Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/rAr43HFnTvXOhixfT4XMv9ul3so.roa
File: rAr43HFnTvXOhixfT4XMv9ul3so.roa (raw, json)
Hash identifier: ItE7ys/gcoln11MK1EmQB0kOVto+lhsDzdi0FGyen0A=
Subject key identifier: AC:0A:F8:DC:71:67:4E:F5:CE:86:2C:5F:4F:85:CC:BF:DB:A5:DE:CA
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE9079769405D67A50133564B8449C
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/rAr43HFnTvXOhixfT4XMv9ul3so.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.237.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:90:79:76:94:05:d6:7a:50:13:35:64:b8:44:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac0af8dc71674ef5ce862c5f4f85ccbfdba5deca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c9:2b:4c:a9:42:cd:98:8e:55:19:d9:0b:52:
1f:28:b8:87:f2:2a:65:5f:e5:34:2c:62:38:d7:80:
90:b9:6a:e3:cd:dc:c8:fc:78:75:7a:d9:ed:8d:b1:
bf:ed:11:0e:3c:df:20:6d:c2:b1:be:0e:ab:5f:8f:
41:9b:2b:1d:70:37:08:f8:a3:65:42:9a:65:f1:4d:
c5:49:6c:d0:b9:cc:86:51:1e:97:2d:76:af:49:e7:
52:aa:c5:aa:0b:ba:f9:07:4d:1d:08:e1:74:4c:b9:
ce:5c:8c:69:ed:db:6a:ac:c3:41:3b:f0:51:60:1a:
56:32:1b:d0:31:31:cc:80:65:04:1c:e9:97:5a:ca:
00:f9:04:69:ff:96:ab:57:c1:d0:ad:17:72:9f:39:
c0:ac:a9:7e:0b:92:bf:c5:f9:f5:80:bb:2f:67:3b:
d1:96:27:80:3e:89:05:48:fc:99:6a:30:97:a0:98:
f6:4f:10:b9:5c:86:d8:a1:9f:fd:75:ba:c5:52:b3:
d0:1a:c0:97:f1:ec:a5:96:05:f6:78:1b:ca:1f:31:
2d:d2:81:14:3a:d8:9c:f1:2a:00:01:29:b2:0c:fb:
8a:dc:59:7a:3e:91:eb:0c:72:d3:e0:e4:6d:2c:9e:
c0:f4:e3:fd:26:7d:49:ac:bf:ec:33:9e:9b:7c:fb:
cd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0A:F8:DC:71:67:4E:F5:CE:86:2C:5F:4F:85:CC:BF:DB:A5:DE:CA
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/rAr43HFnTvXOhixfT4XMv9ul3so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
88:89:62:58:e6:ac:cb:5a:fc:2b:e9:13:12:d7:11:b4:87:94:
1c:19:2a:04:0c:08:78:8f:e5:9c:f9:73:b4:9d:7b:80:7b:27:
23:fb:50:79:9c:c8:60:4c:de:14:a0:7a:f1:fc:ff:f3:7a:d0:
94:24:06:e7:b9:f0:8b:26:cc:fb:73:23:47:c7:60:25:a1:aa:
36:96:6c:6f:92:ff:b8:f8:6b:b3:f5:25:c4:12:03:af:d1:c4:
ee:d6:da:4a:fc:63:bf:2e:19:d1:1b:65:97:78:2d:2d:1d:c6:
1b:0a:07:f1:98:3f:33:a4:08:4d:38:33:c0:a8:60:0c:10:a0:
8e:38:df:ef:1a:88:11:15:38:b4:27:f8:8a:6c:b6:f2:e6:01:
22:50:db:4a:fe:75:57:ff:e6:ba:35:0c:08:e9:4e:de:f0:c7:
8f:76:40:98:3c:eb:60:14:6c:41:d8:ff:1f:f9:7c:87:ae:c2:
26:c4:0e:58:ae:cb:67:23:f5:43:26:f0:88:26:66:bc:18:b5:
db:3d:7f:ed:73:c8:c1:87:76:34:60:b0:c4:b5:6c:84:f9:4c:
6f:37:2c:2e:92:e0:aa:f2:ea:2e:02:55:0d:17:73:01:76:c9:
9c:61:be:c6:81:51:30:ed:cc:79:74:bd:0c:41:c7:13:a4:74:
fc:17:ea:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3pB5dpQF1npQEzVkuEScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBhZjhkYzcxNjc0ZWY1Y2U4NjJjNWY0Zjg1Y2NiZmRiYTVkZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiskrTKlCzZiOVRnZC1IfKLiH8ipl
X+U0LGI414CQuWrjzdzI/Hh1etntjbG/7REOPN8gbcKxvg6rX49BmysdcDcI+KNl
Qppl8U3FSWzQucyGUR6XLXavSedSqsWqC7r5B00dCOF0TLnOXIxp7dtqrMNBO/BR
YBpWMhvQMTHMgGUEHOmXWsoA+QRp/5arV8HQrRdynznArKl+C5K/xfn1gLsvZzvR
lieAPokFSPyZajCXoJj2TxC5XIbYoZ/9dbrFUrPQGsCX8eyllgX2eBvKHzEt0oEU
Otic8SoAASmyDPuK3Fl6PpHrDHLT4ORtLJ7A9OP9Jn1JrL/sM56bfPvNlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwK+NxxZ071zoYsX0+FzL/bpd7KMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvckFyNDNIRm5UdlhPaGl4ZlQ0WE12OXVsM3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe3RMA0G
CSqGSIb3DQEBCwUAA4IBAQCIiWJY5qzLWvwr6RMS1xG0h5QcGSoEDAh4j+Wc+XO0
nXuAeycj+1B5nMhgTN4UoHrx/P/zetCUJAbnufCLJsz7cyNHx2Aloao2lmxvkv+4
+Guz9SXEEgOv0cTu1tpK/GO/LhnRG2WXeC0tHcYbCgfxmD8zpAhNODPAqGAMEKCO
ON/vGogRFTi0J/iKbLby5gEiUNtK/nVX/+a6NQwI6U7e8MePdkCYPOtgFGxB2P8f
+XyHrsImxA5YrstnI/VDJvCIJma8GLXbPX/tc8jBh3Y0YLDEtWyE+UxvNywukuCq
8uouAlUNF3MBdsmcYb7GgVEw7cx5dL0MQccTpHT8F+rl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:08 2023 by rpki-client on console-ams.rpki-client.org