Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/zywMK1glgY3VqENuTLNLW38L-Mw.roa
File: zywMK1glgY3VqENuTLNLW38L-Mw.roa (raw, json)
Hash identifier: ec4G01qCUeUSQGJ9rRoHfmS54sXPxDKvPaX9i+nOMDA=
Subject key identifier: CF:2C:0C:2B:58:25:81:8D:D5:A8:43:6E:4C:B3:4B:5B:7F:0B:F8:CC
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 0188A3A693E3C341DF1F1A184E8A64785109
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/zywMK1glgY3VqENuTLNLW38L-Mw.roa
Signing time: Sat 10 Jun 2023 04:53:03 +0000
ROA not before: Sat 10 Jun 2023 04:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.109.194.0/24 maxlen: 24
85.237.200.0/24 maxlen: 24
85.158.56.0/24 maxlen: 24
85.237.213.0/24 maxlen: 24
185.89.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a3:a6:93:e3:c3:41:df:1f:1a:18:4e:8a:64:78:51:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jun 10 04:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf2c0c2b5825818dd5a8436e4cb34b5b7f0bf8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c1:84:ed:a9:92:9b:d7:fc:1f:b5:c4:6b:16:
c2:c4:84:41:82:ba:05:d1:55:62:3d:81:b3:d3:92:
ae:b4:c9:38:5d:cf:7e:b4:64:a6:a2:37:0a:99:35:
4d:b4:20:58:c5:f7:54:9e:d9:c1:b2:81:58:56:0e:
ee:a0:b1:52:07:ad:c2:ac:04:93:da:7a:ac:03:3a:
67:ce:7e:c1:46:cd:64:0d:38:49:c1:7e:59:af:48:
d7:8f:7b:4f:c6:62:3f:24:0d:f1:32:c9:fc:41:e4:
8d:88:78:78:ad:ff:4e:7b:d5:78:5d:66:b9:9b:1b:
0a:c3:f3:60:44:25:33:15:d5:cd:7e:54:12:99:3d:
b9:a4:55:fd:70:c4:45:e2:dc:b7:9c:71:ec:a7:03:
ec:1a:5a:e3:21:e2:68:f9:c5:80:84:c3:dc:e4:8b:
99:e3:11:c9:ae:be:a0:63:5a:93:a1:4e:42:b6:56:
35:d3:4b:d1:72:92:12:fd:f5:1b:4c:60:4e:b2:07:
5c:1c:d2:6d:84:95:11:25:fe:33:7d:32:39:50:55:
bb:a7:8d:08:fb:68:55:25:3b:4e:98:c9:69:19:79:
be:0d:5a:43:d6:2f:0e:2d:e2:72:34:ea:0a:ca:1e:
84:39:96:e6:71:be:4b:ea:ae:49:63:27:49:9c:da:
3e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2C:0C:2B:58:25:81:8D:D5:A8:43:6E:4C:B3:4B:5B:7F:0B:F8:CC
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/zywMK1glgY3VqENuTLNLW38L-Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.56.0/24
85.237.200.0/24
85.237.213.0/24
185.89.77.0/24
193.109.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:3c:a0:e7:b9:0b:aa:16:c2:17:e4:1f:c1:f9:26:bd:15:8c:
ef:6f:41:b1:7a:72:15:53:1d:3f:c5:51:4b:2c:c9:c7:dd:32:
86:4f:e9:e8:da:d4:49:9b:a3:4d:46:0e:26:e1:cb:7a:05:28:
52:83:8a:de:1b:3e:bd:a3:c6:ba:6d:1a:f3:4a:c9:d3:64:1a:
d9:28:47:a3:73:5c:80:69:4b:9f:80:80:b8:70:94:5b:65:6e:
3b:ab:3b:d9:4f:18:b4:75:b7:dd:8f:dc:42:79:e7:dd:72:a0:
a7:26:af:78:0f:5c:e5:ab:2b:ad:5d:53:af:df:be:18:dc:e1:
f1:ed:63:89:26:4a:7f:97:16:17:0b:d1:e8:71:19:ff:52:a7:
9e:c4:02:dd:4e:e6:3f:37:20:cf:89:e8:53:e6:64:4b:97:d6:
ca:69:5e:92:2c:4c:a7:12:01:55:37:8f:eb:7d:45:b2:f0:2a:
b7:a7:69:06:16:11:0e:74:9b:fa:42:97:d5:b2:64:78:f3:2d:
60:a9:06:64:a8:2f:7a:16:d5:61:72:29:83:36:3c:b3:95:17:
c1:a7:99:23:34:4b:f7:63:23:2c:c9:ec:c0:23:6f:e5:22:64:
db:a0:88:4e:d4:bd:98:2b:66:10:20:02:75:2e:07:55:08:25:
1c:1c:d8:1c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYijppPjw0HfHxoYTopkeFEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNjEwMDQ1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJjMGMyYjU4MjU4MThkZDVhODQzNmU0Y2IzNGI1YjdmMGJmOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsGE7amSm9f8H7XEaxbCxIRBgroF
0VViPYGz05KutMk4Xc9+tGSmojcKmTVNtCBYxfdUntnBsoFYVg7uoLFSB63CrAST
2nqsAzpnzn7BRs1kDThJwX5Zr0jXj3tPxmI/JA3xMsn8QeSNiHh4rf9Oe9V4XWa5
mxsKw/NgRCUzFdXNflQSmT25pFX9cMRF4ty3nHHspwPsGlrjIeJo+cWAhMPc5IuZ
4xHJrr6gY1qToU5CtlY100vRcpIS/fUbTGBOsgdcHNJthJURJf4zfTI5UFW7p40I
+2hVJTtOmMlpGXm+DVpD1i8OLeJyNOoKyh6EOZbmcb5L6q5JYydJnNo+mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM8sDCtYJYGN1ahDbkyzS1t/C/jMMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvenl3TUsxZ2xnWTNWcUVOdVRMTkxXMzhMLU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVZ44AwQA
Ve3IAwQAVe3VAwQAuVlNAwQAwW3CMA0GCSqGSIb3DQEBCwUAA4IBAQCdPKDnuQuq
FsIX5B/B+Sa9FYzvb0GxenIVUx0/xVFLLMnH3TKGT+no2tRJm6NNRg4m4ct6BShS
g4reGz69o8a6bRrzSsnTZBrZKEejc1yAaUufgIC4cJRbZW47qzvZTxi0dbfdj9xC
eefdcqCnJq94D1zlqyutXVOv374Y3OHx7WOJJkp/lxYXC9HocRn/UqeexALdTuY/
NyDPiehT5mRLl9bKaV6SLEynEgFVN4/rfUWy8Cq3p2kGFhEOdJv6QpfVsmR48y1g
qQZkqC96FtVhcimDNjyzlRfBp5kjNEv3YyMsyezAI2/lImTboIhO1L2YK2YQIAJ1
LgdVCCUcHNgc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org