Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/QiYckk1TuondZlb-xnHGuNqURSs.roa
File: QiYckk1TuondZlb-xnHGuNqURSs.roa (raw, json)
Hash identifier: 361Ji7AOHdVQoNlqyaSr/9hRnOmnizQhe+iGC7Ksq44=
Subject key identifier: 42:26:1C:92:4D:53:BA:89:DD:66:56:FE:C6:71:C6:B8:DA:94:45:2B
Certificate issuer: /CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Certificate serial: 0185729ED3EEF104905158AFB24FA38BCD7C
Authority key identifier: 85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/QiYckk1TuondZlb-xnHGuNqURSs.roa
Signing time: Mon 02 Jan 2023 13:14:49 +0000
ROA not before: Mon 02 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199984
IP address blocks: 185.40.85.0/24 maxlen: 24
185.40.84.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.40.87.0/24 maxlen: 24
185.123.103.0/24 maxlen: 24
185.123.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d3:ee:f1:04:90:51:58:af:b2:4f:a3:8b:cd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Validity
Not Before: Jan 2 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42261c924d53ba89dd6656fec671c6b8da94452b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3f:60:63:76:9e:14:fa:31:5b:e2:20:28:1c:
d3:f1:92:fa:c2:aa:cd:ba:34:32:39:95:fe:02:58:
c1:13:2e:29:60:aa:df:f8:8d:2a:81:47:61:d8:76:
b1:76:ee:44:6d:c2:44:6e:97:27:e3:09:e0:b7:31:
39:1f:4b:db:c2:32:3f:f2:2e:d3:e7:91:a6:17:3f:
c4:1d:87:4d:44:68:48:41:9f:09:8b:cf:62:58:59:
b0:6f:ca:1a:1b:8d:d7:81:0c:7c:0e:64:88:73:da:
58:6d:e1:32:f3:83:46:32:b9:2a:d8:09:e4:78:82:
6a:1d:87:b5:d2:eb:09:65:2d:00:0d:d1:f6:c1:bb:
07:55:1e:da:92:a4:17:1a:44:fc:d6:91:06:83:e7:
15:25:0c:14:91:36:97:fe:8a:9a:61:4e:63:36:0f:
75:d6:d1:12:3f:d2:9a:18:4a:57:0a:6b:63:5d:65:
b5:e9:5d:1d:e3:5c:6e:51:97:aa:e9:02:8e:64:aa:
85:07:02:04:cc:1b:8b:45:76:c7:b4:0c:df:98:a8:
b8:22:76:87:db:e5:02:3c:05:23:0c:f8:e0:28:67:
ad:0f:88:4c:0b:7e:3a:e7:14:a5:e1:51:f8:3f:6a:
2d:c0:03:f3:91:d9:d9:69:57:86:38:91:17:e2:b9:
c8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:26:1C:92:4D:53:BA:89:DD:66:56:FE:C6:71:C6:B8:DA:94:45:2B
X509v3 Authority Key Identifier:
keyid:85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/QiYckk1TuondZlb-xnHGuNqURSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/hcMT6ZZeqns66b1cvzVm1EpRCX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.84.0/22
185.123.100.0/24
185.123.103.0/24
Signature Algorithm: sha256WithRSAEncryption
82:b6:ad:11:13:92:c3:32:0f:d0:3f:08:e8:4f:a6:96:e7:82:
44:f6:8c:c6:bb:20:4a:bc:8b:81:83:bc:0d:21:d0:4e:e9:e4:
d7:54:a4:52:2a:86:51:3f:9b:55:97:d6:a9:e9:2a:a5:77:38:
65:55:da:3b:f0:0d:97:38:c0:a8:2a:9c:88:e0:6d:00:ca:cb:
e2:17:17:17:69:d9:83:c1:88:bc:90:80:81:76:0b:36:b1:88:
99:2f:74:ad:35:e9:03:75:25:49:75:f6:d3:56:88:1a:6f:36:
f0:7f:dc:c3:38:f9:22:c9:d3:cb:af:5f:5e:ff:f8:71:ad:43:
f8:d7:15:06:1f:1d:8e:44:59:7b:fb:d1:d6:40:7c:b5:9e:fb:
87:0c:58:86:c4:8b:f3:49:e4:94:41:ce:52:04:e3:3f:e9:fd:
0c:22:55:88:3c:31:83:9f:ce:24:65:38:bc:1f:26:2c:a5:78:
88:79:a9:59:46:df:48:d2:b8:12:28:12:76:c0:eb:21:12:31:
c5:b4:1a:fd:e8:67:7d:a7:bf:3d:cf:19:db:18:f8:8d:40:80:
2f:05:a3:3e:f4:cc:65:ef:41:16:ce:e6:2a:ce:47:42:00:7d:
48:1e:67:6b:26:3d:e9:49:bc:81:ba:32:d8:c5:f1:53:73:f1:
89:18:51:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyntPu8QSQUVivsk+ji818MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzMxM2U5OTY1ZWFhN2IzYWU5YmQ1Y2JmMzU2NmQ0NGE1
MTA5N2QwHhcNMjMwMTAyMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjI2MWM5MjRkNTNiYTg5ZGQ2NjU2ZmVjNjcxYzZiOGRhOTQ0NTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj9gY3aeFPoxW+IgKBzT8ZL6wqrN
ujQyOZX+AljBEy4pYKrf+I0qgUdh2Haxdu5EbcJEbpcn4wngtzE5H0vbwjI/8i7T
55GmFz/EHYdNRGhIQZ8Ji89iWFmwb8oaG43XgQx8DmSIc9pYbeEy84NGMrkq2Ank
eIJqHYe10usJZS0ADdH2wbsHVR7akqQXGkT81pEGg+cVJQwUkTaX/oqaYU5jNg91
1tESP9KaGEpXCmtjXWW16V0d41xuUZeq6QKOZKqFBwIEzBuLRXbHtAzfmKi4InaH
2+UCPAUjDPjgKGetD4hMC3465xSl4VH4P2otwAPzkdnZaVeGOJEX4rnI6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEImHJJNU7qJ3WZW/sZxxrjalEUrMB8GA1UdIwQY
MBaAFIXDE+mWXqp7Oum9XL81ZtRKUQl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNNVDZaWmVxbnM2NmIxY3Z6Vm0xRXBSQ1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wNTlhN2EtYjU2OS00NjgwLThkZTUt
ZGUyMzEyODBjMmExLzEvUWlZY2trMVR1b25kWmxiLXhuSEd1TnFVUlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wNTlhN2EtYjU2OS00NjgwLThkZTUtZGUyMzEyODBjMmEx
LzEvaGNNVDZaWmVxbnM2NmIxY3Z6Vm0xRXBSQ1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuShUAwQA
uXtkAwQAuXtnMA0GCSqGSIb3DQEBCwUAA4IBAQCCtq0RE5LDMg/QPwjoT6aW54JE
9ozGuyBKvIuBg7wNIdBO6eTXVKRSKoZRP5tVl9ap6SqldzhlVdo78A2XOMCoKpyI
4G0AysviFxcXadmDwYi8kICBdgs2sYiZL3StNekDdSVJdfbTVogabzbwf9zDOPki
ydPLr19e//hxrUP41xUGHx2ORFl7+9HWQHy1nvuHDFiGxIvzSeSUQc5SBOM/6f0M
IlWIPDGDn84kZTi8HyYspXiIealZRt9I0rgSKBJ2wOshEjHFtBr96Gd9p789zxnb
GPiNQIAvBaM+9Mxl70EWzuYqzkdCAH1IHmdrJj3pSbyBujLYxfFTc/GJGFFg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org