Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/H-y3MCaJqz_Q9_4jZedv8td94JA.roa
File: H-y3MCaJqz_Q9_4jZedv8td94JA.roa (raw, json)
Hash identifier: TiwvksvNmheWtF4oaxxzfkVyucUZ97ZXqRZao7LrenY=
Subject key identifier: 1F:EC:B7:30:26:89:AB:3F:D0:F7:FE:23:65:E7:6F:F2:D7:7D:E0:90
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DEA34CCD9004F4178B94F49709CFA8
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/H-y3MCaJqz_Q9_4jZedv8td94JA.roa
Signing time: Mon 02 Jan 2023 09:44:54 +0000
ROA not before: Mon 02 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400039
IP address blocks: 193.109.192.0/24 maxlen: 24
85.237.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:a3:4c:cd:90:04:f4:17:8b:94:f4:97:09:cf:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fecb7302689ab3fd0f7fe2365e76ff2d77de090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:57:af:f0:aa:8a:d4:41:f4:92:6b:04:2f:b1:
d9:08:16:25:4b:31:6d:68:e7:db:82:63:b5:91:bb:
b3:aa:1d:c6:13:6b:28:e0:ea:3f:94:49:67:5f:4f:
09:47:28:bf:40:a4:e5:c8:34:d5:ec:93:5c:ef:22:
cd:e6:9a:8d:69:f2:75:eb:25:d2:af:af:61:a4:ad:
d7:4a:22:d7:f7:50:a8:81:65:16:95:e3:17:11:cf:
ce:d8:31:3a:aa:f3:32:cf:16:56:6c:0e:86:02:3a:
a8:06:ef:51:ef:03:f4:20:a9:28:25:c0:a9:ce:ca:
5f:ba:68:82:04:96:dd:e7:29:da:e7:af:70:ef:3e:
c2:cd:3b:53:c0:b3:7f:39:77:83:72:13:02:1a:ac:
36:04:2d:b0:22:3c:8d:0b:f7:2e:0c:88:2a:ef:d1:
c7:e2:71:e4:25:7b:0c:be:6b:82:36:07:2b:41:bb:
c3:b8:2c:ff:cc:07:99:f5:80:22:e5:56:72:70:96:
c2:46:c2:d7:38:b2:f3:f3:8b:c0:50:76:29:6d:10:
a8:4d:a4:78:14:7a:2f:72:cb:e5:df:c9:00:77:56:
af:7e:08:1a:a1:2d:a3:50:da:bf:32:a5:cd:a2:72:
bc:b6:28:ec:ae:2d:2a:ae:dc:0a:53:5c:78:04:f6:
0d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EC:B7:30:26:89:AB:3F:D0:F7:FE:23:65:E7:6F:F2:D7:7D:E0:90
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/H-y3MCaJqz_Q9_4jZedv8td94JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.219.0/24
193.109.192.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:aa:56:f2:ae:81:b4:b6:62:5b:63:84:e4:b1:00:55:7a:a8:
cc:d7:cd:86:71:e0:a9:ae:a6:d8:e8:c7:a4:6a:a2:85:04:b1:
33:fa:75:39:7f:1a:47:9c:c4:f8:84:c4:9e:88:71:ca:0b:a3:
42:a9:f7:23:0a:36:26:ba:a5:24:37:54:01:96:29:52:96:46:
ea:60:10:6f:f8:39:e2:4e:96:35:d0:a0:72:4c:44:ea:f0:54:
61:69:4b:1a:3c:be:e4:87:d8:5c:92:db:57:fd:30:ca:43:3c:
ee:4a:2a:96:25:34:21:1c:ef:4b:88:21:d5:ad:af:3a:c6:ec:
ac:8f:80:32:8f:73:93:eb:09:1b:e3:f2:97:50:3d:5e:2d:50:
fc:08:17:77:a4:6e:6f:4d:05:32:ad:04:cd:3c:8e:6c:fc:13:
e1:70:bb:e9:f3:1a:0d:b9:46:d4:ce:bb:b4:f6:df:ce:b7:8f:
7d:89:3e:d4:61:fd:21:4a:1e:c6:7b:d5:3b:40:06:e4:75:f2:
1b:f2:88:02:02:79:3a:63:c2:85:ad:69:81:27:d3:ef:36:ea:
13:be:81:8a:68:8f:83:d7:3c:8b:87:a7:0e:e7:16:5e:b4:70:
f3:e0:aa:54:4c:28:14:da:1a:a2:44:bb:1f:5d:47:78:cf:62:
13:54:fc:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3qNMzZAE9BeLlPSXCc+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVjYjczMDI2ODlhYjNmZDBmN2ZlMjM2NWU3NmZmMmQ3N2RlMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFev8KqK1EH0kmsEL7HZCBYlSzFt
aOfbgmO1kbuzqh3GE2so4Oo/lElnX08JRyi/QKTlyDTV7JNc7yLN5pqNafJ16yXS
r69hpK3XSiLX91CogWUWleMXEc/O2DE6qvMyzxZWbA6GAjqoBu9R7wP0IKkoJcCp
zspfumiCBJbd5yna569w7z7CzTtTwLN/OXeDchMCGqw2BC2wIjyNC/cuDIgq79HH
4nHkJXsMvmuCNgcrQbvDuCz/zAeZ9YAi5VZycJbCRsLXOLLz84vAUHYpbRCoTaR4
FHovcsvl38kAd1avfggaoS2jUNq/MqXNonK8tijsri0qrtwKU1x4BPYN9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB/stzAmias/0Pf+I2Xnb/LXfeCQMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvSC15M01DYUpxel9ROV80alplZHY4dGQ5NEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3bAwQA
wW3AMA0GCSqGSIb3DQEBCwUAA4IBAQA+qlbyroG0tmJbY4TksQBVeqjM182GceCp
rqbY6MekaqKFBLEz+nU5fxpHnMT4hMSeiHHKC6NCqfcjCjYmuqUkN1QBlilSlkbq
YBBv+DniTpY10KByTETq8FRhaUsaPL7kh9hckttX/TDKQzzuSiqWJTQhHO9LiCHV
ra86xuysj4Ayj3OT6wkb4/KXUD1eLVD8CBd3pG5vTQUyrQTNPI5s/BPhcLvp8xoN
uUbUzru09t/Ot499iT7UYf0hSh7Ge9U7QAbkdfIb8ogCAnk6Y8KFrWmBJ9PvNuoT
voGKaI+D1zyLh6cO5xZetHDz4KpUTCgU2hqiRLsfXUd4z2ITVPxP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org