Wed 22 Feb 2023 08:33:17 +0000
ROA not before: Wed 22 Feb 2023 08:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 85.237.201.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.237.209.0/24 maxlen: 24
85.158.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:41:66:be:90:02:bc:ee:ce:55:af:00:c8:1d:98:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Feb 22 08:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80dc4a9dd2e7cab8874c34ad520323128f424790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7d:e3:74:5d:d9:c9:bf:08:27:44:e3:21:85:
a2:49:68:12:67:ed:62:26:af:c6:da:c4:69:5e:04:
ac:8b:53:12:7a:a0:50:42:3c:b2:b7:db:b0:35:b8:
4b:5c:61:22:7e:4f:93:20:d7:66:65:54:7c:2e:f2:
42:2b:7d:71:a0:c0:3b:b9:de:bf:81:e4:d1:63:fa:
a6:21:f1:a6:94:b0:69:22:f6:49:2c:c0:5a:26:d0:
f6:7e:14:a7:2a:3c:70:4d:3d:d0:71:61:74:7c:67:
b9:d7:74:13:04:5b:cc:a3:3f:51:59:35:89:91:52:
d5:6f:4e:61:f6:0b:c2:ee:f3:d5:a8:0f:65:9d:43:
ee:e1:80:b4:a2:11:5a:a7:af:66:74:4c:ac:f7:e6:
dc:44:93:e6:f4:4f:8e:06:7a:f4:e1:0d:20:da:b3:
96:a7:fb:39:ec:44:40:82:e2:5f:ac:77:ac:99:89:
e2:05:e6:fd:ba:f3:1d:92:3a:66:4e:1a:f5:04:5d:
6a:ae:f1:16:c9:ab:1a:51:c8:77:12:a7:4d:dd:90:
21:3e:7f:f1:28:38:8c:6b:f3:d2:4c:7b:1e:af:50:
41:de:dd:f3:c9:e5:f4:dc:cb:27:61:9c:de:9c:4c:
62:57:04:60:37:cb:f4:5e:13:cb:8b:38:0c:7c:c6:
9e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DC:4A:9D:D2:E7:CA:B8:87:4C:34:AD:52:03:23:12:8F:42:47:90
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gNxKndLnyriHTDStUgMjEo9CR5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.59.0/24
85.237.201.0/24
85.237.209.0/24
85.237.211.0/24
Signature Algorithm: sha256WithRSAEncryption
32:63:af:64:d8:69:27:3b:4d:a4:b0:65:24:95:b7:39:0a:4d:
2c:61:c0:4a:96:22:17:ee:63:67:f9:5d:a1:9a:03:ff:52:9a:
4b:f7:e8:09:05:23:62:48:11:b0:5f:8d:21:7d:7c:67:1e:e0:
f0:d7:ce:28:00:6e:25:a6:25:59:9d:48:61:9e:83:b5:b7:cd:
a6:9e:75:23:3a:d9:b2:aa:da:c5:3f:d0:2a:66:d2:82:ad:bc:
02:35:45:60:1b:43:e6:cf:e7:d9:3f:75:70:e6:c5:01:da:3d:
5c:1c:af:75:f9:72:50:9f:40:17:10:fb:27:25:24:5d:89:d6:
73:6c:16:0c:d6:06:e5:50:c7:5a:95:f2:92:07:f1:a0:95:2d:
97:7f:56:6a:1d:e7:d6:a1:0e:56:06:83:f8:77:92:05:ac:23:
34:16:84:d7:26:1e:2d:4e:f4:99:ba:29:bb:5b:d1:70:14:42:
3f:40:2f:ee:58:b4:b9:d9:d6:23:a5:7f:e0:ee:4f:c9:da:f4:
e2:78:59:86:e3:c6:c1:8b:7f:76:65:05:7c:5f:47:02:91:51:
5b:9c:0e:44:73:e1:30:b3:45:20:d9:d6:4e:1c:de:ae:ca:c4:
2a:0b:82:b0:f2:09:89:09:31:63:39:7b:58:99:c3:14:bd:33:
e2:7e:14:d7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZ4QWa+kAK87s5VrwDIHZhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMjIyMDgzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRjNGE5ZGQyZTdjYWI4ODc0YzM0YWQ1MjAzMjMxMjhmNDI0NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH3jdF3Zyb8IJ0TjIYWiSWgSZ+1i
Jq/G2sRpXgSsi1MSeqBQQjyyt9uwNbhLXGEifk+TINdmZVR8LvJCK31xoMA7ud6/
geTRY/qmIfGmlLBpIvZJLMBaJtD2fhSnKjxwTT3QcWF0fGe513QTBFvMoz9RWTWJ
kVLVb05h9gvC7vPVqA9lnUPu4YC0ohFap69mdEys9+bcRJPm9E+OBnr04Q0g2rOW
p/s57ERAguJfrHesmYniBeb9uvMdkjpmThr1BF1qrvEWyasaUch3EqdN3ZAhPn/x
KDiMa/PSTHser1BB3t3zyeX03MsnYZzenExiVwRgN8v0XhPLizgMfMaePwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIDcSp3S58q4h0w0rVIDIxKPQkeQMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvZ054S25kTG55cmlIVERTdFVnTWpFbzlDUjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZ47AwQA
Ve3JAwQAVe3RAwQAVe3TMA0GCSqGSIb3DQEBCwUAA4IBAQAyY69k2GknO02ksGUk
lbc5Ck0sYcBKliIX7mNn+V2hmgP/UppL9+gJBSNiSBGwX40hfXxnHuDw184oAG4l
piVZnUhhnoO1t82mnnUjOtmyqtrFP9AqZtKCrbwCNUVgG0Pmz+fZP3Vw5sUB2j1c
HK91+XJQn0AXEPsnJSRdidZzbBYM1gblUMdalfKSB/GglS2Xf1ZqHefWoQ5WBoP4
d5IFrCM0FoTXJh4tTvSZuim7W9FwFEI/QC/uWLS52dYjpX/g7k/J2vTieFmG48bB
i392ZQV8X0cCkVFbnA5Ec+Ews0Ug2dZOHN6uysQqC4Kw8gmJCTFjOXtYmcMUvTPi
fhTX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org