Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/g45HJE8r5mWgOQhJViZN5uJqkNc.roa
File: g45HJE8r5mWgOQhJViZN5uJqkNc.roa (raw, json)
Hash identifier: /TiEYCbbcsnU0hD23gvf1boYHwnzMNCH8FkUfMUqU3I=
Subject key identifier: 83:8E:47:24:4F:2B:E6:65:A0:39:08:49:56:26:4D:E6:E2:6A:90:D7
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 04D91962
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/g45HJE8r5mWgOQhJViZN5uJqkNc.roa
Signing time: Wed 16 Feb 2022 12:20:03 +0000
ROA not before: Wed 16 Feb 2022 12:20:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 85.237.193.0/24 maxlen: 24
85.237.199.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.220.0/24 maxlen: 24
85.237.221.0/24 maxlen: 24
85.237.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81336674 (0x4d91962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Feb 16 12:20:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=838e47244f2be665a039084956264de6e26a90d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:44:65:3a:35:31:61:62:09:1c:47:08:60:2f:
0d:b1:50:8c:35:3e:2e:c2:2c:74:f6:ff:0d:a9:4f:
d6:68:d2:ee:df:f6:0d:fb:eb:8d:f6:9f:db:08:f6:
f1:eb:ec:cd:f6:36:8f:ff:54:d4:70:dd:0f:ec:79:
62:ae:97:a8:ce:71:cb:a6:88:cf:37:ec:1e:f6:04:
b1:1f:2b:03:06:40:94:c3:eb:77:01:d3:5b:29:20:
94:0b:01:f2:05:6a:8c:47:6a:18:ba:0d:53:02:ce:
bd:e4:17:1b:19:f6:ab:e1:49:02:fa:83:42:88:f6:
95:c5:c5:f5:5d:5d:14:12:a3:1c:df:12:ed:22:86:
f9:de:4d:b3:d4:d5:0f:6a:30:ce:3f:7c:ba:81:d9:
da:a6:3e:0a:d9:f4:cd:ea:7d:61:9d:09:33:1e:02:
39:d5:56:c8:cb:0b:b9:83:a6:12:8f:1d:69:4e:c4:
e5:ea:da:2e:a2:62:dd:80:b9:6a:7c:a5:1f:96:b9:
71:50:e2:a0:27:03:d5:96:37:ea:8e:f5:9a:66:d8:
33:99:7a:8e:c0:f5:73:e9:04:43:c9:77:61:09:2c:
0d:12:cf:36:43:ef:e9:6c:50:93:9b:6f:f2:ac:b4:
50:39:f7:66:d1:43:d2:f3:af:b7:0a:23:92:35:70:
a0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8E:47:24:4F:2B:E6:65:A0:39:08:49:56:26:4D:E6:E2:6A:90:D7
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/g45HJE8r5mWgOQhJViZN5uJqkNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.237.193.0/24
85.237.199.0/24
85.237.220.0-85.237.222.255
Signature Algorithm: sha256WithRSAEncryption
b3:83:6a:45:ca:38:55:b6:f3:43:74:ce:7f:cb:1c:12:bf:21:
f2:98:8a:38:7e:27:11:63:a7:09:0d:50:86:d6:8b:f3:b7:2e:
37:92:91:fd:00:7b:ed:fc:4f:49:87:07:a8:ff:06:e8:a9:ed:
e7:33:55:b9:cc:b3:2d:fb:87:24:f0:9d:30:0d:2d:19:ee:8d:
4e:0f:61:e5:79:c6:63:9f:91:e3:d7:42:e1:ca:71:26:17:c8:
ca:a4:03:1e:34:a6:0d:f4:2a:15:82:0c:98:c2:74:26:3e:e7:
23:00:70:8b:d5:15:8d:b2:e5:09:c9:0c:dd:95:9b:d3:c8:c4:
b3:0f:42:57:66:57:40:c3:60:d8:5a:66:2c:0a:f5:68:4b:ce:
43:8e:10:25:9c:bb:9b:31:50:b9:85:e7:ce:a3:21:7a:63:f7:
04:4d:9d:91:be:3e:1e:bf:75:0e:a9:32:69:52:44:f7:02:e6:
fe:26:0f:46:0c:d0:ca:b2:9b:d9:4f:a9:e6:57:b5:57:0b:1e:
69:91:88:81:f2:c3:38:e2:ef:20:1a:6e:5a:4e:47:b4:52:16:
a8:53:fe:5c:bb:97:aa:aa:61:13:d7:d2:9d:36:67:f5:96:93:
f6:b5:5b:0a:a4:a3:b5:16:67:aa:37:03:b2:89:6e:77:f4:c1:
2e:aa:99:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBNkZYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTBiNjczNjhjOTFiODVlODQ4ODhjNWVkMmU4MjRkMTM5MDgxMGJiMB4XDTIyMDIx
NjEyMjAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM4ZTQ3MjQ0ZjJi
ZTY2NWEwMzkwODQ5NTYyNjRkZTZlMjZhOTBkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlEZTo1MWFiCRxHCGAvDbFQjDU+LsIsdPb/DalP1mjS7t/2
Dfvrjfaf2wj28evszfY2j/9U1HDdD+x5Yq6XqM5xy6aIzzfsHvYEsR8rAwZAlMPr
dwHTWykglAsB8gVqjEdqGLoNUwLOveQXGxn2q+FJAvqDQoj2lcXF9V1dFBKjHN8S
7SKG+d5Ns9TVD2owzj98uoHZ2qY+Ctn0zep9YZ0JMx4COdVWyMsLuYOmEo8daU7E
5eraLqJi3YC5anylH5a5cVDioCcD1ZY36o71mmbYM5l6jsD1c+kEQ8l3YQksDRLP
NkPv6WxQk5tv8qy0UDn3ZtFD0vOvtwojkjVwoKMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSDjkckTyvmZaA5CElWJk3m4mqQ1zAfBgNVHSMEGDAWgBQ5C2c2jJG4XoSI
jF7S6CTROQgQuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RdG5Ob3lSdUY2RWlJeGUwdWdrMFRrSUVMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8x
L2c0NUhKRThyNW1XZ09RaEpWaVpONXVKcWtOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8xL09RdG5Ob3lSdUY2
RWlJeGUwdWdrMFRrSUVMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFWeOQMEAFXtwQMEAFXtxzAMAwQC
Ve3cAwQAVe3eMA0GCSqGSIb3DQEBCwUAA4IBAQCzg2pFyjhVtvNDdM5/yxwSvyHy
mIo4ficRY6cJDVCG1ovzty43kpH9AHvt/E9Jhweo/wboqe3nM1W5zLMt+4ck8J0w
DS0Z7o1OD2HlecZjn5Hj10LhynEmF8jKpAMeNKYN9CoVggyYwnQmPucjAHCL1RWN
suUJyQzdlZvTyMSzD0JXZldAw2DYWmYsCvVoS85DjhAlnLubMVC5hefOoyF6Y/cE
TZ2Rvj4ev3UOqTJpUkT3Aub+Jg9GDNDKspvZT6nmV7VXCx5pkYiB8sM44u8gGm5a
Tke0UhaoU/5cu5eqqmET19KdNmf1lpP2tVsKpKO1FmeqNwOyiW539MEuqpmt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:21 2025 by rpki-client