Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/nSvozXSJat0GRe0QK4ZsPG-u4Pw.roa
File: nSvozXSJat0GRe0QK4ZsPG-u4Pw.roa (raw, json)
Hash identifier: JyPMkhnT1/OssKcRNssfsrPWUKrYpzNkBdX5MkjjST0=
Subject key identifier: 9D:2B:E8:CD:74:89:6A:DD:06:45:ED:10:2B:86:6C:3C:6F:AE:E0:FC
Certificate issuer: /CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Certificate serial: 1311DDA2
Authority key identifier: 85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/nSvozXSJat0GRe0QK4ZsPG-u4Pw.roa
Signing time: Sat 01 Jan 2022 15:55:09 +0000
ROA not before: Sat 01 Jan 2022 15:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199984
IP address blocks: 185.40.85.0/24 maxlen: 24
185.40.84.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.40.87.0/24 maxlen: 24
185.123.100.0/24 maxlen: 24
185.123.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 319937954 (0x1311dda2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Validity
Not Before: Jan 1 15:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d2be8cd74896add0645ed102b866c3c6faee0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:65:0f:30:dd:eb:7b:a3:72:6b:4e:6d:e3:b4:
8f:e8:50:a9:d9:60:96:72:ad:11:b4:65:f7:a2:b2:
16:b0:cb:8c:b8:a4:7f:b9:16:e1:ac:43:54:18:e5:
0e:d2:d0:60:01:25:20:1b:bd:37:34:08:39:ca:5b:
ec:ec:0a:69:b0:41:25:17:50:fd:3e:6e:cc:01:dd:
d8:9b:c5:2e:75:fb:e2:19:6c:7e:1d:8d:86:04:04:
3c:84:48:e8:34:82:ae:43:bc:7f:81:d2:77:6c:b1:
1f:e7:98:c8:80:56:5f:60:2c:00:28:eb:c2:63:21:
13:1f:fa:e7:3b:41:a3:0d:cd:ca:80:5e:91:50:b2:
9e:bf:35:10:25:60:3e:8b:9b:48:10:ea:ee:cb:07:
94:47:5d:85:f8:3d:73:f5:75:6d:66:59:5b:ae:f2:
d0:ab:87:f3:a5:0e:d6:16:92:3f:3f:3c:3d:71:54:
df:44:a1:75:fb:37:2c:a6:38:a2:79:68:9c:9a:4b:
a1:8d:3c:d9:74:ae:1b:ed:f4:74:5b:1e:19:28:3a:
5d:f4:38:c9:d8:bb:75:e7:57:67:ab:1c:52:8a:d4:
00:22:41:4d:28:02:b0:c6:8a:61:da:d1:9b:4b:b5:
4f:bc:17:46:0d:60:8c:19:e9:79:26:ee:c0:c1:56:
d7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2B:E8:CD:74:89:6A:DD:06:45:ED:10:2B:86:6C:3C:6F:AE:E0:FC
X509v3 Authority Key Identifier:
keyid:85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/nSvozXSJat0GRe0QK4ZsPG-u4Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/hcMT6ZZeqns66b1cvzVm1EpRCX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.84.0/22
185.123.100.0/24
185.123.103.0/24
Signature Algorithm: sha256WithRSAEncryption
89:20:a0:bf:9c:57:5c:2e:f7:31:0e:af:84:53:a1:2d:d4:d4:
f9:9f:18:4e:cc:0e:6c:4e:b5:1d:f5:63:6b:c1:95:46:33:e5:
75:c8:26:5a:90:ec:fe:cd:72:4f:fc:5c:51:d0:50:98:08:75:
17:b3:b3:1d:90:d3:46:e9:eb:6d:4c:95:f0:d3:a0:2e:ac:47:
5c:6b:2b:23:db:84:00:0d:03:bb:65:e7:84:ff:c9:57:50:2f:
af:07:c2:4e:b0:8f:50:9a:77:f7:17:e9:99:8c:23:27:10:62:
70:11:fe:eb:13:b0:10:8b:39:55:5e:b7:b3:96:82:0d:00:25:
6d:d7:f8:4e:21:78:07:12:92:09:67:e4:66:2c:77:28:a5:4e:
c9:a2:92:e5:1b:18:b1:22:61:b5:65:c8:9f:2d:37:8b:e3:c2:
e7:12:c8:af:17:09:f7:cc:11:52:76:00:c0:b5:d2:c7:85:3b:
6a:77:5a:11:db:ff:e2:1d:25:fb:2d:3f:40:e2:63:71:96:bb:
1e:c6:2c:5f:19:24:ee:2b:58:bb:b4:70:a4:03:9b:c8:64:77:
18:80:5c:dd:29:97:af:d6:df:f2:d9:35:09:72:93:4d:35:02:
50:e5:ef:64:3b:f8:0e:a9:ac:37:92:d6:5e:2c:a5:a7:4e:2d:
c2:8d:ee:62
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEExHdojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWMzMTNlOTk2NWVhYTdiM2FlOWJkNWNiZjM1NjZkNDRhNTEwOTdkMB4XDTIyMDEw
MTE1NTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQyYmU4Y2Q3NDg5
NmFkZDA2NDVlZDEwMmI4NjZjM2M2ZmFlZTBmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdlDzDd63ujcmtObeO0j+hQqdlglnKtEbRl96KyFrDLjLik
f7kW4axDVBjlDtLQYAElIBu9NzQIOcpb7OwKabBBJRdQ/T5uzAHd2JvFLnX74hls
fh2NhgQEPIRI6DSCrkO8f4HSd2yxH+eYyIBWX2AsACjrwmMhEx/65ztBow3NyoBe
kVCynr81ECVgPoubSBDq7ssHlEddhfg9c/V1bWZZW67y0KuH86UO1haSPz88PXFU
30Shdfs3LKY4onlonJpLoY082XSuG+30dFseGSg6XfQ4ydi7dedXZ6scUorUACJB
TSgCsMaKYdrRm0u1T7wXRg1gjBnpeSbuwMFW17UCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSdK+jNdIlq3QZF7RArhmw8b67g/DAfBgNVHSMEGDAWgBSFwxPpll6qezrp
vVy/NWbUSlEJfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hjTVQ2WlplcW5zNjZiMWN2elZtMUVwUkNYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvMDU5YTdhLWI1NjktNDY4MC04ZGU1LWRlMjMxMjgwYzJhMS8x
L25Tdm96WFNKYXQwR1JlMFFLNFpzUEctdTRQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
MDU5YTdhLWI1NjktNDY4MC04ZGU1LWRlMjMxMjgwYzJhMS8xL2hjTVQ2WlplcW5z
NjZiMWN2elZtMUVwUkNYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkoVAMEALl7ZAMEALl7ZzANBgkq
hkiG9w0BAQsFAAOCAQEAiSCgv5xXXC73MQ6vhFOhLdTU+Z8YTswObE61HfVja8GV
RjPldcgmWpDs/s1yT/xcUdBQmAh1F7OzHZDTRunrbUyV8NOgLqxHXGsrI9uEAA0D
u2XnhP/JV1AvrwfCTrCPUJp39xfpmYwjJxBicBH+6xOwEIs5VV63s5aCDQAlbdf4
TiF4BxKSCWfkZix3KKVOyaKS5RsYsSJhtWXIny03i+PC5xLIrxcJ98wRUnYAwLXS
x4U7andaEdv/4h0l+y0/QOJjcZa7HsYsXxkk7itYu7RwpAObyGR3GIBc3SmXr9bf
8tk1CXKTTTUCUOXvZDv4DqmsN5LWXiylp04two3uYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org