Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/lMotZuCeLJZi6eyaXoTd63pAjOE.roa
File: lMotZuCeLJZi6eyaXoTd63pAjOE.roa (raw, json)
Hash identifier: sUCxWzwdo1rZtOjHc09ptDMI31dsUs8bzcjXWCHrncs=
Subject key identifier: 94:CA:2D:66:E0:9E:2C:96:62:E9:EC:9A:5E:84:DD:EB:7A:40:8C:E1
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0185020EC5C3B39D36845DB5CE78E2C7E61E
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/lMotZuCeLJZi6eyaXoTd63pAjOE.roa
Signing time: Sun 11 Dec 2022 16:40:00 +0000
ROA not before: Sun 11 Dec 2022 16:40:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 85.237.208.0/24 maxlen: 24
85.158.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:0e:c5:c3:b3:9d:36:84:5d:b5:ce:78:e2:c7:e6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Dec 11 16:40:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94ca2d66e09e2c9662e9ec9a5e84ddeb7a408ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7f:9d:46:34:b3:98:8b:51:88:87:f5:71:de:
7b:54:c5:7c:69:c9:e8:37:8f:39:47:66:63:49:18:
e4:92:ad:d7:5d:fa:08:74:06:0b:37:f2:f2:37:4f:
2e:36:ab:d5:06:c5:da:43:09:3f:e5:9d:c4:5f:7f:
60:d7:3d:3a:3c:59:5c:db:66:39:c0:8a:33:cd:f5:
86:fc:8a:ff:41:78:d3:3a:af:04:33:31:98:2d:a7:
b2:e3:34:24:9c:a8:4b:83:6c:66:7d:b5:59:29:a1:
14:cc:62:52:c2:90:ee:fb:82:5d:88:de:26:01:cd:
df:6b:bd:ac:cc:66:d6:ab:b3:14:83:34:82:2a:c3:
e2:c3:d8:fe:7f:60:42:77:c3:ca:d2:dd:ca:fb:74:
ee:9d:46:e9:e8:e9:8f:e4:fd:6b:06:a4:4e:cd:05:
c9:0e:d4:26:c1:0c:1e:8c:05:e9:f3:b3:9c:8b:b0:
20:21:d3:04:20:ad:63:f8:6c:eb:73:f9:03:04:13:
01:a6:6d:59:55:7e:f3:2f:af:9c:5e:b7:28:92:68:
3a:fb:e0:d5:fa:0c:10:30:85:85:95:e3:b0:e6:79:
9e:7e:74:82:97:bb:7c:ab:11:ef:75:22:7c:f0:78:
92:3b:39:59:ab:1d:6f:21:28:5d:c7:46:f4:e4:c8:
d0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CA:2D:66:E0:9E:2C:96:62:E9:EC:9A:5E:84:DD:EB:7A:40:8C:E1
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/lMotZuCeLJZi6eyaXoTd63pAjOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.61.0/24
85.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
27:9a:b2:32:89:42:77:d5:ba:8f:72:da:55:af:c7:70:ea:d7:
2d:74:6f:8a:49:ff:4a:7c:1c:54:db:ce:f1:5c:6c:bf:17:81:
14:10:2b:87:a3:1b:ec:3f:d4:95:f8:6a:c8:0e:50:52:9e:72:
98:9b:84:d4:09:fc:f1:08:7a:c0:0f:1d:6a:b1:99:ef:81:6a:
33:be:40:e1:ab:7c:63:ee:0a:64:3f:53:21:4d:ab:04:00:7e:
50:89:20:b6:f6:cf:66:bf:d7:35:d7:66:1d:ee:36:05:ce:e0:
01:ca:95:94:04:94:d1:e8:bd:bc:c6:26:b7:08:12:db:69:d9:
31:77:22:e5:f5:af:19:fe:3c:e1:56:25:7c:9a:4c:01:8b:d0:
bc:c2:bf:38:fb:40:41:83:8f:a1:de:e1:1f:fb:2d:23:40:d2:
3e:41:79:95:c0:eb:fc:db:92:4b:f2:b8:56:f2:34:9e:f0:ec:
73:e7:cb:28:88:34:4a:64:5c:d6:9c:de:f5:9c:8c:a1:5d:3a:
37:5a:58:38:7d:ce:f1:04:18:cf:1e:94:f3:0e:89:fc:18:8a:
63:22:ce:ba:8c:00:35:79:cc:46:bb:38:8a:21:d0:05:f4:20:
2c:e4:44:42:00:47:25:9d:21:fe:93:ac:73:e7:48:93:0c:e2:
f4:cd:d8:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUCDsXDs502hF21znjix+YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMjExMTY0MDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNhMmQ2NmUwOWUyYzk2NjJlOWVjOWE1ZTg0ZGRlYjdhNDA4Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH+dRjSzmItRiIf1cd57VMV8acno
N485R2ZjSRjkkq3XXfoIdAYLN/LyN08uNqvVBsXaQwk/5Z3EX39g1z06PFlc22Y5
wIozzfWG/Ir/QXjTOq8EMzGYLaey4zQknKhLg2xmfbVZKaEUzGJSwpDu+4JdiN4m
Ac3fa72szGbWq7MUgzSCKsPiw9j+f2BCd8PK0t3K+3TunUbp6OmP5P1rBqROzQXJ
DtQmwQwejAXp87Oci7AgIdMEIK1j+Gzrc/kDBBMBpm1ZVX7zL6+cXrcokmg6++DV
+gwQMIWFleOw5nmefnSCl7t8qxHvdSJ88HiSOzlZqx1vIShdx0b05MjQiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJTKLWbgniyWYunsml6E3et6QIzhMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvbE1vdFp1Q2VMSlppNmV5YVhvVGQ2M3BBak9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ49AwQA
Ve3QMA0GCSqGSIb3DQEBCwUAA4IBAQAnmrIyiUJ31bqPctpVr8dw6tctdG+KSf9K
fBxU287xXGy/F4EUECuHoxvsP9SV+GrIDlBSnnKYm4TUCfzxCHrADx1qsZnvgWoz
vkDhq3xj7gpkP1MhTasEAH5QiSC29s9mv9c112Yd7jYFzuABypWUBJTR6L28xia3
CBLbadkxdyLl9a8Z/jzhViV8mkwBi9C8wr84+0BBg4+h3uEf+y0jQNI+QXmVwOv8
25JL8rhW8jSe8Oxz58soiDRKZFzWnN71nIyhXTo3Wlg4fc7xBBjPHpTzDon8GIpj
Is66jAA1ecxGuziKIdAF9CAs5ERCAEclnSH+k6xz50iTDOL0zdgJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org