Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yHres9x8QVvI4QovyApI8_q6ypY.roa
File: yHres9x8QVvI4QovyApI8_q6ypY.roa (raw, json)
Hash identifier: 3JPk2F1tCVpOQWaIvwBpHJKIsCPZYmidqAdjsqaIS0s=
Subject key identifier: C8:7A:DE:B3:DC:7C:41:5B:C8:E1:0A:2F:C8:0A:48:F3:FA:BA:CA:96
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE96AE1ED921EAE5FF7CD9DF81A87D
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yHres9x8QVvI4QovyApI8_q6ypY.roa
Signing time: Mon 02 Jan 2023 09:44:50 +0000
ROA not before: Mon 02 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.192.0/21 maxlen: 24
193.109.192.0/21 maxlen: 24
85.237.198.0/24 maxlen: 24
85.237.206.0/23 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.213.0/24 maxlen: 24
85.237.215.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:96:ae:1e:d9:21:ea:e5:ff:7c:d9:df:81:a8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c87adeb3dc7c415bc8e10a2fc80a48f3fabaca96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:05:88:01:7d:43:31:3a:a1:12:ac:dc:b7:65:
f5:c4:c6:d0:e7:35:63:d1:ee:eb:1a:5c:f0:52:55:
e4:c9:2a:f5:81:0d:e8:ae:9c:3c:3d:a8:c5:10:95:
9f:33:11:95:db:af:46:3b:ca:13:08:1b:00:e4:20:
6f:e5:2d:6e:96:58:b5:52:4f:52:9b:25:55:7c:9c:
a1:ab:34:94:a8:79:73:1b:92:fa:4e:f5:7a:38:49:
3c:1c:b8:9a:5d:cf:c5:ea:82:63:2d:1d:af:64:75:
3a:3f:bb:94:55:29:26:62:b0:7e:89:9f:0a:69:4f:
ec:f8:dc:8e:2e:30:a0:28:c5:17:2b:38:3e:b6:63:
a4:f5:ae:99:99:da:a4:77:f0:c3:0f:fe:18:bc:ae:
01:04:ac:6c:5d:bf:a8:bf:88:dd:88:d8:34:34:c0:
e4:ea:bd:a7:77:d6:58:c3:34:ff:a7:3d:2a:59:c9:
08:5c:18:8d:f9:f2:ef:da:92:89:a0:96:43:ee:3c:
96:9b:a9:b2:79:c6:27:3b:2d:a2:20:ed:b2:8c:85:
67:ab:18:73:8f:75:fb:5d:4e:3b:fc:3d:09:6c:f9:
00:0f:5a:36:c7:6c:f8:e6:4d:ad:8f:f5:c5:05:08:
4f:07:29:02:6e:9f:b4:ec:5f:ea:d5:33:30:3e:4a:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7A:DE:B3:DC:7C:41:5B:C8:E1:0A:2F:C8:0A:48:F3:FA:BA:CA:96
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yHres9x8QVvI4QovyApI8_q6ypY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.237.192.0/21
85.237.203.0/24
85.237.205.0-85.237.223.255
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4b:a9:e3:5b:24:da:49:3a:b4:dd:4e:5e:de:67:75:49:79:
72:14:3f:ad:9a:29:4c:d9:23:fa:6e:0c:8d:36:ff:81:8d:7c:
d8:1f:ac:30:54:73:31:0c:36:25:35:9d:8d:e1:00:15:4a:3f:
76:b1:3e:d2:a7:29:31:5c:41:7c:83:c9:2c:05:b1:fb:00:33:
d1:e4:c7:3b:80:e6:83:ff:c6:05:40:8a:23:92:18:03:45:5b:
91:ad:9f:af:56:47:d1:5a:2f:fe:2e:01:3b:a6:b9:7c:f1:52:
4b:09:16:72:0b:08:5b:19:61:8c:d4:29:bb:c0:77:e2:82:dc:
47:99:31:80:73:07:95:5b:f7:08:1a:df:bf:7e:58:8a:19:43:
d7:c9:94:47:63:65:64:23:68:58:0e:96:61:f6:a5:d1:a7:82:
80:54:a8:60:d4:5a:a6:b4:da:ba:38:94:68:34:1d:37:59:87:
f6:1b:dc:32:54:63:a3:f1:7e:a1:82:9c:7b:2b:49:15:51:f2:
2c:7b:92:3e:64:3c:f5:f6:30:84:30:ac:5a:79:a1:d8:ff:6a:
ca:d8:d8:81:b3:85:b6:14:90:8a:48:2c:ff:fa:a0:b5:da:e8:
71:11:4d:b0:d2:27:c5:f9:a7:12:4e:c0:aa:39:52:61:9d:a0:
88:aa:45:3b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVx3pauHtkh6uX/fNnfgah9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdhZGViM2RjN2M0MTViYzhlMTBhMmZjODBhNDhmM2ZhYmFjYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwWIAX1DMTqhEqzct2X1xMbQ5zVj
0e7rGlzwUlXkySr1gQ3orpw8PajFEJWfMxGV269GO8oTCBsA5CBv5S1ulli1Uk9S
myVVfJyhqzSUqHlzG5L6TvV6OEk8HLiaXc/F6oJjLR2vZHU6P7uUVSkmYrB+iZ8K
aU/s+NyOLjCgKMUXKzg+tmOk9a6Zmdqkd/DDD/4YvK4BBKxsXb+ov4jdiNg0NMDk
6r2nd9ZYwzT/pz0qWckIXBiN+fLv2pKJoJZD7jyWm6myecYnOy2iIO2yjIVnqxhz
j3X7XU47/D0JbPkAD1o2x2z45k2tj/XFBQhPBykCbp+07F/q1TMwPkoH2QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMh63rPcfEFbyOEKL8gKSPP6usqWMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEveUhyZXM5eDhRVnZJNFFvdnlBcEk4X3E2eXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVZ45AwQD
Ve3AAwQAVe3LMAwDBABV7c0DBAVV7cADBAC5XSADBAG5XSIDBAPBbcADBADCqdkw
DQYJKoZIhvcNAQELBQADggEBAD9LqeNbJNpJOrTdTl7eZ3VJeXIUP62aKUzZI/pu
DI02/4GNfNgfrDBUczEMNiU1nY3hABVKP3axPtKnKTFcQXyDySwFsfsAM9HkxzuA
5oP/xgVAiiOSGANFW5Gtn69WR9FaL/4uATumuXzxUksJFnILCFsZYYzUKbvAd+KC
3EeZMYBzB5Vb9wga379+WIoZQ9fJlEdjZWQjaFgOlmH2pdGngoBUqGDUWqa02ro4
lGg0HTdZh/Yb3DJUY6PxfqGCnHsrSRVR8ix7kj5kPPX2MIQwrFp5odj/asrY2IGz
hbYUkIpILP/6oLXa6HERTbDSJ8X5pxJOwKo5UmGdoIiqRTs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org