Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/DiDh0UG_He4SLLpPb4TH08DGOm0.roa
File: DiDh0UG_He4SLLpPb4TH08DGOm0.roa (raw, json)
Hash identifier: VQNjIgRQ3T732uljiMy1zhRW4Ff4+gVnoVYRyYPhDbM=
Subject key identifier: 0E:20:E1:D1:41:BF:1D:EE:12:2C:BA:4F:6F:84:C7:D3:C0:C6:3A:6D
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01849F2F6E1449F024FF853B44FA17E38D51
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/DiDh0UG_He4SLLpPb4TH08DGOm0.roa
Signing time: Tue 22 Nov 2022 11:53:16 +0000
ROA not before: Tue 22 Nov 2022 11:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.237.209.0/24 maxlen: 24
85.237.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:2f:6e:14:49:f0:24:ff:85:3b:44:fa:17:e3:8d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Nov 22 11:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e20e1d141bf1dee122cba4f6f84c7d3c0c63a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:c1:cf:67:8e:d5:f1:09:92:bd:b9:8c:a3:
ca:f5:b6:bd:4f:91:99:ae:75:54:4c:5a:0e:7c:35:
6f:15:34:9e:55:df:56:a6:af:04:2e:9a:a5:64:e8:
a4:1e:26:b6:20:cf:6e:60:62:06:93:22:71:da:a1:
cb:44:e3:af:8a:f3:e8:1a:d7:b6:88:70:d9:ae:f9:
e6:f2:d7:0c:2f:21:4a:46:0f:fc:6a:38:84:a1:12:
9d:0e:d9:91:7d:9c:56:2c:0e:61:42:1e:65:79:07:
92:b5:d0:58:40:b8:15:38:f8:01:fb:8b:9c:27:c0:
c9:6a:58:01:ae:5e:a5:0b:3f:4c:ef:4f:01:e7:82:
58:fe:ec:36:e7:c6:85:0e:a7:d5:14:d9:8f:e0:08:
96:74:ab:9f:70:f8:8f:5b:a9:ac:e6:25:72:b2:31:
73:36:71:ba:29:eb:43:af:7d:b6:16:c8:9d:fe:7f:
b9:4f:ca:85:79:86:f1:74:5f:bc:c1:bd:69:bc:4f:
24:5c:87:68:52:e1:91:ac:b6:bb:15:5d:c6:71:31:
cd:08:be:cc:79:e9:ca:51:96:71:46:ba:65:43:d6:
b7:a7:31:3c:34:d9:80:76:ff:82:fb:bd:2e:b8:ec:
58:8b:1c:84:ce:dc:79:9e:fe:6e:06:14:7a:6c:72:
3a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:20:E1:D1:41:BF:1D:EE:12:2C:BA:4F:6F:84:C7:D3:C0:C6:3A:6D
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/DiDh0UG_He4SLLpPb4TH08DGOm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.209.0/24
85.237.217.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:3f:15:a8:ba:5f:53:d7:aa:a0:ef:f9:89:a8:e2:8b:0a:0a:
8d:49:38:a3:62:7d:e4:c2:32:7b:36:64:0d:ed:b6:58:48:9c:
40:e7:13:6b:e4:26:bd:9f:41:82:7e:ab:e8:17:fb:0e:78:d3:
bb:d7:22:b6:7e:d5:a8:da:3b:4c:b1:f6:cc:cf:b4:ea:77:b8:
d7:ec:66:6d:dc:56:a2:71:c2:e5:57:6b:21:ae:5a:9c:7a:1f:
6b:c4:af:99:c3:85:73:ef:c5:21:c9:0d:59:a1:89:b0:57:08:
45:6a:8c:9a:3c:1c:b7:5c:3e:7f:7b:0c:7f:80:80:b9:ea:0a:
43:b0:5c:29:c7:ef:ef:85:85:72:6d:9c:07:d2:ea:94:f9:02:
12:76:e5:25:8f:b7:87:a4:56:08:d7:ac:e3:38:34:7a:d5:9f:
4d:c1:d7:22:00:57:36:1d:74:4f:68:4b:8a:c2:f2:24:f7:82:
75:95:76:c5:80:cf:36:20:a8:a6:66:30:51:2c:e2:25:5c:7d:
14:2c:ca:82:ba:32:72:90:0e:9c:1a:a1:9b:aa:5f:e2:14:de:
db:d4:c3:2d:08:23:0f:44:d6:6d:a0:6b:18:c7:b8:ce:9d:88:
75:2b:cd:f8:94:ef:12:81:4b:62:a5:9d:86:7f:55:f4:78:b5:
d6:2b:1e:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSfL24USfAk/4U7RPoX441RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMTIyMTE1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTIwZTFkMTQxYmYxZGVlMTIyY2JhNGY2Zjg0YzdkM2MwYzYzYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkDBz2eO1fEJkr25jKPK9ba9T5GZ
rnVUTFoOfDVvFTSeVd9Wpq8ELpqlZOikHia2IM9uYGIGkyJx2qHLROOvivPoGte2
iHDZrvnm8tcMLyFKRg/8ajiEoRKdDtmRfZxWLA5hQh5leQeStdBYQLgVOPgB+4uc
J8DJalgBrl6lCz9M708B54JY/uw258aFDqfVFNmP4AiWdKufcPiPW6ms5iVysjFz
NnG6KetDr322Fsid/n+5T8qFeYbxdF+8wb1pvE8kXIdoUuGRrLa7FV3GcTHNCL7M
eenKUZZxRrplQ9a3pzE8NNmAdv+C+70uuOxYixyEztx5nv5uBhR6bHI6bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA4g4dFBvx3uEiy6T2+Ex9PAxjptMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvRGlEaDBVR19IZTRTTExwUGI0VEgwOERHT20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3RAwQA
Ve3ZMA0GCSqGSIb3DQEBCwUAA4IBAQCtPxWoul9T16qg7/mJqOKLCgqNSTijYn3k
wjJ7NmQN7bZYSJxA5xNr5Ca9n0GCfqvoF/sOeNO71yK2ftWo2jtMsfbMz7Tqd7jX
7GZt3FaiccLlV2shrlqceh9rxK+Zw4Vz78UhyQ1ZoYmwVwhFaoyaPBy3XD5/ewx/
gIC56gpDsFwpx+/vhYVybZwH0uqU+QISduUlj7eHpFYI16zjODR61Z9NwdciAFc2
HXRPaEuKwvIk94J1lXbFgM82IKimZjBRLOIlXH0ULMqCujJykA6cGqGbql/iFN7b
1MMtCCMPRNZtoGsYx7jOnYh1K834lO8SgUtipZ2Gf1X0eLXWKx6D
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:11 2025 by rpki-client