Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yx4LU7aSatxiAHkokA6WTlctP8w.roa
File: yx4LU7aSatxiAHkokA6WTlctP8w.roa (raw, json)
Hash identifier: SnBJCk8V/xwd5Gj5aHXydXPTZqstH2XsYLZAr7Fg8/0=
Subject key identifier: CB:1E:0B:53:B6:92:6A:DC:62:00:79:28:90:0E:96:4E:57:2D:3F:CC
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018476695119EC38CEA36124A21865A7A325
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yx4LU7aSatxiAHkokA6WTlctP8w.roa
Signing time: Mon 14 Nov 2022 13:52:04 +0000
ROA not before: Mon 14 Nov 2022 13:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.109.192.0/21 maxlen: 24
85.237.192.0/21 maxlen: 24
85.237.206.0/23 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.237.200.0/23 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.216.0/24 maxlen: 24
185.89.76.0/22 maxlen: 24
185.89.77.0/24 maxlen: 24
85.158.56.0/21 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:69:51:19:ec:38:ce:a3:61:24:a2:18:65:a7:a3:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Nov 14 13:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb1e0b53b6926adc62007928900e964e572d3fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:00:a9:48:4e:97:ae:11:a7:78:f5:7d:d1:
95:8a:e4:fc:e6:9e:2c:4a:0d:49:ef:e8:44:80:1b:
7f:15:24:6f:61:68:f7:4d:c6:22:76:fa:c9:90:76:
aa:73:65:51:4b:23:70:3a:c9:51:03:c9:f5:a2:a1:
07:7e:d8:63:07:7e:b9:b3:6c:b4:05:5f:fa:98:b2:
2f:e7:0f:9d:51:27:8d:ca:f6:ca:ec:b2:ab:ef:a5:
9e:e8:a0:68:4e:c9:bb:67:04:9e:43:36:20:5f:52:
80:71:5e:90:f1:88:3d:9d:4b:47:e6:8a:c9:f5:19:
dd:e3:df:26:75:75:b4:06:89:36:7f:f4:b8:bd:83:
08:d2:ee:16:10:11:73:b7:cc:8b:e3:90:04:8f:e2:
91:ca:93:37:84:dd:87:be:d7:cd:ce:e8:df:6a:1a:
6e:fe:18:fe:94:9f:b1:42:13:0b:06:1c:3e:10:0a:
08:b9:d6:c2:7c:c3:97:75:28:61:37:8f:e2:52:ef:
02:c5:b0:4b:2b:68:64:71:c1:1b:52:c4:bc:ac:25:
62:15:2c:36:5d:ee:e4:d5:91:7c:69:69:7b:6e:56:
10:ed:aa:85:06:9e:7c:93:61:75:8b:2f:c7:7f:c7:
32:b5:9b:18:93:5c:02:b8:8c:07:97:55:12:50:ef:
ab:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1E:0B:53:B6:92:6A:DC:62:00:79:28:90:0E:96:4E:57:2D:3F:CC
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yx4LU7aSatxiAHkokA6WTlctP8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/21
85.237.192.0-85.237.201.255
85.237.203.0/24
85.237.205.0-85.237.223.255
185.89.76.0/22
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d6:ec:2e:cc:13:e7:b4:4f:4a:74:45:b3:d1:03:75:e4:8c:
6e:c5:be:87:a7:0f:be:e8:f5:9a:e6:22:06:1b:7a:b4:14:83:
c3:02:7e:71:c5:cf:06:94:88:09:74:12:3d:ce:67:de:1d:64:
e7:0c:78:99:52:38:f0:42:31:71:c0:2c:7b:73:c3:33:a7:4d:
f8:c2:0a:b1:5d:5f:ed:72:cc:4f:c4:56:9c:84:44:86:58:97:
87:59:2b:e9:4c:93:e8:84:d0:9e:1c:64:69:91:02:cb:44:ff:
7f:69:40:64:83:10:1e:f3:bf:60:bb:7b:3a:c3:0d:64:03:ee:
73:4d:30:ee:e3:44:e7:c1:39:4e:1f:6f:e6:fe:ea:a1:f8:1a:
0a:01:f8:45:9e:6f:06:8f:43:de:b8:1d:d5:a6:51:3e:24:38:
a4:1f:72:cd:61:a5:f3:bd:25:a7:fd:6c:43:f0:bf:e6:6c:41:
af:d9:ff:eb:5e:eb:2c:b0:29:1d:b1:52:49:62:76:27:c1:04:
eb:3a:c2:9e:20:88:c1:f2:1c:5e:31:5f:d5:aa:87:bd:ed:96:
f8:20:8c:16:ed:12:da:40:16:58:a4:9c:95:80:25:74:3c:ee:
db:57:56:a3:8a:cf:f8:a2:e3:a5:9c:0c:b7:a8:3e:e5:b9:73:
2f:f1:c9:10
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYR2aVEZ7DjOo2Ekohhlp6MlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMTE0MTM1MjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjFlMGI1M2I2OTI2YWRjNjIwMDc5Mjg5MDBlOTY0ZTU3MmQzZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+IAqUhOl64Rp3j1fdGViuT85p4s
Sg1J7+hEgBt/FSRvYWj3TcYidvrJkHaqc2VRSyNwOslRA8n1oqEHfthjB365s2y0
BV/6mLIv5w+dUSeNyvbK7LKr76We6KBoTsm7ZwSeQzYgX1KAcV6Q8Yg9nUtH5orJ
9Rnd498mdXW0Bok2f/S4vYMI0u4WEBFzt8yL45AEj+KRypM3hN2HvtfNzujfahpu
/hj+lJ+xQhMLBhw+EAoIudbCfMOXdShhN4/iUu8CxbBLK2hkccEbUsS8rCViFSw2
Xe7k1ZF8aWl7blYQ7aqFBp58k2F1iy/Hf8cytZsYk1wCuIwHl1USUO+rzwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMseC1O2kmrcYgB5KJAOlk5XLT/MMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEveXg0TFU3YVNhdHhpQUhrb2tBNldUbGN0UDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDVZ44MAwD
BAZV7cADBAFV7cgDBABV7cswDAMEAFXtzQMEBVXtwAMEArlZTAMEALldIAMEAbld
IgMEA8FtwAMEAMKp2TANBgkqhkiG9w0BAQsFAAOCAQEAK9bsLswT57RPSnRFs9ED
deSMbsW+h6cPvuj1muYiBht6tBSDwwJ+ccXPBpSICXQSPc5n3h1k5wx4mVI48EIx
ccAse3PDM6dN+MIKsV1f7XLMT8RWnIREhliXh1kr6UyT6ITQnhxkaZECy0T/f2lA
ZIMQHvO/YLt7OsMNZAPuc00w7uNE58E5Th9v5v7qofgaCgH4RZ5vBo9D3rgd1aZR
PiQ4pB9yzWGl870lp/1sQ/C/5mxBr9n/617rLLApHbFSSWJ2J8EE6zrCniCIwfIc
XjFf1aqHve2W+CCMFu0S2kAWWKSclYAldDzu21dWo4rP+KLjpZwMt6g+5blzL/HJ
EA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:08 2023 by rpki-client on console-ams.rpki-client.org