Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/U8CHpMjeLUv6Cg2VOBpDfGBfHhc.roa
File: U8CHpMjeLUv6Cg2VOBpDfGBfHhc.roa (raw, json)
Hash identifier: sAL4H/iC7u9Qm8LUZ5+NkkFMZx5rPLnDMdQxrf/7Jl4=
Subject key identifier: 53:C0:87:A4:C8:DE:2D:4B:FA:0A:0D:95:38:1A:43:7C:60:5F:1E:17
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018796AF44471B838070CD7AD29160171677
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/U8CHpMjeLUv6Cg2VOBpDfGBfHhc.roa
Signing time: Tue 18 Apr 2023 23:24:41 +0000
ROA not before: Tue 18 Apr 2023 23:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
85.237.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:96:af:44:47:1b:83:80:70:cd:7a:d2:91:60:17:16:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Apr 18 23:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c087a4c8de2d4bfa0a0d95381a437c605f1e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:04:6c:2a:d3:b3:1b:c2:38:8f:c2:fe:12:3d:
ce:ae:df:dd:e9:19:a6:e6:28:00:26:be:e6:1f:d2:
9a:fc:19:9b:3c:c9:20:41:08:ca:b0:7e:76:7e:b0:
fb:53:4e:9a:eb:3e:a6:b2:52:f6:29:b7:aa:e0:11:
96:1e:b8:dc:1b:5c:d0:ab:e2:b1:45:1e:11:ce:2d:
7c:0b:e9:c0:21:59:10:97:3d:bc:ad:28:d5:4b:f6:
c3:f5:2b:89:5e:1c:e6:b8:71:4f:4e:a5:5c:c0:51:
c7:bd:f3:b1:90:cf:79:58:29:ab:f2:96:13:5d:36:
49:74:7e:b6:5d:24:b6:28:0b:8b:a1:64:c6:9d:ee:
78:76:a8:ff:85:a6:82:07:0b:24:bb:62:5d:aa:d5:
a2:9c:cf:3b:be:95:76:de:6f:70:b0:f5:00:26:0e:
c3:82:6b:14:58:52:21:0b:ae:26:e2:8d:41:8e:4a:
80:33:db:0f:fe:32:49:4a:ea:71:0d:30:b3:26:86:
08:3a:15:c8:d8:35:0b:d3:03:42:f4:5b:a9:4e:7d:
53:a6:4a:c0:ea:df:f5:a5:be:a0:22:c3:96:a8:10:
11:ec:d1:b6:75:fc:5b:b5:73:dd:d8:38:a8:0b:64:
19:51:5f:c5:6d:a8:7a:2a:e9:5a:02:f1:b5:74:a7:
76:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C0:87:A4:C8:DE:2D:4B:FA:0A:0D:95:38:1A:43:7C:60:5F:1E:17
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/U8CHpMjeLUv6Cg2VOBpDfGBfHhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.63.0/24
85.237.202.0/24
85.237.218.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
42:89:30:7b:a6:fe:15:a5:22:71:1f:a0:b2:58:cc:2b:1b:d5:
81:eb:ea:96:39:6d:06:a0:51:f0:64:93:ee:5c:25:cd:47:74:
90:3a:4b:03:91:97:86:fb:2b:7b:f0:2b:d0:63:51:a3:a8:3d:
4e:eb:98:96:7c:e2:a6:30:b3:5e:25:d2:ca:4e:4a:53:0b:f1:
5f:42:0a:87:02:d5:04:72:3b:f9:da:76:83:ae:c0:db:d5:4e:
25:35:1f:12:76:3a:40:b4:14:3b:63:47:ca:11:cf:52:3f:0c:
2e:e7:38:01:e2:49:37:64:8e:46:83:d6:8c:3b:8f:90:12:e0:
0a:58:1b:b3:de:79:6f:53:d2:19:7d:14:ec:8d:6a:4c:51:5e:
c2:6d:fc:42:f1:84:f8:d0:41:ee:b4:7f:26:91:22:45:d8:e5:
91:ec:95:5f:69:b1:52:de:82:78:a8:f4:67:16:78:b2:65:cb:
c8:ae:f7:dc:6c:fb:17:b2:fd:b6:7d:87:8c:3c:27:c4:09:3f:
8e:35:02:ed:b6:b5:32:36:d3:9b:d9:fe:77:0e:63:6e:b0:11:
f8:f8:84:39:9b:71:6e:ad:46:d6:ca:24:3e:96:1f:c8:5e:db:
d5:e1:24:31:ef:6f:4e:3b:73:7d:46:7f:b9:a1:25:2a:96:76:
32:6b:09:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeWr0RHG4OAcM160pFgFxZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNDE4MjMyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2MwODdhNGM4ZGUyZDRiZmEwYTBkOTUzODFhNDM3YzYwNWYxZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhARsKtOzG8I4j8L+Ej3Ort/d6Rmm
5igAJr7mH9Ka/BmbPMkgQQjKsH52frD7U06a6z6mslL2Kbeq4BGWHrjcG1zQq+Kx
RR4Rzi18C+nAIVkQlz28rSjVS/bD9SuJXhzmuHFPTqVcwFHHvfOxkM95WCmr8pYT
XTZJdH62XSS2KAuLoWTGne54dqj/haaCBwsku2JdqtWinM87vpV23m9wsPUAJg7D
gmsUWFIhC64m4o1BjkqAM9sP/jJJSupxDTCzJoYIOhXI2DUL0wNC9FupTn1TpkrA
6t/1pb6gIsOWqBAR7NG2dfxbtXPd2DioC2QZUV/Fbah6KulaAvG1dKd2owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFPAh6TI3i1L+goNlTgaQ3xgXx4XMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvVThDSHBNamVMVXY2Q2cyVk9CcERmR0JmSGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZ4/AwQA
Ve3KAwQAVe3aAwQAwW3GMA0GCSqGSIb3DQEBCwUAA4IBAQBCiTB7pv4VpSJxH6Cy
WMwrG9WB6+qWOW0GoFHwZJPuXCXNR3SQOksDkZeG+yt78CvQY1GjqD1O65iWfOKm
MLNeJdLKTkpTC/FfQgqHAtUEcjv52naDrsDb1U4lNR8SdjpAtBQ7Y0fKEc9SPwwu
5zgB4kk3ZI5Gg9aMO4+QEuAKWBuz3nlvU9IZfRTsjWpMUV7CbfxC8YT40EHutH8m
kSJF2OWR7JVfabFS3oJ4qPRnFniyZcvIrvfcbPsXsv22fYeMPCfECT+ONQLttrUy
NtOb2f53DmNusBH4+IQ5m3FurUbWyiQ+lh/IXtvV4SQx729OO3N9Rn+5oSUqlnYy
awmH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:43 2024 by rpki-client on console-ams.rpki-client.org