Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/3RtnUw1dewSHGs4UcYzssucBq-0.roa
File: 3RtnUw1dewSHGs4UcYzssucBq-0.roa (raw, json)
Hash identifier: fb+GD+eIVoVrnKLUg/oeaHDKuu1NY7O5iRBm7smgmX0=
Subject key identifier: DD:1B:67:53:0D:5D:7B:04:87:1A:CE:14:71:8C:EC:B2:E7:01:AB:ED
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0185770A4D4A925E7D122AF4819AAD2BC421
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/3RtnUw1dewSHGs4UcYzssucBq-0.roa
Signing time: Tue 03 Jan 2023 09:50:41 +0000
ROA not before: Tue 03 Jan 2023 09:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 85.237.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:0a:4d:4a:92:5e:7d:12:2a:f4:81:9a:ad:2b:c4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 3 09:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1b67530d5d7b04871ace14718cecb2e701abed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a2:ef:75:a2:cc:ab:0f:24:8a:21:00:a1:c0:
f6:e4:12:af:40:8e:26:ad:3f:09:8b:c1:50:96:60:
ff:6e:0e:58:76:ae:6d:e6:b1:0c:3b:63:c7:23:eb:
f4:c1:70:9b:b2:8d:30:53:ea:5d:0d:d3:62:e2:51:
dc:c8:c8:d2:e9:7f:7b:54:b7:e4:20:7f:cc:d1:7c:
64:7e:03:0b:27:1e:24:c1:24:ed:65:3b:91:f9:6e:
9d:3c:a8:77:f3:bb:2a:e8:99:5e:1a:da:9e:e7:78:
44:80:ca:a3:c2:a3:3a:ee:25:dd:38:73:e7:82:95:
f9:26:39:79:d4:c8:aa:04:8d:e8:4b:47:91:77:18:
22:53:b3:c9:da:9c:1e:f2:fb:6a:d7:9e:ff:e8:f2:
af:6f:da:0d:f0:e9:8a:aa:fe:4c:2a:ff:3b:97:86:
74:89:9b:aa:d4:b7:12:75:3e:79:50:f8:f5:ca:6f:
39:64:c4:6f:83:5a:66:95:02:7b:d2:c5:68:f3:5b:
e7:28:8a:03:71:0c:b4:35:9b:d7:a8:6e:33:ea:b6:
31:33:ea:96:26:3b:83:88:71:6b:4c:06:b8:b2:6a:
c5:c1:9e:34:9e:71:97:b0:e1:08:d3:ba:d7:fc:f3:
4e:79:f6:d6:91:a0:86:8e:8c:77:7a:09:b0:4e:5c:
df:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1B:67:53:0D:5D:7B:04:87:1A:CE:14:71:8C:EC:B2:E7:01:AB:ED
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/3RtnUw1dewSHGs4UcYzssucBq-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
37:53:ab:e4:f8:10:32:ff:f1:97:54:99:27:23:8e:d4:f6:ca:
4e:96:47:53:23:e8:46:24:d5:69:b7:ee:0b:8f:c6:28:bf:3f:
2a:ca:07:bd:a4:a2:0f:73:10:ea:b3:e2:30:df:86:f2:d2:e5:
7e:eb:dc:e2:7a:8a:17:ed:28:40:0b:d7:85:fc:a3:97:88:1c:
09:bd:26:c0:8a:09:17:69:f9:5d:61:64:81:f3:58:44:4e:98:
df:03:e6:46:b3:6c:33:9c:51:38:da:44:3c:b6:9a:bc:80:51:
ab:53:7a:55:b5:92:d1:52:96:3e:97:85:d4:d2:e2:8a:f5:30:
b9:09:97:bc:9c:b2:da:aa:f2:88:bc:f4:3f:8d:69:25:7b:63:
a9:04:79:c8:a7:83:bc:45:a0:32:25:fb:aa:f1:6c:b9:8b:cc:
a6:08:ab:01:d7:29:41:bb:c9:c6:44:75:cd:57:6a:6e:b6:95:
f6:99:ad:d5:14:ec:73:9c:8c:b1:7d:c9:67:da:9b:8d:b7:60:
05:6d:bd:ca:8c:67:5b:f8:41:22:0e:89:5a:2f:27:fd:9f:63:
7e:13:10:66:41:e0:65:ed:0f:d2:f6:59:da:ca:81:49:2f:dc:
a6:d0:c2:99:d6:cf:df:da:69:5a:3c:fc:dc:50:0c:5b:59:56:
a1:52:5d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV3Ck1Kkl59Eir0gZqtK8QhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAzMDk1MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFiNjc1MzBkNWQ3YjA0ODcxYWNlMTQ3MThjZWNiMmU3MDFhYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56LvdaLMqw8kiiEAocD25BKvQI4m
rT8Ji8FQlmD/bg5Ydq5t5rEMO2PHI+v0wXCbso0wU+pdDdNi4lHcyMjS6X97VLfk
IH/M0XxkfgMLJx4kwSTtZTuR+W6dPKh387sq6JleGtqe53hEgMqjwqM67iXdOHPn
gpX5Jjl51MiqBI3oS0eRdxgiU7PJ2pwe8vtq157/6PKvb9oN8OmKqv5MKv87l4Z0
iZuq1LcSdT55UPj1ym85ZMRvg1pmlQJ70sVo81vnKIoDcQy0NZvXqG4z6rYxM+qW
JjuDiHFrTAa4smrFwZ40nnGXsOEI07rX/PNOefbWkaCGjox3egmwTlzfnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0bZ1MNXXsEhxrOFHGM7LLnAavtMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvM1J0blV3MWRld1NIR3M0VWNZenNzdWNCcS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe3QMA0G
CSqGSIb3DQEBCwUAA4IBAQA3U6vk+BAy//GXVJknI47U9spOlkdTI+hGJNVpt+4L
j8Yovz8qyge9pKIPcxDqs+Iw34by0uV+69zieooX7ShAC9eF/KOXiBwJvSbAigkX
afldYWSB81hETpjfA+ZGs2wznFE42kQ8tpq8gFGrU3pVtZLRUpY+l4XU0uKK9TC5
CZe8nLLaqvKIvPQ/jWkle2OpBHnIp4O8RaAyJfuq8Wy5i8ymCKsB1ylBu8nGRHXN
V2putpX2ma3VFOxznIyxfcln2puNt2AFbb3KjGdb+EEiDolaLyf9n2N+ExBmQeBl
7Q/S9lnayoFJL9ym0MKZ1s/f2mlaPPzcUAxbWVahUl04
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org