Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/FigMb5Fti45eg0zj5xabwngdEbY.roa
File: FigMb5Fti45eg0zj5xabwngdEbY.roa (raw, json)
Hash identifier: /jDPSCvdCHuv8Xekd1RZ5Sqdixg1LzIOAzkJCEUbrNM=
Subject key identifier: 16:28:0C:6F:91:6D:8B:8E:5E:83:4C:E3:E7:16:9B:C2:78:1D:11:B6
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018736C0726D76E6A4C18DCE4EDE5B77DF18
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/FigMb5Fti45eg0zj5xabwngdEbY.roa
Signing time: Fri 31 Mar 2023 08:19:54 +0000
ROA not before: Fri 31 Mar 2023 08:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 85.237.200.0/24 maxlen: 24
85.158.56.0/24 maxlen: 24
85.237.213.0/24 maxlen: 24
185.89.77.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:36:c0:72:6d:76:e6:a4:c1:8d:ce:4e:de:5b:77:df:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Mar 31 08:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16280c6f916d8b8e5e834ce3e7169bc2781d11b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d5:38:b8:55:ab:8d:44:c0:ba:41:f7:52:c2:
63:3a:bd:80:c7:db:13:55:f2:9d:1f:57:75:44:a3:
ca:75:fc:d2:50:6b:fd:dc:87:4a:ed:40:9e:b2:7c:
87:d9:b9:d3:6f:03:f5:c5:2b:36:41:97:ed:84:89:
0b:3a:03:9a:eb:10:03:a8:e2:fe:c0:c3:ae:38:fa:
94:6d:eb:a0:90:8d:48:c7:b1:94:a6:46:c4:f5:db:
e1:8f:bc:90:4c:5d:28:a1:b7:60:0d:4e:28:05:ab:
77:8d:81:fd:a3:f6:ae:bb:8e:5d:a8:70:90:40:51:
79:2a:18:d9:ee:a9:43:2e:36:37:82:b5:7b:96:93:
2e:f3:56:fb:2a:cf:c2:7a:fe:d3:09:62:3e:37:c9:
30:f0:b3:79:01:72:73:dc:0d:57:db:12:25:e6:ad:
e5:fe:c1:32:5b:75:96:99:d4:9c:a2:02:01:10:1b:
90:43:ee:65:96:47:0d:a5:25:80:6c:53:22:e9:a7:
a0:2d:1f:d6:ef:ac:ce:81:4c:96:fc:51:12:b1:e5:
a5:a2:54:e6:e6:22:8e:88:23:7e:37:73:46:1a:26:
85:fa:ff:97:45:b1:61:44:85:66:f7:ca:2a:2d:0c:
a0:8f:fb:f3:37:92:f3:46:59:d6:97:f6:72:fa:77:
ca:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:28:0C:6F:91:6D:8B:8E:5E:83:4C:E3:E7:16:9B:C2:78:1D:11:B6
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/FigMb5Fti45eg0zj5xabwngdEbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
85.237.200.0/24
85.237.213.0/24
185.89.77.0/24
185.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b3:cd:88:2b:20:5e:56:56:4b:ab:8f:c2:95:16:22:ec:d0:
16:d8:26:c9:9d:bc:86:56:6c:57:1e:54:c7:fc:bb:fc:d0:b4:
d7:09:30:70:77:1d:48:68:cf:78:e6:52:1b:c1:1a:bb:4f:38:
fd:e0:e0:75:5f:c9:73:71:ac:17:d6:f2:c5:45:7a:2c:15:58:
c7:b5:f5:56:74:ac:94:1b:f7:30:07:f8:d2:f6:52:4f:77:08:
b3:f5:db:96:7a:f1:fa:c1:69:52:e7:49:ed:f0:1d:9d:3b:aa:
c0:06:22:c7:32:9d:e6:86:c4:ac:97:7a:05:96:9d:66:82:a6:
ca:90:c4:15:20:a4:ec:c8:e5:3e:4c:cb:27:78:d0:17:ef:55:
f3:95:0c:e6:bc:fa:25:28:9a:fd:cd:f5:d7:08:e9:a3:ec:3f:
d6:f4:4c:3d:b8:45:05:cc:4a:c9:d1:75:c8:2f:31:62:92:a0:
41:64:7d:88:64:69:1c:d7:7d:14:01:58:ed:6a:22:19:74:92:
79:4c:76:82:bd:79:e6:63:4b:38:0e:22:d6:0c:6d:bc:62:29:
a6:6a:05:b9:8c:44:86:37:01:65:c2:64:d2:2c:cb:08:8c:b3:
7c:c9:7f:68:3f:6c:85:e3:60:17:5d:ba:30:9b:87:5b:8e:06:
da:08:d6:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYc2wHJtduakwY3OTt5bd98YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMzMxMDgxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjI4MGM2ZjkxNmQ4YjhlNWU4MzRjZTNlNzE2OWJjMjc4MWQxMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNU4uFWrjUTAukH3UsJjOr2Ax9sT
VfKdH1d1RKPKdfzSUGv93IdK7UCesnyH2bnTbwP1xSs2QZfthIkLOgOa6xADqOL+
wMOuOPqUbeugkI1Ix7GUpkbE9dvhj7yQTF0oobdgDU4oBat3jYH9o/auu45dqHCQ
QFF5KhjZ7qlDLjY3grV7lpMu81b7Ks/Cev7TCWI+N8kw8LN5AXJz3A1X2xIl5q3l
/sEyW3WWmdScogIBEBuQQ+5llkcNpSWAbFMi6aegLR/W76zOgUyW/FESseWlolTm
5iKOiCN+N3NGGiaF+v+XRbFhRIVm98oqLQygj/vzN5LzRlnWl/Zy+nfKKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBYoDG+RbYuOXoNM4+cWm8J4HRG2MB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvRmlnTWI1RnRpNDVlZzB6ajV4YWJ3bmdkRWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVZ44AwQA
Ve3IAwQAVe3VAwQAuVlNAwQAuV0hMA0GCSqGSIb3DQEBCwUAA4IBAQChs82IKyBe
VlZLq4/ClRYi7NAW2CbJnbyGVmxXHlTH/Lv80LTXCTBwdx1IaM945lIbwRq7Tzj9
4OB1X8lzcawX1vLFRXosFVjHtfVWdKyUG/cwB/jS9lJPdwiz9duWevH6wWlS50nt
8B2dO6rABiLHMp3mhsSsl3oFlp1mgqbKkMQVIKTsyOU+TMsneNAX71XzlQzmvPol
KJr9zfXXCOmj7D/W9Ew9uEUFzErJ0XXILzFikqBBZH2IZGkc130UAVjtaiIZdJJ5
THaCvXnmY0s4DiLWDG28YimmagW5jESGNwFlwmTSLMsIjLN8yX9oP2yF42AXXbow
m4dbjgbaCNYJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org