Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gtJtgQDnRubSbsUv_wgcvGPYMZI.roa
File: gtJtgQDnRubSbsUv_wgcvGPYMZI.roa (raw, json)
Hash identifier: rPS8fT2m+xdpQZUBGy4zw5gK4eiG1QZ1Ob1Tr/BxIwc=
Subject key identifier: 82:D2:6D:81:00:E7:46:E6:D2:6E:C5:2F:FF:08:1C:BC:63:D8:31:92
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0185770DF52F42ADBDDDF730917974CCD7CF
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gtJtgQDnRubSbsUv_wgcvGPYMZI.roa
Signing time: Tue 03 Jan 2023 09:54:41 +0000
ROA not before: Tue 03 Jan 2023 09:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 85.158.57.0/24 maxlen: 24
85.158.62.0/24 maxlen: 24
85.237.222.0/24 maxlen: 24
85.237.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:0d:f5:2f:42:ad:bd:dd:f7:30:91:79:74:cc:d7:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 3 09:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82d26d8100e746e6d26ec52fff081cbc63d83192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b9:0b:bc:07:00:90:dc:c6:05:33:23:0e:4c:
df:34:99:b3:fd:5b:8f:18:d1:71:44:3e:45:a5:4b:
78:7d:b9:40:c6:6d:16:a5:26:0c:f5:65:7c:f8:8b:
f5:a9:72:77:62:d7:a4:2e:34:b1:8a:20:0c:b7:07:
14:2d:e7:30:f0:59:d5:90:69:cb:81:34:91:2c:c1:
6c:5d:fd:d3:e2:a9:98:9e:77:93:20:25:3f:03:73:
a4:2f:67:8e:43:ac:13:c7:32:06:79:53:5a:04:69:
5e:39:08:e0:66:d9:16:e4:f1:6b:0e:e7:d7:1f:5a:
01:fa:ae:a7:19:46:cb:fd:34:02:d1:63:74:c4:ec:
60:95:16:60:59:81:69:83:98:98:6f:f8:8d:d8:73:
c1:ab:c7:ce:81:cb:72:a9:cf:90:91:b0:92:d7:3e:
ab:0a:c5:f4:e6:1e:b4:d4:90:64:f5:f9:46:4b:49:
7a:c1:eb:07:be:76:cd:f8:3a:42:56:05:a2:0d:eb:
cc:3f:d4:24:28:85:d5:6b:97:e1:ec:1e:2c:0c:e7:
6f:86:5d:9b:03:c9:87:f2:73:ab:f3:bd:77:4a:04:
10:88:05:00:e3:eb:e0:08:08:20:cc:c5:86:29:2c:
fd:f4:48:49:d8:97:6a:1c:d1:1c:38:b7:95:79:dc:
dc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:6D:81:00:E7:46:E6:D2:6E:C5:2F:FF:08:1C:BC:63:D8:31:92
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gtJtgQDnRubSbsUv_wgcvGPYMZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.158.62.0/24
85.237.222.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:8c:f5:c6:22:5f:84:94:3f:82:66:2b:45:29:be:06:e7:29:
23:37:51:82:f2:14:5d:d2:f4:2d:b6:5f:20:99:e1:94:ef:4b:
e1:45:3c:73:db:c3:36:33:65:e8:a1:22:05:02:53:22:b8:a2:
0a:c6:e8:c6:8f:af:f7:72:a2:ea:54:05:b8:ad:56:ce:23:bb:
66:70:4f:52:1a:6c:be:7b:38:00:c7:14:0e:60:20:40:d8:bc:
f9:53:02:51:f6:f7:d7:31:72:ab:35:f8:80:58:e4:e8:f0:47:
af:dd:7d:b5:38:b4:bf:39:05:6a:7f:87:64:67:7d:65:fd:a9:
8b:a5:d5:b7:ed:0c:6c:bd:00:98:49:b9:51:37:8b:f6:05:16:
20:b3:d5:22:0f:4a:29:07:29:c1:c7:ee:7f:a2:cc:4e:b3:c2:
de:b6:36:c2:4f:bd:db:eb:a1:3d:f4:56:79:ce:86:ff:66:e1:
d0:15:b4:51:00:03:4c:72:64:c7:5f:55:57:47:c9:2f:14:db:
81:04:04:a3:ed:1a:e9:8a:7d:d7:52:fc:90:44:73:b1:68:2d:
46:b8:d9:e0:07:7e:45:a5:47:00:fc:05:e4:08:a8:17:e9:56:
fa:06:0a:b5:96:98:47:8d:53:f1:0d:9b:41:c6:14:b2:0d:25:
42:08:7d:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV3DfUvQq293fcwkXl0zNfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAzMDk1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQyNmQ4MTAwZTc0NmU2ZDI2ZWM1MmZmZjA4MWNiYzYzZDgzMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLkLvAcAkNzGBTMjDkzfNJmz/VuP
GNFxRD5FpUt4fblAxm0WpSYM9WV8+Iv1qXJ3YtekLjSxiiAMtwcULecw8FnVkGnL
gTSRLMFsXf3T4qmYnneTICU/A3OkL2eOQ6wTxzIGeVNaBGleOQjgZtkW5PFrDufX
H1oB+q6nGUbL/TQC0WN0xOxglRZgWYFpg5iYb/iN2HPBq8fOgctyqc+QkbCS1z6r
CsX05h601JBk9flGS0l6wesHvnbN+DpCVgWiDevMP9QkKIXVa5fh7B4sDOdvhl2b
A8mH8nOr8713SgQQiAUA4+vgCAggzMWGKSz99EhJ2JdqHNEcOLeVedzczwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILSbYEA50bm0m7FL/8IHLxj2DGSMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvZ3RKdGdRRG5SdWJTYnNVdl93Z2N2R1BZTVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVZ45AwQA
VZ4+AwQBVe3eMA0GCSqGSIb3DQEBCwUAA4IBAQB8jPXGIl+ElD+CZitFKb4G5ykj
N1GC8hRd0vQttl8gmeGU70vhRTxz28M2M2XooSIFAlMiuKIKxujGj6/3cqLqVAW4
rVbOI7tmcE9SGmy+ezgAxxQOYCBA2Lz5UwJR9vfXMXKrNfiAWOTo8Eev3X21OLS/
OQVqf4dkZ31l/amLpdW37QxsvQCYSblRN4v2BRYgs9UiD0opBynBx+5/osxOs8Le
tjbCT73b66E99FZ5zob/ZuHQFbRRAANMcmTHX1VXR8kvFNuBBASj7Rrpin3XUvyQ
RHOxaC1GuNngB35FpUcA/AXkCKgX6Vb6Bgq1lphHjVPxDZtBxhSyDSVCCH2N
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org