Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/7OenIwuioJB7ZHs2XU8iPda94tw.roa
File: 7OenIwuioJB7ZHs2XU8iPda94tw.roa (raw, json)
Hash identifier: ReUvTEr/IbdkuuK578bZw72uHMC37WTWrSMpLAc+nJY=
Subject key identifier: EC:E7:A7:23:0B:A2:A0:90:7B:64:7B:36:5D:4F:22:3D:D6:BD:E2:DC
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01867859351852B123BF319E92CCE8EA784D
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/7OenIwuioJB7ZHs2XU8iPda94tw.roa
Signing time: Wed 22 Feb 2023 08:59:17 +0000
ROA not before: Wed 22 Feb 2023 08:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 193.109.192.0/21 maxlen: 24
85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:59:35:18:52:b1:23:bf:31:9e:92:cc:e8:ea:78:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Feb 22 08:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece7a7230ba2a0907b647b365d4f223dd6bde2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b2:d5:21:0a:57:68:c9:e0:e1:02:fe:55:89:
bc:18:ab:2e:7d:53:3d:05:16:84:99:6c:74:3b:69:
ac:a7:5d:98:72:72:e2:96:14:05:03:40:bb:7a:34:
97:d2:ff:c5:7b:93:8b:08:4d:b1:18:b6:15:35:26:
3d:86:84:77:cd:50:7b:cf:3e:82:c7:1d:45:f4:f1:
43:5e:88:9a:16:78:5a:af:da:90:28:28:8c:2b:ff:
ba:2d:7b:51:85:80:05:b6:6d:be:38:35:1e:d9:71:
48:90:b4:d6:37:8e:f4:8e:41:18:3a:1e:22:ad:c2:
0e:05:6e:a1:fc:be:5d:cc:95:74:d4:8a:81:60:30:
ad:f8:29:5c:11:dd:8e:3c:dd:2b:b9:57:8b:bf:03:
6d:fa:9c:5b:dc:5e:b8:11:d6:66:a5:ec:55:fb:12:
85:dd:58:4e:57:7b:c5:cc:df:bf:1a:1d:19:0d:57:
9c:18:45:34:29:3a:67:10:ae:bf:8d:3a:f0:ce:12:
5c:af:d1:4e:56:35:20:17:d6:69:46:7f:7a:af:6d:
5b:4e:ee:94:44:c5:35:fd:13:d6:cf:89:b9:2d:91:
38:dc:60:90:e4:ce:b8:9d:19:3a:28:db:0f:c2:52:
c7:af:57:4a:ea:a0:46:30:96:2d:7c:17:e8:f4:99:
ab:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E7:A7:23:0B:A2:A0:90:7B:64:7B:36:5D:4F:22:3D:D6:BD:E2:DC
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/7OenIwuioJB7ZHs2XU8iPda94tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f0:ed:e0:e7:da:c6:58:19:6c:25:50:c6:1f:89:71:84:d3:
90:25:ff:3d:29:95:fb:5f:c4:b9:44:bf:f5:58:22:1f:fb:1b:
cc:89:39:39:93:b5:94:12:fa:73:d2:81:bf:b2:97:a0:07:36:
d5:6b:a7:9f:35:f2:48:54:02:64:2a:ee:c9:de:58:e5:26:84:
1a:d0:66:c2:0f:92:7d:b9:67:95:4d:d2:64:e0:d9:db:49:4a:
f3:37:45:12:e9:3d:1f:5a:92:ba:64:69:38:9b:51:e1:32:c7:
7f:55:18:72:b1:9c:71:7a:88:16:15:54:90:49:c1:bb:3f:ce:
00:f7:19:86:7c:6d:6f:4b:c3:85:4d:1a:a9:dd:1c:18:1d:1f:
26:53:9c:74:b3:42:16:79:97:49:d3:c8:1a:93:87:66:aa:61:
95:61:e4:b2:04:04:de:9b:18:c1:87:6e:67:1f:dd:2c:1e:8b:
03:fe:1a:63:80:09:e9:42:7e:6b:1e:5e:ee:03:45:ac:94:6c:
ae:3d:3e:33:4e:94:96:5f:ed:1a:13:be:10:62:18:a4:0d:c3:
ea:32:51:b2:15:25:0d:b6:4c:b6:bc:43:e0:67:22:88:86:1c:
a9:1f:da:06:8b:90:55:58:60:05:90:85:bd:5b:54:8e:4d:fd:
fe:64:a8:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYZ4WTUYUrEjvzGekszo6nhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMjIyMDg1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U3YTcyMzBiYTJhMDkwN2I2NDdiMzY1ZDRmMjIzZGQ2YmRlMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbLVIQpXaMng4QL+VYm8GKsufVM9
BRaEmWx0O2msp12YcnLilhQFA0C7ejSX0v/Fe5OLCE2xGLYVNSY9hoR3zVB7zz6C
xx1F9PFDXoiaFnhar9qQKCiMK/+6LXtRhYAFtm2+ODUe2XFIkLTWN470jkEYOh4i
rcIOBW6h/L5dzJV01IqBYDCt+ClcEd2OPN0ruVeLvwNt+pxb3F64EdZmpexV+xKF
3VhOV3vFzN+/Gh0ZDVecGEU0KTpnEK6/jTrwzhJcr9FOVjUgF9ZpRn96r21bTu6U
RMU1/RPWz4m5LZE43GCQ5M64nRk6KNsPwlLHr1dK6qBGMJYtfBfo9JmrpwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOznpyMLoqCQe2R7Nl1PIj3WveLcMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvN09lbkl3dWlvSkI3WkhzMlhVOGlQZGE5NHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVZ45AwQA
Ve3EAwQAVe3LAwQAVe3NAwQEVe3QAwQAuV0gAwQBuV0iAwQDwW3AAwQAwqnZMA0G
CSqGSIb3DQEBCwUAA4IBAQCF8O3g59rGWBlsJVDGH4lxhNOQJf89KZX7X8S5RL/1
WCIf+xvMiTk5k7WUEvpz0oG/spegBzbVa6efNfJIVAJkKu7J3ljlJoQa0GbCD5J9
uWeVTdJk4NnbSUrzN0US6T0fWpK6ZGk4m1HhMsd/VRhysZxxeogWFVSQScG7P84A
9xmGfG1vS8OFTRqp3RwYHR8mU5x0s0IWeZdJ08gak4dmqmGVYeSyBATemxjBh25n
H90sHosD/hpjgAnpQn5rHl7uA0WslGyuPT4zTpSWX+0aE74QYhikDcPqMlGyFSUN
tky2vEPgZyKIhhypH9oGi5BVWGAFkIW9W1SOTf3+ZKjF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org