Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/YVhYsJEC2Uaux6hQhI5A9tPkPiM.roa
File: YVhYsJEC2Uaux6hQhI5A9tPkPiM.roa (raw, json)
Hash identifier: kN+gpEZ6fPWFoyY2K++m9z1jWgHjtuXNHtytgigZGNw=
Subject key identifier: 61:58:58:B0:91:02:D9:46:AE:C7:A8:50:84:8E:40:F6:D3:E4:3E:23
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0188B67D949B6C76D70A62DD3B73A0FE9206
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/YVhYsJEC2Uaux6hQhI5A9tPkPiM.roa
Signing time: Tue 13 Jun 2023 20:41:03 +0000
ROA not before: Tue 13 Jun 2023 20:41:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
85.237.206.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.207.0/24 maxlen: 24
85.237.223.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b6:7d:94:9b:6c:76:d7:0a:62:dd:3b:73:a0:fe:92:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jun 13 20:41:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=615858b09102d946aec7a850848e40f6d3e43e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:b2:4a:d2:5f:b7:49:39:27:11:25:41:f4:
4c:82:23:20:d2:14:77:01:e2:82:ec:23:cf:4a:2b:
5b:3f:73:08:43:ea:60:85:fd:18:1e:6c:ed:4c:f5:
74:7a:a3:32:f3:ab:cd:16:b6:e9:d1:8a:a3:ab:96:
c8:26:73:1d:04:0b:b4:e8:96:6a:73:3f:45:d5:f9:
04:b8:e2:a2:fb:f1:e5:5a:f8:3e:f1:d4:dc:d1:db:
0b:c1:bb:25:95:90:1b:e9:de:ce:2f:f0:fc:e5:7a:
e0:af:8c:b8:80:76:ac:4d:e1:bd:ac:2c:9a:68:6c:
c8:06:93:12:aa:e5:6f:a2:91:49:a2:cc:07:48:64:
4c:f7:d1:8e:89:b8:d8:83:60:70:30:e5:67:e7:31:
d3:7c:d9:71:92:21:fd:85:19:53:96:04:39:8c:d8:
31:8e:ff:52:0d:64:f6:87:1b:67:c5:52:56:1c:75:
0f:81:3b:f5:fa:ca:37:39:7b:68:58:0d:65:1b:c9:
31:1d:14:48:ac:9c:ef:cd:64:d2:e4:d6:8d:6c:31:
15:9b:53:a7:65:72:6f:2b:84:fd:c7:5d:d9:df:8a:
9a:71:6d:de:39:ca:6b:32:27:00:bf:36:30:79:90:
89:3a:bd:8c:eb:b9:f6:91:ff:bb:3f:ab:a6:80:f7:
fc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:58:58:B0:91:02:D9:46:AE:C7:A8:50:84:8E:40:F6:D3:E4:3E:23
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/YVhYsJEC2Uaux6hQhI5A9tPkPiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
85.237.206.0/23
85.237.223.0/24
185.93.33.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
45:11:56:c8:43:cb:63:65:b4:cf:d5:57:8b:70:4f:aa:5e:99:
1b:29:93:d8:97:96:48:1b:36:1a:30:8f:d4:66:0f:60:ed:e0:
32:67:82:a7:1e:30:8e:d9:6b:0f:51:7e:9f:12:7c:93:c3:b5:
3e:8f:19:a2:a5:c8:78:75:24:c5:a9:f1:6d:3f:99:63:a3:81:
3f:5e:c9:09:67:bf:6f:ca:17:8e:1a:eb:25:ed:15:59:1e:72:
1d:f2:98:67:7b:5d:ed:9b:dd:21:70:bd:b5:73:17:90:0d:fd:
20:a0:56:9a:47:62:22:eb:a9:49:7a:74:84:5d:6c:51:f2:2a:
c7:0e:69:70:45:bf:f6:56:59:9c:c7:d3:7a:0f:f5:a0:0e:fb:
1b:62:f0:a1:ad:79:e4:1a:c5:6d:a6:aa:99:40:cd:0e:43:02:
6e:61:d1:ff:45:44:f8:41:f3:49:f1:81:89:33:b7:7a:82:c5:
ef:26:08:93:bd:d6:c3:74:be:db:4e:86:79:09:c8:7f:32:e5:
f3:49:e1:ed:30:a7:0d:e9:2e:fa:27:4a:9c:db:70:3e:db:22:
1d:35:fc:61:38:e7:e6:94:3e:e3:58:dd:df:c5:60:e0:e0:7e:
d5:ec:9b:7d:d1:83:e2:a6:4f:d0:91:52:25:49:35:ca:2d:b9:
a0:ec:05:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYi2fZSbbHbXCmLdO3Og/pIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNjEzMjA0MTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTU4NThiMDkxMDJkOTQ2YWVjN2E4NTA4NDhlNDBmNmQzZTQzZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo76yStJft0k5JxElQfRMgiMg0hR3
AeKC7CPPSitbP3MIQ+pghf0YHmztTPV0eqMy86vNFrbp0Yqjq5bIJnMdBAu06JZq
cz9F1fkEuOKi+/HlWvg+8dTc0dsLwbsllZAb6d7OL/D85Xrgr4y4gHasTeG9rCya
aGzIBpMSquVvopFJoswHSGRM99GOibjYg2BwMOVn5zHTfNlxkiH9hRlTlgQ5jNgx
jv9SDWT2hxtnxVJWHHUPgTv1+so3OXtoWA1lG8kxHRRIrJzvzWTS5NaNbDEVm1On
ZXJvK4T9x13Z34qacW3eOcprMicAvzYweZCJOr2M67n2kf+7P6umgPf8nQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGFYWLCRAtlGrseoUISOQPbT5D4jMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvWVZoWXNKRUMyVWF1eDZoUWhJNUE5dFBrUGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVe3KAwQB
Ve3OAwQAVe3fAwQAuV0hAwQAwW3GMA0GCSqGSIb3DQEBCwUAA4IBAQBFEVbIQ8tj
ZbTP1VeLcE+qXpkbKZPYl5ZIGzYaMI/UZg9g7eAyZ4KnHjCO2WsPUX6fEnyTw7U+
jxmipch4dSTFqfFtP5ljo4E/XskJZ79vyheOGusl7RVZHnId8phne13tm90hcL21
cxeQDf0goFaaR2Ii66lJenSEXWxR8irHDmlwRb/2Vlmcx9N6D/WgDvsbYvChrXnk
GsVtpqqZQM0OQwJuYdH/RUT4QfNJ8YGJM7d6gsXvJgiTvdbDdL7bToZ5Cch/MuXz
SeHtMKcN6S76J0qc23A+2yIdNfxhOOfmlD7jWN3fxWDg4H7V7Jt90YPipk/QkVIl
STXKLbmg7AXs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:07 2025 by rpki-client