Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AcXCrTQ2mwfGNbFSte51tP1ROiY.roa
File: AcXCrTQ2mwfGNbFSte51tP1ROiY.roa (raw, json)
Hash identifier: mwydDbx1km3IVECrK5aWgZSi7sNRtVqLEXJsjCPaDdY=
Subject key identifier: 01:C5:C2:AD:34:36:9B:07:C6:35:B1:52:B5:EE:75:B4:FD:51:3A:26
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE8D84A5E64D74DCFEDE2AC73B8075
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AcXCrTQ2mwfGNbFSte51tP1ROiY.roa
Signing time: Mon 02 Jan 2023 09:44:48 +0000
ROA not before: Mon 02 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21321
IP address blocks: 85.237.204.0/24 maxlen: 24
2a03:8ea0::/32 maxlen: 32
2a01:b840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8d:84:a5:e6:4d:74:dc:fe:de:2a:c7:3b:80:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01c5c2ad34369b07c635b152b5ee75b4fd513a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:09:5d:c4:80:58:62:49:ae:81:1c:14:39:4c:
b8:db:53:0d:6a:ea:75:a1:43:ab:93:25:28:f4:40:
6c:41:b5:57:ec:7f:6b:36:3d:3b:ee:ab:ef:2d:b6:
3c:a7:6c:84:af:75:4d:25:5e:50:b1:5c:f6:df:68:
3c:d9:1f:56:5f:15:9e:b9:ee:ba:f1:bd:b1:b6:a5:
7e:9a:4c:a7:ff:2e:8c:b0:3f:b9:f0:1b:d2:8f:1b:
5c:41:51:2c:f1:cb:8c:3e:89:dd:e8:79:8e:7d:84:
a7:a0:78:f6:43:cc:c2:fd:38:2c:78:b5:ee:57:3d:
df:4f:75:04:0b:fd:f6:96:2c:e9:84:79:ea:b2:fb:
50:e0:41:6b:e3:8b:af:68:49:84:13:91:d1:e9:14:
8b:a6:34:ca:fc:ce:bc:ed:0a:a5:84:e4:60:e0:92:
43:9a:48:4c:78:a1:c3:bb:9e:02:85:da:a1:0a:b5:
d5:28:d6:82:78:09:7a:44:73:b6:4e:99:4c:97:c2:
5e:c7:f0:e2:99:bd:48:d5:21:97:69:e7:30:7c:2b:
81:4c:97:98:d5:32:a1:03:35:91:4b:58:fc:42:a0:
a6:10:cf:dc:a8:28:c6:ab:b6:92:6c:d7:79:2d:30:
3f:50:c7:21:19:86:d8:be:6c:0a:c3:cc:ff:05:26:
cd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C5:C2:AD:34:36:9B:07:C6:35:B1:52:B5:EE:75:B4:FD:51:3A:26
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/AcXCrTQ2mwfGNbFSte51tP1ROiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.204.0/24
IPv6:
2a01:b840::/32
2a03:8ea0::/32
Signature Algorithm: sha256WithRSAEncryption
50:18:90:4f:81:d9:cc:d7:4d:1e:a1:62:26:17:b3:9a:94:81:
ce:0c:75:b7:be:d3:4c:7d:f3:aa:9a:0c:43:9f:d5:fe:53:50:
47:a2:b7:a4:32:54:e7:35:02:ac:0e:d5:4d:02:97:ee:10:64:
e1:20:db:a4:5e:fa:0a:41:d9:5d:00:8d:44:07:e8:42:fa:15:
5c:46:7b:96:b4:a6:97:e6:56:f2:fd:5e:1f:80:95:16:d2:e5:
45:68:c3:4e:18:53:3a:f7:b3:9f:34:57:90:db:3b:44:2b:73:
fb:c6:ee:43:0a:a5:ac:8b:32:bf:0c:f4:8c:95:1b:de:7e:33:
2e:13:3e:6c:22:5e:df:29:1b:ac:15:a1:54:e9:54:17:f6:91:
6e:59:09:51:ea:94:94:93:8e:5f:05:60:5d:6c:53:57:6d:9c:
23:da:19:cb:de:5e:83:36:76:b1:1c:b7:1d:6c:94:42:cb:f5:
e3:ad:88:89:85:5c:41:c3:6c:3f:75:28:db:09:7b:55:e4:4b:
65:ff:1b:2c:19:f8:cf:e5:26:75:88:9b:1c:18:bc:13:45:29:
f8:9b:5f:de:3b:30:b0:c8:a2:5d:f7:ea:44:61:15:ce:a8:76:
1d:86:80:2a:4e:fb:71:8d:7c:ef:84:f0:d3:b0:67:5b:13:06:
d6:74:1d:51
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVx3o2EpeZNdNz+3irHO4B1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM1YzJhZDM0MzY5YjA3YzYzNWIxNTJiNWVlNzViNGZkNTEzYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQldxIBYYkmugRwUOUy421MNaup1
oUOrkyUo9EBsQbVX7H9rNj077qvvLbY8p2yEr3VNJV5QsVz232g82R9WXxWeue66
8b2xtqV+mkyn/y6MsD+58BvSjxtcQVEs8cuMPond6HmOfYSnoHj2Q8zC/TgseLXu
Vz3fT3UEC/32lizphHnqsvtQ4EFr44uvaEmEE5HR6RSLpjTK/M687QqlhORg4JJD
mkhMeKHDu54ChdqhCrXVKNaCeAl6RHO2TplMl8Jex/Dimb1I1SGXaecwfCuBTJeY
1TKhAzWRS1j8QqCmEM/cqCjGq7aSbNd5LTA/UMchGYbYvmwKw8z/BSbN1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAHFwq00NpsHxjWxUrXudbT9UTomMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvQWNYQ3JUUTJtd2ZHTmJGU3RlNTF0UDFST2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAVe3MMBQE
AgACMA4DBQAqAbhAAwUAKgOOoDANBgkqhkiG9w0BAQsFAAOCAQEAUBiQT4HZzNdN
HqFiJhezmpSBzgx1t77TTH3zqpoMQ5/V/lNQR6K3pDJU5zUCrA7VTQKX7hBk4SDb
pF76CkHZXQCNRAfoQvoVXEZ7lrSml+ZW8v1eH4CVFtLlRWjDThhTOveznzRXkNs7
RCtz+8buQwqlrIsyvwz0jJUb3n4zLhM+bCJe3ykbrBWhVOlUF/aRblkJUeqUlJOO
XwVgXWxTV22cI9oZy95egzZ2sRy3HWyUQsv1462IiYVcQcNsP3Uo2wl7VeRLZf8b
LBn4z+UmdYibHBi8E0Up+Jtf3jswsMiiXffqRGEVzqh2HYaAKk77cY1874Tw07Bn
WxMG1nQdUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:40 2025 by rpki-client