Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/2HZQ1T-S0vxoHuvIAatCWERGknE.roa
File: 2HZQ1T-S0vxoHuvIAatCWERGknE.roa (raw, json)
Hash identifier: oCohXrF8iOHfRiu6Kf8bwHZzVHRc4PpovhY/8DjZ85E=
Subject key identifier: D8:76:50:D5:3F:92:D2:FC:68:1E:EB:C8:01:AB:42:58:44:46:92:71
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01876FF9661FEC4E17B29AA6CD905BB9C611
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/2HZQ1T-S0vxoHuvIAatCWERGknE.roa
Signing time: Tue 11 Apr 2023 11:00:28 +0000
ROA not before: Tue 11 Apr 2023 11:00:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.109.194.0/24 maxlen: 24
85.237.200.0/24 maxlen: 24
85.158.56.0/24 maxlen: 24
85.237.213.0/24 maxlen: 24
185.89.77.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:f9:66:1f:ec:4e:17:b2:9a:a6:cd:90:5b:b9:c6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Apr 11 11:00:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d87650d53f92d2fc681eebc801ab425844469271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5c:e2:14:ff:fa:70:e4:66:73:12:0b:3e:47:
a1:e5:79:76:ce:77:3b:6f:f2:e7:2b:2f:1f:25:0c:
d9:03:61:d8:db:63:d2:47:f3:2d:63:21:21:c4:01:
7f:04:41:62:1a:d5:b7:76:3e:9e:de:3e:22:3c:e6:
98:fa:7d:07:9c:eb:8f:e1:5a:92:d6:24:76:84:54:
f3:74:09:50:f8:2b:29:23:8f:d3:10:7f:8e:d5:88:
a8:ad:5b:14:43:e4:b5:18:f3:a9:2c:52:5e:63:e5:
dc:a0:ee:76:8e:2b:54:2a:71:23:8b:7d:83:d9:35:
8a:4b:f4:55:4e:47:31:6d:d8:e3:55:3e:0a:a3:a6:
f6:07:83:20:a0:98:a2:04:89:b5:c7:5a:54:39:a4:
fd:55:96:2e:9b:55:d6:a4:4c:86:5a:fd:b1:52:5f:
d0:99:41:77:07:9b:6d:7e:d4:fb:ff:57:5a:46:32:
c5:17:8a:0a:69:46:04:75:05:51:28:e2:83:fe:f3:
59:37:b8:91:14:3f:a1:2f:53:50:d3:43:2c:4c:fa:
d1:96:77:12:68:cd:b5:29:55:ca:84:a3:10:77:31:
d4:7a:05:a2:b0:22:60:21:0c:d8:d6:88:3b:35:74:
f6:7d:cf:ba:a9:7f:8c:2a:d6:18:63:37:17:30:9f:
5a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:76:50:D5:3F:92:D2:FC:68:1E:EB:C8:01:AB:42:58:44:46:92:71
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/2HZQ1T-S0vxoHuvIAatCWERGknE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
85.237.200.0/24
85.237.213.0/24
185.89.77.0/24
185.93.33.0/24
193.109.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:57:6b:95:07:1f:f8:a4:d4:9c:3c:26:a5:a9:6d:e5:9d:19:
c3:8c:dd:b9:85:98:05:ab:50:a1:b7:5b:d9:c3:99:51:b2:21:
9e:1d:7a:d4:9e:05:b8:d6:ad:cd:16:53:f6:8a:e0:40:77:6c:
f8:e5:62:73:e9:8c:1b:a0:43:7f:18:05:7a:66:e9:bf:b5:27:
7c:70:ff:63:2d:d1:3f:fb:db:e5:59:e6:b0:c6:8f:7c:78:66:
4d:08:f0:04:52:ec:e5:ba:28:ae:6f:41:05:63:b7:79:0a:14:
68:3c:36:4e:b4:a3:43:e4:d6:b3:7d:bb:f4:bc:c9:d7:eb:90:
ac:91:94:30:38:af:33:70:6a:27:cf:eb:8f:01:14:cc:70:40:
1d:2b:56:e5:68:6f:c4:ea:93:ea:36:c8:b6:80:c5:44:fc:2b:
e2:4e:41:a2:14:e9:ae:6a:e3:23:0d:cb:27:0d:26:26:2e:30:
81:f3:f9:fd:11:78:01:66:49:87:04:a6:01:5e:60:bd:81:05:
6b:61:eb:96:8d:de:32:83:a3:14:76:d5:f5:15:02:8a:29:55:
95:7e:84:22:cc:45:0e:f8:dd:a6:a2:c4:91:7b:2f:b8:40:ea:
75:58:3d:6d:b8:db:74:3a:14:bd:bd:cd:2c:d7:59:8e:29:88:
66:7a:2d:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdv+WYf7E4XspqmzZBbucYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNDExMTEwMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc2NTBkNTNmOTJkMmZjNjgxZWViYzgwMWFiNDI1ODQ0NDY5MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilziFP/6cORmcxILPkeh5Xl2znc7
b/LnKy8fJQzZA2HY22PSR/MtYyEhxAF/BEFiGtW3dj6e3j4iPOaY+n0HnOuP4VqS
1iR2hFTzdAlQ+CspI4/TEH+O1YiorVsUQ+S1GPOpLFJeY+XcoO52jitUKnEji32D
2TWKS/RVTkcxbdjjVT4Ko6b2B4MgoJiiBIm1x1pUOaT9VZYum1XWpEyGWv2xUl/Q
mUF3B5ttftT7/1daRjLFF4oKaUYEdQVRKOKD/vNZN7iRFD+hL1NQ00MsTPrRlncS
aM21KVXKhKMQdzHUegWisCJgIQzY1og7NXT2fc+6qX+MKtYYYzcXMJ9a4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNh2UNU/ktL8aB7ryAGrQlhERpJxMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvMkhaUTFULVMwdnhvSHV2SUFhdENXRVJHa25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVZ44AwQA
Ve3IAwQAVe3VAwQAuVlNAwQAuV0hAwQAwW3CMA0GCSqGSIb3DQEBCwUAA4IBAQCf
V2uVBx/4pNScPCalqW3lnRnDjN25hZgFq1Cht1vZw5lRsiGeHXrUngW41q3NFlP2
iuBAd2z45WJz6YwboEN/GAV6Zum/tSd8cP9jLdE/+9vlWeawxo98eGZNCPAEUuzl
uiiub0EFY7d5ChRoPDZOtKND5Nazfbv0vMnX65CskZQwOK8zcGonz+uPARTMcEAd
K1blaG/E6pPqNsi2gMVE/CviTkGiFOmuauMjDcsnDSYmLjCB8/n9EXgBZkmHBKYB
XmC9gQVrYeuWjd4yg6MUdtX1FQKKKVWVfoQizEUO+N2mosSRey+4QOp1WD1tuNt0
OhS9vc0s11mOKYhmei0+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org