Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/nEVl8uRU5KBT2tc9l4IDK7poLBs.roa
File: nEVl8uRU5KBT2tc9l4IDK7poLBs.roa (raw, json)
Hash identifier: eC4YBLabHXs13oxWEgP4lg/PkNqRUAXCdaVv3dn1ets=
Subject key identifier: 9C:45:65:F2:E4:54:E4:A0:53:DA:D7:3D:97:82:03:2B:BA:68:2C:1B
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE8ED0FB126C0CC8D4E73890B29A32
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/nEVl8uRU5KBT2tc9l4IDK7poLBs.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 85.158.59.0/24 maxlen: 24
85.237.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8e:d0:fb:12:6c:0c:c8:d4:e7:38:90:b2:9a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4565f2e454e4a053dad73d9782032bba682c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cf:88:22:91:85:9b:6c:cc:62:c6:b2:7b:6b:
14:b0:ef:b5:f2:42:7a:8c:7d:7e:eb:96:ed:ad:fc:
e4:77:72:f6:e6:18:67:57:37:ec:ee:dc:31:27:69:
09:72:16:0f:fe:aa:4f:a1:0d:91:77:62:5a:e1:b7:
4c:7d:2f:ed:cd:b5:f5:b7:ae:8f:77:e8:66:ee:51:
3c:44:fa:5d:19:bb:b6:2b:5d:4b:30:4f:97:5a:63:
76:59:c0:da:56:e3:a1:fa:2e:5c:e7:ca:b4:91:59:
00:eb:e8:10:63:e6:33:ae:9d:7c:23:26:89:68:6d:
d3:11:5e:86:21:33:36:0f:5d:c6:64:8a:25:e5:57:
ca:43:ab:ef:0f:27:79:cb:35:a8:d6:08:a8:4c:b1:
01:6b:e8:45:cc:b2:50:66:2b:df:d4:52:30:fd:48:
47:bb:cc:a9:7c:fc:6d:60:61:29:6e:4c:e0:bf:55:
5e:65:dd:74:e2:db:f0:50:87:41:94:9b:82:3d:76:
97:43:dc:62:ec:e5:c4:45:4c:58:aa:a9:6e:bb:ad:
32:1d:28:b2:b5:2a:29:8e:cb:de:0c:46:ff:91:60:
86:5d:38:b1:4c:73:08:97:61:57:81:65:4b:52:5f:
b9:32:45:37:f1:36:67:05:46:0a:63:71:45:64:20:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:45:65:F2:E4:54:E4:A0:53:DA:D7:3D:97:82:03:2B:BA:68:2C:1B
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/nEVl8uRU5KBT2tc9l4IDK7poLBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.59.0/24
85.237.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a1:af:08:dd:96:a4:b1:e7:1d:39:66:19:5b:94:87:31:30:
27:e3:5d:68:0b:3f:59:67:32:aa:30:39:24:f2:64:71:13:1a:
5d:cb:ae:24:1d:d5:b7:61:16:ea:c1:cf:f4:bc:b4:d0:a1:f4:
da:ce:83:f0:4e:a6:56:bf:96:8f:70:45:75:09:98:2e:ce:e4:
c2:c2:d4:83:a2:03:7a:ac:3d:8e:d7:34:d6:5d:09:be:6b:f7:
0d:f5:a9:55:8f:d0:c8:4b:2d:ab:5b:da:ba:68:8b:f7:7a:b1:
5b:7f:dc:b4:e3:cc:63:ae:06:14:a8:d1:39:d7:b2:47:33:f6:
af:4d:cc:8e:88:54:83:4c:c9:24:ce:ca:77:dc:76:1b:4d:d2:
c9:0c:53:32:b2:bd:d9:b5:11:b7:08:06:39:15:cc:af:40:f0:
24:35:2a:0e:ae:3c:b9:df:e8:54:4a:5f:cc:76:d1:ba:57:5c:
f7:d3:91:86:40:87:ca:91:ae:d1:42:9e:97:32:6c:d9:51:43:
9b:78:58:5e:03:03:bd:93:42:79:60:bc:9a:3e:d5:ad:d2:63:
f7:52:e8:34:09:06:df:a3:35:fb:4c:4c:13:8f:39:24:72:9a:
61:15:85:29:d5:6d:10:f5:9f:08:12:44:52:27:51:7e:d6:b8:
c7:73:99:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3o7Q+xJsDMjU5ziQspoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQ1NjVmMmU0NTRlNGEwNTNkYWQ3M2Q5NzgyMDMyYmJhNjgyYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8+IIpGFm2zMYsaye2sUsO+18kJ6
jH1+65btrfzkd3L25hhnVzfs7twxJ2kJchYP/qpPoQ2Rd2Ja4bdMfS/tzbX1t66P
d+hm7lE8RPpdGbu2K11LME+XWmN2WcDaVuOh+i5c58q0kVkA6+gQY+Yzrp18IyaJ
aG3TEV6GITM2D13GZIol5VfKQ6vvDyd5yzWo1gioTLEBa+hFzLJQZivf1FIw/UhH
u8ypfPxtYGEpbkzgv1VeZd104tvwUIdBlJuCPXaXQ9xi7OXERUxYqqluu60yHSiy
tSopjsveDEb/kWCGXTixTHMIl2FXgWVLUl+5MkU38TZnBUYKY3FFZCAVIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxFZfLkVOSgU9rXPZeCAyu6aCwbMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvbkVWbDh1UlU1S0JUMnRjOWw0SURLN3BvTEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ47AwQA
Ve3WMA0GCSqGSIb3DQEBCwUAA4IBAQAvoa8I3ZaksecdOWYZW5SHMTAn411oCz9Z
ZzKqMDkk8mRxExpdy64kHdW3YRbqwc/0vLTQofTazoPwTqZWv5aPcEV1CZguzuTC
wtSDogN6rD2O1zTWXQm+a/cN9alVj9DISy2rW9q6aIv3erFbf9y048xjrgYUqNE5
17JHM/avTcyOiFSDTMkkzsp33HYbTdLJDFMysr3ZtRG3CAY5FcyvQPAkNSoOrjy5
3+hUSl/MdtG6V1z305GGQIfKka7RQp6XMmzZUUObeFheAwO9k0J5YLyaPtWt0mP3
Uug0CQbfozX7TEwTjzkkcpphFYUp1W0Q9Z8IEkRSJ1F+1rjHc5nu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org