Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aF6oQANvCClaeT-uCAr3gTr9iGA.roa
File: aF6oQANvCClaeT-uCAr3gTr9iGA.roa (raw, json)
Hash identifier: jjUUMh1P3t+ZNpeKQBAQzCD+IgNtlu+OwxAj/uctYm4=
Subject key identifier: 68:5E:A8:40:03:6F:08:29:5A:79:3F:AE:08:0A:F7:81:3A:FD:88:60
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE9BC85A5DA3F0FB20A48A8DFE3F63
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aF6oQANvCClaeT-uCAr3gTr9iGA.roa
Signing time: Mon 02 Jan 2023 09:44:52 +0000
ROA not before: Mon 02 Jan 2023 09:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 85.237.202.0/24 maxlen: 24
185.93.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:9b:c8:5a:5d:a3:f0:fb:20:a4:8a:8d:fe:3f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685ea840036f08295a793fae080af7813afd8860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0e:89:28:08:64:6d:da:9f:59:ac:92:0e:ec:
7e:53:12:88:a1:23:d8:2f:b4:66:2f:03:a1:47:84:
ee:92:2d:27:d8:c2:80:c5:03:14:73:95:84:bf:97:
0e:3a:4f:b8:4b:ae:c3:85:ef:8e:5e:f4:7c:fc:ed:
e6:d4:27:83:60:4c:6b:54:1c:b8:eb:08:10:4b:b3:
71:0e:d5:98:db:6d:d7:0c:84:a6:29:fe:ad:e3:88:
90:b3:5f:c5:b5:e3:91:d8:2d:a2:e8:ae:1e:cf:49:
42:a8:ab:8d:ab:16:ff:32:23:c5:ca:e4:c6:2f:61:
9a:0b:aa:ac:99:49:e6:c0:fe:e3:b1:0d:81:c1:bb:
29:a1:14:95:6f:d7:6f:b3:4d:14:41:c4:4b:84:a8:
bc:fa:ac:47:14:6d:1f:96:62:e9:88:fd:ed:68:d6:
e8:af:b0:42:47:2d:a4:12:22:65:0b:ac:ec:76:86:
1c:b2:78:14:4a:2c:a4:25:2b:6e:cb:0e:92:99:7a:
8f:8b:d3:63:bb:02:72:ed:24:a9:12:4b:e1:06:fa:
cc:7a:4e:f8:19:a4:f6:83:e2:78:54:b0:6b:58:9e:
1d:ab:23:f9:eb:cf:78:36:92:94:31:f1:d8:58:fd:
f9:db:89:f1:11:ed:ac:af:3f:17:d1:a3:bf:94:8a:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:A8:40:03:6F:08:29:5A:79:3F:AE:08:0A:F7:81:3A:FD:88:60
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/aF6oQANvCClaeT-uCAr3gTr9iGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
185.93.35.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e4:fd:c7:a9:02:94:5b:64:da:bf:08:fe:46:c9:f7:33:99:
21:27:08:9b:f3:b1:0f:68:c5:a4:75:d7:71:bc:fc:8e:2c:33:
29:2d:08:5e:ef:6a:8f:57:cd:bd:13:ad:0c:11:43:1a:72:28:
df:0d:af:1a:f9:94:47:76:5b:a6:d5:b5:74:c5:af:00:a1:ab:
cb:70:c5:5b:44:d8:93:11:d0:2e:8c:66:0e:53:61:fb:41:60:
cd:d8:79:9c:89:56:e8:87:7e:c3:e0:10:e2:28:fa:71:40:e8:
11:be:56:f4:d3:f8:c2:24:7a:0f:d8:77:da:20:d7:53:44:45:
3b:cd:33:8a:7d:10:c6:d3:a6:f6:35:60:6f:b9:53:fa:98:ea:
59:72:cf:22:7e:52:12:c4:be:e2:d6:30:23:3e:df:c8:6b:f0:
e6:e6:02:97:79:cd:cb:b9:c2:5c:23:00:3e:53:6c:f8:28:27:
02:c0:6f:f9:73:d3:b6:e8:ca:29:45:e8:cc:07:a3:5f:19:b6:
36:db:34:c8:5f:c7:95:81:d9:8f:e4:45:11:d9:0c:ec:cf:b4:
9b:ec:9f:7c:a9:87:14:10:26:1e:df:4a:c5:f0:4c:cf:86:6e:
d2:e4:4d:8e:a0:47:a1:2c:12:27:00:c3:ee:77:b6:70:d1:e6:
ad:bb:d5:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3pvIWl2j8PsgpIqN/j9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVlYTg0MDAzNmYwODI5NWE3OTNmYWUwODBhZjc4MTNhZmQ4ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg6JKAhkbdqfWaySDux+UxKIoSPY
L7RmLwOhR4Tuki0n2MKAxQMUc5WEv5cOOk+4S67Dhe+OXvR8/O3m1CeDYExrVBy4
6wgQS7NxDtWY223XDISmKf6t44iQs1/FteOR2C2i6K4ez0lCqKuNqxb/MiPFyuTG
L2GaC6qsmUnmwP7jsQ2BwbspoRSVb9dvs00UQcRLhKi8+qxHFG0flmLpiP3taNbo
r7BCRy2kEiJlC6zsdoYcsngUSiykJStuyw6SmXqPi9NjuwJy7SSpEkvhBvrMek74
GaT2g+J4VLBrWJ4dqyP56894NpKUMfHYWP3524nxEe2srz8X0aO/lIpRbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGheqEADbwgpWnk/rggK94E6/YhgMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvYUY2b1FBTnZDQ2xhZVQtdUNBcjNnVHI5aUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3KAwQA
uV0jMA0GCSqGSIb3DQEBCwUAA4IBAQBL5P3HqQKUW2Tavwj+Rsn3M5khJwib87EP
aMWkdddxvPyOLDMpLQhe72qPV829E60MEUMacijfDa8a+ZRHdlum1bV0xa8AoavL
cMVbRNiTEdAujGYOU2H7QWDN2HmciVboh37D4BDiKPpxQOgRvlb00/jCJHoP2Hfa
INdTREU7zTOKfRDG06b2NWBvuVP6mOpZcs8iflISxL7i1jAjPt/Ia/Dm5gKXec3L
ucJcIwA+U2z4KCcCwG/5c9O26MopRejMB6NfGbY22zTIX8eVgdmP5EUR2Qzsz7Sb
7J98qYcUECYe30rF8EzPhm7S5E2OoEehLBInAMPud7Zw0eatu9Xp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:43 2024 by rpki-client on console-ams.rpki-client.org