Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/824DpQQU8f3oP9Rj9FQf1BgI5HA.roa
File: 824DpQQU8f3oP9Rj9FQf1BgI5HA.roa (raw, json)
Hash identifier: 4wOwEbwtfBGa4CRXqERyeTp/8rpO/lYtvebbD/Hc4bQ=
Subject key identifier: F3:6E:03:A5:04:14:F1:FD:E8:3F:D4:63:F4:54:1F:D4:18:08:E4:70
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0186C0D4DBFE6A36CF93DAC1196D8FCDC7C5
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/824DpQQU8f3oP9Rj9FQf1BgI5HA.roa
Signing time: Wed 08 Mar 2023 10:47:00 +0000
ROA not before: Wed 08 Mar 2023 10:47:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 193.109.192.0/21 maxlen: 24
85.237.196.0/24 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:d4:db:fe:6a:36:cf:93:da:c1:19:6d:8f:cd:c7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Mar 8 10:47:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f36e03a50414f1fde83fd463f4541fd41808e470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d6:99:95:13:0c:da:7b:e7:7e:57:1c:5d:65:
56:99:87:98:3d:1a:73:f4:0d:4e:a6:de:fb:eb:89:
56:6d:d6:7f:ba:3a:35:0f:b3:11:29:09:26:01:08:
74:77:75:c1:e4:1c:88:d4:6e:87:3f:1a:cb:a6:05:
35:00:57:e7:54:e4:ad:a0:12:11:37:68:39:02:24:
ba:e4:64:f9:b3:0b:e9:65:4a:17:4f:35:8e:12:88:
30:94:25:68:17:37:7a:e8:d5:16:f6:54:4e:72:de:
4a:3c:e3:f5:51:b1:86:e8:92:f6:cd:bc:23:07:dd:
e2:07:fd:98:53:d7:7f:06:0b:d5:1d:30:c0:25:b2:
82:b3:f6:7a:6a:2b:29:48:f5:e5:e3:58:25:27:48:
3f:7d:90:0f:a9:af:f7:fa:8a:59:78:d7:dd:ae:b9:
d8:a6:6e:b0:50:58:20:11:6a:62:9c:64:34:f0:07:
c6:82:bf:b3:ea:53:5d:8d:3a:44:dc:2c:ed:da:27:
ef:47:0e:4f:e7:3c:e2:58:10:d3:eb:40:37:85:c8:
c5:95:2e:7d:e9:0c:2f:0e:d8:a8:74:7a:df:ea:05:
f2:7f:7a:d4:7b:f8:89:05:92:7d:81:34:d6:d9:75:
8a:13:1e:7e:b0:7b:96:f4:7a:ef:0c:0e:dc:13:0d:
8d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6E:03:A5:04:14:F1:FD:E8:3F:D4:63:F4:54:1F:D4:18:08:E4:70
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/824DpQQU8f3oP9Rj9FQf1BgI5HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.237.196.0/24
85.237.203.0/24
85.237.205.0/24
85.237.208.0/20
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
64:26:55:f9:50:53:8b:8c:ef:55:36:dd:94:97:28:68:9c:27:
d8:3b:44:43:7f:ac:73:62:2b:bc:24:e3:f4:c6:01:ef:d0:66:
2c:69:08:47:a3:29:36:e2:66:cc:45:bf:0c:82:b3:da:ee:ed:
b1:63:80:15:90:17:28:12:3d:eb:a8:30:96:7d:79:47:9d:31:
a9:66:7c:57:e4:7b:e0:d5:8f:da:0f:34:f8:a4:d5:90:c4:4a:
16:aa:6b:3b:7c:6d:86:0e:8f:0b:1e:1a:b6:fc:1c:dc:a1:7e:
9b:8c:a2:eb:a5:91:b9:49:f6:f2:51:42:a7:7a:83:b8:33:3d:
4e:c0:37:e3:6f:98:83:af:96:14:86:71:be:f8:f9:ba:74:61:
20:36:72:3a:d8:c1:7f:3c:6d:b5:95:e9:2b:1b:c0:db:19:10:
f0:5d:35:85:5c:61:96:6f:d8:dc:aa:22:7e:f3:b9:06:81:28:
2f:37:17:de:06:6d:af:d0:e4:2d:73:d3:ca:45:d6:12:2d:97:
ff:a9:29:6a:05:a7:d2:c8:df:51:d0:95:e1:c0:eb:c2:ad:d8:
4b:f9:cc:19:7f:e3:2b:d8:01:74:6a:5e:ba:ef:5e:db:35:53:
79:be:0c:87:16:ff:38:35:08:d2:fe:5a:3c:09:a1:16:a5:67:
54:eb:3e:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYbA1Nv+ajbPk9rBGW2PzcfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMzA4MTA0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzZlMDNhNTA0MTRmMWZkZTgzZmQ0NjNmNDU0MWZkNDE4MDhlNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNaZlRMM2nvnflccXWVWmYeYPRpz
9A1Opt7764lWbdZ/ujo1D7MRKQkmAQh0d3XB5ByI1G6HPxrLpgU1AFfnVOStoBIR
N2g5AiS65GT5swvpZUoXTzWOEogwlCVoFzd66NUW9lROct5KPOP1UbGG6JL2zbwj
B93iB/2YU9d/BgvVHTDAJbKCs/Z6aispSPXl41glJ0g/fZAPqa/3+opZeNfdrrnY
pm6wUFggEWpinGQ08AfGgr+z6lNdjTpE3Czt2ifvRw5P5zziWBDT60A3hcjFlS59
6QwvDtiodHrf6gXyf3rUe/iJBZJ9gTTW2XWKEx5+sHuW9HrvDA7cEw2N0wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPNuA6UEFPH96D/UY/RUH9QYCORwMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvODI0RHBRUVU4ZjNvUDlSajlGUWYxQmdJNUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBABVnjkD
BABVnjoDBABV7cQDBABV7csDBABV7c0DBARV7dADBAC5XSADBAG5XSIDBAPBbcAD
BADCqdkwDQYJKoZIhvcNAQELBQADggEBAGQmVflQU4uM71U23ZSXKGicJ9g7REN/
rHNiK7wk4/TGAe/QZixpCEejKTbiZsxFvwyCs9ru7bFjgBWQFygSPeuoMJZ9eUed
MalmfFfke+DVj9oPNPik1ZDEShaqazt8bYYOjwseGrb8HNyhfpuMouulkblJ9vJR
Qqd6g7gzPU7AN+NvmIOvlhSGcb74+bp0YSA2cjrYwX88bbWV6SsbwNsZEPBdNYVc
YZZv2NyqIn7zuQaBKC83F94Gba/Q5C1z08pF1hItl/+pKWoFp9LI31HQleHA68Kt
2Ev5zBl/4yvYAXRqXrrvXts1U3m+DIcW/zg1CNL+WjwJoRalZ1TrPik=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:09 2025 by rpki-client