Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/XztyRbyiW2jGVouFIo8nz1xWk8A.roa
File: XztyRbyiW2jGVouFIo8nz1xWk8A.roa (raw, json)
Hash identifier: hSVjelb3ca+R+TPbyLniDdbQkpZBAk9BCOxJSKpZE+s=
Subject key identifier: 5F:3B:72:45:BC:A2:5B:68:C6:56:8B:85:22:8F:27:CF:5C:56:93:C0
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 01882688277F76B02C0AC1E103758848E6F4
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/XztyRbyiW2jGVouFIo8nz1xWk8A.roa
Signing time: Tue 16 May 2023 21:47:17 +0000
ROA not before: Tue 16 May 2023 21:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
85.237.201.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.158.61.0/24 maxlen: 24
85.237.216.0/24 maxlen: 24
185.93.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:26:88:27:7f:76:b0:2c:0a:c1:e1:03:75:88:48:e6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: May 16 21:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f3b7245bca25b68c6568b85228f27cf5c5693c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f5:38:60:00:ef:f3:28:31:aa:02:68:15:30:
13:ad:1e:a2:87:b5:6a:98:ca:61:cc:30:94:83:3d:
9d:78:76:bc:eb:5a:14:94:f8:32:b7:bb:f3:57:ad:
85:cf:d5:26:73:fc:3b:df:90:7d:81:a1:fb:57:ac:
5e:c5:be:5d:5b:78:9b:22:5e:4f:e5:e8:d7:c9:54:
b0:90:c5:83:8d:ac:65:22:e3:97:0c:b7:c6:2c:d9:
4f:ce:fb:2c:c4:f0:19:a3:93:8d:b3:c0:af:03:9f:
f7:4d:89:2c:e0:6a:06:e2:0a:6a:e6:98:96:33:0f:
09:b3:95:56:a2:fc:fd:cc:09:e2:f5:88:04:69:d7:
34:b9:b3:e1:a2:4c:7a:4a:14:18:af:67:61:fc:3a:
dd:3d:81:ba:d9:34:46:35:b3:06:6e:95:d3:4e:79:
92:fb:9c:fa:c8:00:c3:71:00:3c:d9:06:78:2f:9d:
4b:c5:46:b1:7e:0f:d4:b8:7c:7d:55:1f:d1:92:74:
26:f3:5f:73:ce:dd:7b:7e:a5:6b:74:58:10:e6:57:
0d:96:7f:83:2a:1e:87:87:9f:36:73:8b:dd:53:03:
9d:a6:15:c7:55:d6:71:be:aa:92:5b:03:e7:27:03:
fb:45:e7:04:ab:df:62:5d:5b:68:c3:d3:12:1a:ab:
cb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3B:72:45:BC:A2:5B:68:C6:56:8B:85:22:8F:27:CF:5C:56:93:C0
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/XztyRbyiW2jGVouFIo8nz1xWk8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.61.0/24
85.237.201.0-85.237.202.255
85.237.211.0/24
85.237.216.0/24
185.93.35.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
53:33:35:a5:16:c5:25:a3:a1:43:4c:7b:42:9e:ad:c0:5d:06:
94:67:9d:f2:9d:5c:e0:c9:cc:b5:57:08:a0:1f:2f:2f:20:14:
d8:98:ae:bf:69:a4:5b:9b:2a:5b:92:bd:60:89:f9:a5:e1:aa:
f7:34:6c:fb:b1:33:19:a8:fb:dc:52:8f:27:15:21:8e:a6:60:
73:38:6d:cd:61:7d:a2:83:26:79:94:68:00:91:a7:9b:20:95:
e3:bb:40:25:70:4d:f6:e0:0a:12:d2:98:05:a2:ac:28:e5:ed:
eb:19:5c:50:96:87:a9:ba:2c:7f:32:40:3d:2d:3a:ad:b7:a1:
f1:01:a9:42:f0:1c:fa:5d:6b:31:65:cb:aa:d0:1e:d3:bf:9f:
cc:7a:a4:5b:86:14:84:d7:84:3b:27:6d:bf:40:53:11:31:f4:
1f:e0:ce:a2:49:b6:b4:93:51:dc:f0:55:16:49:43:ef:33:a2:
96:1c:6b:c7:ba:ad:f6:60:1d:7b:5f:0b:a1:1d:f5:3d:c5:47:
03:b4:26:61:d9:8d:d0:9b:33:b4:37:62:b3:13:50:d8:84:20:
c9:82:f2:7d:61:fa:4a:c9:f4:05:01:09:6c:ef:ef:d8:fd:fc:
c6:12:8b:5a:c7:6f:9e:33:3c:c3:f8:4c:1d:84:f1:9a:98:89:
af:1d:bf:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYgmiCd/drAsCsHhA3WISOb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTE2MjE0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNiNzI0NWJjYTI1YjY4YzY1NjhiODUyMjhmMjdjZjVjNTY5M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/U4YADv8ygxqgJoFTATrR6ih7Vq
mMphzDCUgz2deHa861oUlPgyt7vzV62Fz9Umc/w735B9gaH7V6xexb5dW3ibIl5P
5ejXyVSwkMWDjaxlIuOXDLfGLNlPzvssxPAZo5ONs8CvA5/3TYks4GoG4gpq5piW
Mw8Js5VWovz9zAni9YgEadc0ubPhokx6ShQYr2dh/DrdPYG62TRGNbMGbpXTTnmS
+5z6yADDcQA82QZ4L51LxUaxfg/UuHx9VR/RknQm819zzt17fqVrdFgQ5lcNln+D
Kh6Hh582c4vdUwOdphXHVdZxvqqSWwPnJwP7RecEq99iXVtow9MSGqvLCQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF87ckW8oltoxlaLhSKPJ89cVpPAMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvWHp0eVJieWlXMmpHVm91RklvOG56MXhXazhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVZ49MAwD
BABV7ckDBABV7coDBABV7dMDBABV7dgDBAC5XSMDBADBbcYwDQYJKoZIhvcNAQEL
BQADggEBAFMzNaUWxSWjoUNMe0KercBdBpRnnfKdXODJzLVXCKAfLy8gFNiYrr9p
pFubKluSvWCJ+aXhqvc0bPuxMxmo+9xSjycVIY6mYHM4bc1hfaKDJnmUaACRp5sg
leO7QCVwTfbgChLSmAWirCjl7esZXFCWh6m6LH8yQD0tOq23ofEBqULwHPpdazFl
y6rQHtO/n8x6pFuGFITXhDsnbb9AUxEx9B/gzqJJtrSTUdzwVRZJQ+8zopYca8e6
rfZgHXtfC6Ed9T3FRwO0JmHZjdCbM7Q3YrMTUNiEIMmC8n1h+krJ9AUBCWzv79j9
/MYSi1rHb54zPMP4TB2E8ZqYia8dv/E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:27 2025 by rpki-client