Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/c9LYsWEQIFzl6i9xmj93FkUIlJM.roa
File: c9LYsWEQIFzl6i9xmj93FkUIlJM.roa (raw, json)
Hash identifier: IWuzcBPRvqcOve3HuovGaCmj/Qt7vDUTBypNuDqL30w=
Subject key identifier: 73:D2:D8:B1:61:10:20:5C:E5:EA:2F:71:9A:3F:77:16:45:08:94:93
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE8CCD2A0E6405D76A810BBD1E4851
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/c9LYsWEQIFzl6i9xmj93FkUIlJM.roa
Signing time: Mon 02 Jan 2023 09:44:48 +0000
ROA not before: Mon 02 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.237.217.0/24 maxlen: 24
85.237.221.0/24 maxlen: 24
85.237.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8c:cd:2a:0e:64:05:d7:6a:81:0b:bd:1e:48:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73d2d8b16110205ce5ea2f719a3f771645089493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f8:c4:02:5a:f0:17:72:0b:a5:7b:e3:2c:bd:
8c:26:45:ce:93:aa:9f:ea:4f:94:72:5d:2d:2c:b1:
1d:82:63:c1:0c:60:2a:b5:54:76:95:ed:b8:b2:c9:
99:3e:0b:92:78:09:ac:af:09:99:5d:c4:0c:28:5c:
3e:a9:f7:e7:bf:33:6a:b1:cd:67:32:c2:b4:fe:24:
b4:55:b9:f3:18:4b:b9:f7:31:78:b2:e0:7d:74:5c:
b7:b9:73:3f:0b:87:fe:d7:b8:95:91:f6:e4:24:8a:
89:5b:05:79:c4:64:68:29:bb:04:ad:33:2f:0e:72:
10:f5:61:e9:7b:ac:77:73:6d:af:4b:d5:ba:8a:7e:
c8:23:a7:d7:30:4d:f0:36:4d:b8:da:f9:c7:a3:1e:
c0:32:55:24:82:e0:45:56:10:b5:1c:3e:8a:87:ca:
47:fb:b5:dd:b6:eb:be:6e:22:54:22:de:8f:a3:c2:
1d:66:7e:89:97:5b:e4:16:75:87:c6:de:75:07:9c:
13:5c:1b:8a:c8:18:58:5b:e3:b3:67:55:32:6c:d3:
3e:4e:ce:e2:14:a4:aa:20:6d:04:a5:f2:f9:fd:1f:
ac:d1:b5:c1:7a:41:5d:31:75:f7:c7:76:65:81:9b:
52:5a:28:ab:74:82:14:6c:94:9e:96:28:24:62:30:
a0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D2:D8:B1:61:10:20:5C:E5:EA:2F:71:9A:3F:77:16:45:08:94:93
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/c9LYsWEQIFzl6i9xmj93FkUIlJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.217.0/24
85.237.220.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:6e:dc:3c:d4:19:ee:29:bb:a6:56:b9:d1:e8:96:52:fd:1d:
cc:20:15:67:60:25:12:b9:6d:d5:f1:26:54:14:0b:d8:a3:ee:
08:54:02:5b:eb:70:0c:dd:dc:d0:60:ca:d5:f6:7f:ae:d6:2f:
f5:65:d9:8f:eb:95:2d:d4:a7:8a:d6:48:fe:04:0d:e8:51:4c:
80:19:6d:cc:20:0e:a5:55:4b:d8:14:0a:f0:44:b3:ab:a0:34:
82:38:5b:52:94:d5:c8:9c:67:df:cc:16:0e:1e:3f:c3:9e:1d:
91:6c:2f:e5:ab:4c:8b:57:55:02:39:7c:11:ce:0b:99:11:f3:
43:7d:9d:8c:b3:bf:3f:2b:53:95:b3:fc:5a:bc:4d:2e:26:e0:
34:0e:57:7b:c9:9c:59:0b:63:11:70:c2:5b:06:55:92:7e:69:
5b:36:62:c5:38:48:a4:24:d5:60:74:a1:4d:5d:e2:ca:4b:ab:
1c:5d:df:b2:8d:42:50:29:c5:6c:02:09:2e:19:c6:44:10:80:
4c:d2:fe:64:58:39:fa:f4:6c:46:0e:20:f5:3d:95:5d:27:b0:
97:29:77:af:75:57:14:c3:eb:08:3c:88:a3:f0:a7:c6:42:78:
8c:b1:7e:cb:56:e6:74:10:9c:46:d9:83:bf:83:5e:74:26:34:
f4:37:4a:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3ozNKg5kBddqgQu9HkhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QyZDhiMTYxMTAyMDVjZTVlYTJmNzE5YTNmNzcxNjQ1MDg5NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvjEAlrwF3ILpXvjLL2MJkXOk6qf
6k+Ucl0tLLEdgmPBDGAqtVR2le24ssmZPguSeAmsrwmZXcQMKFw+qffnvzNqsc1n
MsK0/iS0VbnzGEu59zF4suB9dFy3uXM/C4f+17iVkfbkJIqJWwV5xGRoKbsErTMv
DnIQ9WHpe6x3c22vS9W6in7II6fXME3wNk242vnHox7AMlUkguBFVhC1HD6Kh8pH
+7Xdtuu+biJUIt6Po8IdZn6Jl1vkFnWHxt51B5wTXBuKyBhYW+OzZ1UybNM+Ts7i
FKSqIG0EpfL5/R+s0bXBekFdMXX3x3ZlgZtSWiirdIIUbJSeligkYjCg9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHPS2LFhECBc5eovcZo/dxZFCJSTMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvYzlMWXNXRVFJRnpsNmk5eG1qOTNGa1VJbEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3ZAwQB
Ve3cMA0GCSqGSIb3DQEBCwUAA4IBAQAObtw81BnuKbumVrnR6JZS/R3MIBVnYCUS
uW3V8SZUFAvYo+4IVAJb63AM3dzQYMrV9n+u1i/1ZdmP65Ut1KeK1kj+BA3oUUyA
GW3MIA6lVUvYFArwRLOroDSCOFtSlNXInGffzBYOHj/Dnh2RbC/lq0yLV1UCOXwR
zguZEfNDfZ2Ms78/K1OVs/xavE0uJuA0Dld7yZxZC2MRcMJbBlWSfmlbNmLFOEik
JNVgdKFNXeLKS6scXd+yjUJQKcVsAgkuGcZEEIBM0v5kWDn69GxGDiD1PZVdJ7CX
KXevdVcUw+sIPIij8KfGQniMsX7LVuZ0EJxG2YO/g150JjT0N0p8
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:40 2025 by rpki-client