Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/P7vrQyIwl0JDSQzOSE7i-yD4cpM.roa
File: P7vrQyIwl0JDSQzOSE7i-yD4cpM.roa (raw, json)
Hash identifier: A1oOqATT/uca0cN4BDZQzny6vqs2ZyKzL1SCGoIdzGU=
Subject key identifier: 3F:BB:EB:43:22:30:97:42:43:49:0C:CE:48:4E:E2:FB:20:F8:72:93
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018463FAAC71375CA8C9622BC6D3F851C4B2
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/P7vrQyIwl0JDSQzOSE7i-yD4cpM.roa
Signing time: Thu 10 Nov 2022 23:58:03 +0000
ROA not before: Thu 10 Nov 2022 23:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 85.158.57.0/24 maxlen: 24
85.158.62.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
85.158.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:63:fa:ac:71:37:5c:a8:c9:62:2b:c6:d3:f8:51:c4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Nov 10 23:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fbbeb432230974243490cce484ee2fb20f87293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d7:17:28:98:75:bd:eb:d2:b3:f1:ad:21:6b:
0a:5d:7c:6d:b5:9b:a4:80:1d:0e:2a:d5:0a:fc:03:
4f:49:2c:c5:6e:3c:60:47:8c:57:00:30:4e:e6:82:
5f:a9:95:bb:1b:66:a0:fb:b9:5c:24:83:97:44:be:
a7:96:9e:a1:c3:cf:c0:5b:9e:cf:35:6b:07:76:51:
7a:98:49:58:c2:a8:3c:b1:57:e2:86:51:ec:ef:94:
82:66:22:c0:a6:72:a3:6b:55:d2:d0:ec:60:5b:46:
11:40:96:a2:45:3c:f2:f6:f9:0f:18:6e:cf:58:1f:
1f:02:91:94:1d:48:9c:2b:28:14:b9:56:34:85:58:
3d:9e:11:4e:22:6a:bb:6c:63:e2:ca:bb:ec:17:ae:
21:02:28:5b:b9:e1:03:71:71:34:f8:ff:b2:60:a4:
fd:13:ae:57:d7:0f:65:fe:c2:2e:1d:14:5a:4c:33:
fe:fb:5c:3f:fc:15:1d:d9:81:f6:ca:d4:40:35:89:
6f:ea:09:b0:2b:d5:1a:e5:c7:c5:8e:cc:7a:82:1a:
0e:09:1d:82:60:35:b4:0c:9e:8f:99:59:d5:11:0a:
51:bf:6e:8b:73:86:2c:90:d5:0a:f7:70:dd:c1:78:
e3:fc:bf:3d:fd:ec:f1:63:e0:fe:c0:96:45:89:bf:
b8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BB:EB:43:22:30:97:42:43:49:0C:CE:48:4E:E2:FB:20:F8:72:93
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/P7vrQyIwl0JDSQzOSE7i-yD4cpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.158.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:e9:3a:e3:ea:77:15:16:87:c3:0c:f0:1f:96:2a:93:4c:46:
62:c2:64:a0:17:48:0a:b7:92:b1:f6:67:5a:72:0b:5d:ed:7a:
cc:a4:ac:38:e3:df:5c:7d:f2:53:81:40:32:9e:c9:69:99:5b:
15:18:85:8b:0e:4f:2c:d8:ed:05:78:40:3b:a3:a1:44:8a:b0:
4d:35:90:1c:ed:e5:8c:fb:85:06:46:10:2e:f5:76:f5:46:b7:
2e:14:d1:8e:30:5e:ce:8b:01:8b:1e:b8:a1:23:96:91:cf:0b:
03:e6:86:a4:f0:7a:86:7a:44:bf:a8:70:4b:50:02:6e:fb:d3:
f0:8b:dd:ed:62:01:10:a0:54:26:c6:89:2e:81:a2:e2:27:b3:
a9:ec:04:99:e5:54:d8:cf:9c:7d:b7:09:19:e6:8a:73:8e:89:
13:38:3c:ab:85:48:dd:33:9e:41:d9:9c:81:76:ad:07:f5:3a:
7c:bb:26:60:06:85:9c:5f:89:ef:87:a4:af:5a:a1:76:6e:b9:
63:27:4e:94:6d:c7:a5:e9:96:56:48:ca:93:33:eb:20:a0:d0:
80:a9:07:a7:be:a3:4c:3f:2d:b4:ca:a3:59:5a:09:ce:25:c9:
84:f0:9a:90:12:b7:fc:c0:99:94:37:8a:7f:3b:c2:50:11:bd:
f0:5c:0c:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRj+qxxN1yoyWIrxtP4UcSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMTEwMjM1ODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmJiZWI0MzIyMzA5NzQyNDM0OTBjY2U0ODRlZTJmYjIwZjg3MjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9cXKJh1vevSs/GtIWsKXXxttZuk
gB0OKtUK/ANPSSzFbjxgR4xXADBO5oJfqZW7G2ag+7lcJIOXRL6nlp6hw8/AW57P
NWsHdlF6mElYwqg8sVfihlHs75SCZiLApnKja1XS0OxgW0YRQJaiRTzy9vkPGG7P
WB8fApGUHUicKygUuVY0hVg9nhFOImq7bGPiyrvsF64hAihbueEDcXE0+P+yYKT9
E65X1w9l/sIuHRRaTDP++1w//BUd2YH2ytRANYlv6gmwK9Ua5cfFjsx6ghoOCR2C
YDW0DJ6PmVnVEQpRv26Lc4YskNUK93DdwXjj/L89/ezxY+D+wJZFib+4DwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD+760MiMJdCQ0kMzkhO4vsg+HKTMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvUDd2clF5SXdsMEpEU1F6T1NFN2kteUQ0Y3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ45AwQC
VZ48MA0GCSqGSIb3DQEBCwUAA4IBAQAc6Trj6ncVFofDDPAfliqTTEZiwmSgF0gK
t5Kx9mdacgtd7XrMpKw4499cffJTgUAynslpmVsVGIWLDk8s2O0FeEA7o6FEirBN
NZAc7eWM+4UGRhAu9Xb1RrcuFNGOMF7OiwGLHrihI5aRzwsD5oak8HqGekS/qHBL
UAJu+9Pwi93tYgEQoFQmxokugaLiJ7Op7ASZ5VTYz5x9twkZ5opzjokTODyrhUjd
M55B2ZyBdq0H9Tp8uyZgBoWcX4nvh6SvWqF2brljJ06Ubcel6ZZWSMqTM+sgoNCA
qQenvqNMPy20yqNZWgnOJcmE8JqQErf8wJmUN4p/O8JQEb3wXAxG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org