Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/sK4IaS3hDshr2a-slZzbg3ymS-A.roa
File: sK4IaS3hDshr2a-slZzbg3ymS-A.roa (raw, json)
Hash identifier: 9MZQyu4/8cq2xBNXGUX0xwPvJRkPIDBiFJqIRI/dAVA=
Subject key identifier: B0:AE:08:69:2D:E1:0E:C8:6B:D9:AF:AC:95:9C:DB:83:7C:A6:4B:E0
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE9FAC477553FBAECB86C206BD56AA
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/sK4IaS3hDshr2a-slZzbg3ymS-A.roa
Signing time: Mon 02 Jan 2023 09:44:53 +0000
ROA not before: Mon 02 Jan 2023 09:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 85.237.200.0/24 maxlen: 24
85.158.56.0/24 maxlen: 24
185.89.77.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:9f:ac:47:75:53:fb:ae:cb:86:c2:06:bd:56:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0ae08692de10ec86bd9afac959cdb837ca64be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:20:f5:0e:02:fc:b1:e4:ab:3f:d7:42:c4:67:
2c:24:75:cc:0e:47:d6:68:64:59:73:ec:48:94:6e:
44:98:24:16:24:c9:bc:e5:d5:ae:e2:60:50:06:ea:
9a:8d:b9:df:33:43:22:c2:36:24:52:c1:2b:94:de:
60:96:bf:c6:89:5f:60:0a:14:bf:8e:ab:53:ba:df:
7d:3a:a9:7c:1c:2f:58:b1:ad:8f:07:bd:d5:a3:fe:
aa:de:4f:4c:a4:21:47:fa:b1:3f:13:15:1f:a8:c4:
2a:01:bd:9c:8c:45:c4:b5:29:cb:c2:b7:40:ab:70:
46:87:9f:0a:7f:9f:e9:f8:5d:44:96:4b:0d:d5:11:
5a:f9:53:92:fc:0f:c4:f8:ad:f8:11:70:3f:da:ee:
97:12:2e:8d:14:6a:c1:a6:75:77:77:8e:c2:ef:19:
ad:41:1e:fa:0f:37:aa:41:a7:28:5f:92:a8:a7:4d:
dd:12:3a:84:c1:85:b6:ed:93:57:a5:ef:7a:2e:fd:
25:72:66:bd:ce:3b:eb:ef:97:02:93:43:4e:dc:71:
9c:fa:f0:a9:dc:3a:4a:e0:b4:f8:3c:2b:77:db:24:
7b:9b:92:8e:53:4f:d4:9e:8e:db:7b:49:77:4d:a8:
7f:45:2a:ca:b8:c2:cf:0b:4d:e4:27:fd:49:bc:e2:
0c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AE:08:69:2D:E1:0E:C8:6B:D9:AF:AC:95:9C:DB:83:7C:A6:4B:E0
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/sK4IaS3hDshr2a-slZzbg3ymS-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
85.237.200.0/24
185.89.77.0/24
185.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:dc:94:f3:8f:38:9b:3f:60:eb:c6:41:d9:6c:1c:b6:81:9b:
fa:2a:5c:bc:af:c5:d8:80:32:4a:51:c9:c3:aa:a4:76:ca:63:
32:67:df:2e:18:67:3a:b3:97:5a:f3:f5:ca:d8:d1:78:eb:54:
2b:05:8a:a6:31:5c:83:56:78:91:75:31:ac:da:f4:f8:18:e2:
66:d8:4f:38:33:13:3b:fe:89:10:81:da:a5:c6:c4:41:c5:ca:
f1:30:c3:22:cc:fb:5e:9e:42:97:5a:8a:bd:93:b4:6c:90:d6:
69:0c:42:1b:fa:11:6a:73:d5:16:b2:f8:bf:ed:0a:8f:2e:82:
69:54:15:42:b1:14:e9:aa:d3:fb:14:1b:3a:f7:75:2f:fb:5b:
6e:33:3f:c1:f1:e0:ef:69:49:c6:9a:c0:26:d6:b9:9a:25:92:
29:36:05:44:56:b3:08:b3:1d:62:cb:ee:d5:ba:1d:82:00:bd:
bf:9c:30:e6:eb:fb:b0:eb:33:b6:b4:5e:ba:86:a4:16:fe:29:
a4:4c:92:0f:d6:e8:b3:e9:d3:fa:ce:34:bd:81:73:f9:a6:7a:
f1:35:5f:56:bd:27:d2:88:d7:b5:52:31:97:7d:35:e4:7d:e9:
6f:22:fd:e9:4c:92:dc:4e:78:d1:78:58:34:e4:71:cf:3d:48:
a1:56:8a:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx3p+sR3VT+67LhsIGvVaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFlMDg2OTJkZTEwZWM4NmJkOWFmYWM5NTljZGI4MzdjYTY0YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiD1DgL8seSrP9dCxGcsJHXMDkfW
aGRZc+xIlG5EmCQWJMm85dWu4mBQBuqajbnfM0MiwjYkUsErlN5glr/GiV9gChS/
jqtTut99Oql8HC9Ysa2PB73Vo/6q3k9MpCFH+rE/ExUfqMQqAb2cjEXEtSnLwrdA
q3BGh58Kf5/p+F1ElksN1RFa+VOS/A/E+K34EXA/2u6XEi6NFGrBpnV3d47C7xmt
QR76DzeqQacoX5Kop03dEjqEwYW27ZNXpe96Lv0lcma9zjvr75cCk0NO3HGc+vCp
3DpK4LT4PCt32yR7m5KOU0/Uno7be0l3Tah/RSrKuMLPC03kJ/1JvOIMoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLCuCGkt4Q7Ia9mvrJWc24N8pkvgMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvc0s0SWFTM2hEc2hyMmEtc2xaemJnM3ltUy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZ44AwQA
Ve3IAwQAuVlNAwQAuV0hMA0GCSqGSIb3DQEBCwUAA4IBAQCt3JTzjzibP2DrxkHZ
bBy2gZv6Kly8r8XYgDJKUcnDqqR2ymMyZ98uGGc6s5da8/XK2NF461QrBYqmMVyD
VniRdTGs2vT4GOJm2E84MxM7/okQgdqlxsRBxcrxMMMizPtenkKXWoq9k7RskNZp
DEIb+hFqc9UWsvi/7QqPLoJpVBVCsRTpqtP7FBs693Uv+1tuMz/B8eDvaUnGmsAm
1rmaJZIpNgVEVrMIsx1iy+7Vuh2CAL2/nDDm6/uw6zO2tF66hqQW/imkTJIP1uiz
6dP6zjS9gXP5pnrxNV9WvSfSiNe1UjGXfTXkfelvIv3pTJLcTnjReFg05HHPPUih
VooF
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:12 2025 by rpki-client