Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/tnSw2DfWL9qngUtAW6coSu9pRK0.roa
File: tnSw2DfWL9qngUtAW6coSu9pRK0.roa (raw, json)
Hash identifier: /SBK3vhxww0OgISa5ybHPE+4Uau0nNvYNCS1e5Pg5Es=
Subject key identifier: B6:74:B0:D8:37:D6:2F:DA:A7:81:4B:40:5B:A7:28:4A:EF:69:44:AD
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0184BBE53520CBBC0C186B0F7CDED5FF5321
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/tnSw2DfWL9qngUtAW6coSu9pRK0.roa
Signing time: Mon 28 Nov 2022 01:41:11 +0000
ROA not before: Mon 28 Nov 2022 01:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 85.237.198.0/24 maxlen: 24
85.158.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bb:e5:35:20:cb:bc:0c:18:6b:0f:7c:de:d5:ff:53:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Nov 28 01:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b674b0d837d62fdaa7814b405ba7284aef6944ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:86:4f:54:49:a3:3b:31:8a:47:69:7a:a9:84:
1d:62:f8:1d:0a:9a:20:b3:7b:33:61:51:78:87:eb:
08:3c:af:c8:35:5a:e3:54:2e:c7:9c:a1:f2:c3:d7:
48:9b:45:74:52:2b:12:5b:fe:0e:62:54:2c:b5:16:
95:57:85:f5:7f:be:77:90:77:b3:02:90:13:f6:31:
2c:5f:c5:14:d4:0a:4c:62:ea:b0:df:c7:59:c0:b3:
fd:96:d6:98:ed:2e:c5:b0:15:fa:56:ac:4d:17:b1:
9b:62:3d:f5:77:82:6d:ef:8f:bf:3c:61:1c:3c:2b:
61:9c:fd:b7:22:26:e9:6d:0f:6c:a2:9f:e9:0c:54:
d2:bc:42:c9:db:d4:26:1f:d2:f5:42:b4:fb:62:82:
25:b6:e2:7d:cd:cf:61:3c:da:0f:56:34:09:1c:6e:
58:4c:09:48:fd:bd:c4:3c:35:f2:a2:b6:ff:f3:cd:
09:45:78:3f:7b:8f:8f:39:0f:03:ef:20:c8:93:4c:
73:c5:29:9b:a1:88:b7:f7:c6:90:15:3c:ed:d8:15:
cb:26:38:dc:3a:65:37:ca:24:fc:b5:62:e4:eb:2c:
4f:30:a0:10:c9:16:62:2d:5c:a7:92:11:fc:df:44:
1d:45:d2:03:2e:ab:b1:08:4f:20:ce:b0:fa:2f:3c:
e6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:74:B0:D8:37:D6:2F:DA:A7:81:4B:40:5B:A7:28:4A:EF:69:44:AD
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/tnSw2DfWL9qngUtAW6coSu9pRK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.60.0/24
85.237.198.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0c:1d:ee:e5:85:33:9c:51:ee:e8:b4:1b:0e:22:22:1a:06:
0a:3c:75:38:a9:99:ad:ac:9a:ea:99:1f:26:39:08:5c:8a:f4:
b8:4f:59:c0:b0:a9:76:3f:57:29:fa:05:3d:ba:5b:e2:2c:df:
7d:37:b0:13:65:71:3a:cd:15:ec:e9:84:e6:43:09:15:7a:4e:
bc:6e:84:56:e8:03:43:75:a9:7b:04:8a:e7:10:55:8c:aa:70:
6a:c8:af:c3:a6:7c:4d:2f:d2:d1:87:d4:b8:78:8d:75:f5:4b:
7a:a0:97:3e:b4:38:f5:ad:7b:5b:52:bc:51:d8:ad:70:30:30:
40:f3:64:c2:f8:c8:e7:02:28:57:3a:f1:5e:46:b4:fa:ed:7b:
ad:f1:46:2b:a5:99:2f:5e:10:0b:a2:7e:ef:d3:bd:d7:9e:f2:
b8:c3:a6:79:3e:20:6b:b7:45:0f:b1:84:f0:12:af:9b:90:aa:
d9:72:5e:a9:f2:c7:68:cb:fc:d5:77:ad:d2:6f:fd:e3:d2:e5:
fa:d8:7a:b1:1f:ef:8e:ee:b2:4a:26:79:74:5e:2e:74:fe:2d:
1c:36:94:4d:4b:86:e5:89:7b:8a:08:b0:75:0d:02:de:59:55:
15:8b:66:06:26:60:39:26:70:08:fa:0d:56:ec:82:37:87:3f:
7e:a7:23:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS75TUgy7wMGGsPfN7V/1MhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMTI4MDE0MTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc0YjBkODM3ZDYyZmRhYTc4MTRiNDA1YmE3Mjg0YWVmNjk0NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIZPVEmjOzGKR2l6qYQdYvgdCpog
s3szYVF4h+sIPK/INVrjVC7HnKHyw9dIm0V0UisSW/4OYlQstRaVV4X1f753kHez
ApAT9jEsX8UU1ApMYuqw38dZwLP9ltaY7S7FsBX6VqxNF7GbYj31d4Jt74+/PGEc
PCthnP23IibpbQ9sop/pDFTSvELJ29QmH9L1QrT7YoIltuJ9zc9hPNoPVjQJHG5Y
TAlI/b3EPDXyorb/880JRXg/e4+POQ8D7yDIk0xzxSmboYi398aQFTzt2BXLJjjc
OmU3yiT8tWLk6yxPMKAQyRZiLVynkhH830QdRdIDLquxCE8gzrD6Lzzm7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZ0sNg31i/ap4FLQFunKErvaUStMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvdG5TdzJEZldMOXFuZ1V0QVc2Y29TdTlwUkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ48AwQA
Ve3GMA0GCSqGSIb3DQEBCwUAA4IBAQB8DB3u5YUznFHu6LQbDiIiGgYKPHU4qZmt
rJrqmR8mOQhcivS4T1nAsKl2P1cp+gU9ulviLN99N7ATZXE6zRXs6YTmQwkVek68
boRW6ANDdal7BIrnEFWMqnBqyK/DpnxNL9LRh9S4eI119Ut6oJc+tDj1rXtbUrxR
2K1wMDBA82TC+MjnAihXOvFeRrT67Xut8UYrpZkvXhALon7v073XnvK4w6Z5PiBr
t0UPsYTwEq+bkKrZcl6p8sdoy/zVd63Sb/3j0uX62HqxH++O7rJKJnl0Xi50/i0c
NpRNS4bliXuKCLB1DQLeWVUVi2YGJmA5JnAI+g1W7II3hz9+pyO1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:52 2025 by rpki-client