Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yzZ9rH47TqSDWBEROqd0z1z_ct4.roa
File: yzZ9rH47TqSDWBEROqd0z1z_ct4.roa (raw, json)
Hash identifier: AbJQaP2JTcuMBSeCqnHHR4DPsS2lcLEPB5Ks07NBl4g=
Subject key identifier: CB:36:7D:AC:7E:3B:4E:A4:83:58:11:11:3A:A7:74:CF:5C:FF:72:DE
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018502109A08A2F966A761554AB8261EDDB4
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yzZ9rH47TqSDWBEROqd0z1z_ct4.roa
Signing time: Sun 11 Dec 2022 16:42:00 +0000
ROA not before: Sun 11 Dec 2022 16:42:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.237.192.0/21 maxlen: 24
193.109.192.0/21 maxlen: 24
85.237.206.0/23 maxlen: 24
85.237.205.0/24 maxlen: 24
85.237.203.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.237.208.0/20 maxlen: 24
85.237.213.0/24 maxlen: 24
85.237.215.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
185.93.34.0/23 maxlen: 24
194.169.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:10:9a:08:a2:f9:66:a7:61:55:4a:b8:26:1e:dd:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Dec 11 16:42:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb367dac7e3b4ea4835811113aa774cf5cff72de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:87:e7:73:36:52:78:40:72:f5:f0:00:9a:dc:
01:5f:01:11:30:cb:0f:d6:a2:61:71:2c:ec:2c:df:
53:1c:11:c3:38:1b:8c:75:6d:45:0c:a9:e4:48:be:
fa:7c:98:aa:32:66:7b:5b:dd:09:c1:db:ed:da:fb:
f6:4d:3b:50:45:79:c6:15:27:2e:41:c4:f8:21:f5:
ba:34:9c:ff:85:b6:b9:c4:63:32:1d:c6:fb:9a:75:
b9:11:a4:e0:8d:a8:48:d1:b4:ab:a8:09:d7:47:22:
bb:21:df:bb:53:5f:9f:70:bb:d2:c1:f1:84:fb:a7:
b3:40:0d:39:be:b1:d3:82:1e:90:cd:2a:7b:51:98:
9a:0c:f4:19:83:a0:1e:94:aa:c1:df:d8:3d:b2:7f:
9d:66:79:a5:b7:ef:53:83:af:67:62:31:29:51:b5:
d7:d3:e5:a7:f3:0e:a9:c1:33:6b:44:e0:b1:b4:83:
2b:29:36:1e:dc:15:cc:18:a7:36:df:c7:39:ed:8d:
20:16:ec:ea:90:35:6e:cf:34:ae:11:a6:b9:5c:a1:
89:06:4b:b1:15:4b:40:81:89:30:d2:53:08:b4:2f:
31:ac:94:ca:e8:59:2b:84:63:5e:e5:6c:80:4a:e6:
c7:63:02:cd:39:89:51:f2:db:cf:d8:df:9c:af:1f:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:36:7D:AC:7E:3B:4E:A4:83:58:11:11:3A:A7:74:CF:5C:FF:72:DE
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/yzZ9rH47TqSDWBEROqd0z1z_ct4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
85.237.192.0/21
85.237.203.0/24
85.237.205.0-85.237.223.255
185.93.32.0/24
185.93.34.0/23
193.109.192.0/21
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a1:07:96:36:c4:4e:43:91:4e:03:d4:f3:79:35:50:9d:20:
ed:ea:5e:1f:d9:d1:0b:00:9c:9f:71:47:0f:39:6d:cf:b5:e3:
4e:c9:85:39:40:dc:f3:ec:81:e1:ab:de:ad:c1:73:dc:29:34:
3e:bf:47:72:bc:9f:fd:81:54:89:90:f3:da:cb:57:fc:72:25:
0a:f9:25:31:11:9f:a4:d2:6b:8f:60:7a:e9:e0:30:46:a1:75:
8b:0d:9e:07:f0:72:33:08:c1:99:75:76:30:04:26:82:3e:3f:
3c:29:81:e3:86:1d:e6:50:8b:9b:a6:2d:f7:cb:c1:69:8b:ef:
c3:a4:2c:93:5f:6c:22:13:d8:65:61:61:80:cb:29:92:65:57:
fe:fe:3d:73:ea:dc:05:05:ac:6d:f0:f1:74:60:9c:5a:88:53:
b0:1e:ea:22:84:fd:e4:f7:a2:4d:d3:80:ae:b1:e3:14:50:53:
71:3d:38:22:39:0a:c4:c7:fa:10:bb:54:d5:b9:51:45:bd:00:
2a:b3:82:f4:ff:b0:da:99:49:b5:b8:91:20:a5:a6:3f:98:58:
b2:de:a4:72:bd:a4:7e:23:cb:8f:3c:20:4f:e1:5e:d4:71:5f:
c8:25:14:cb:b3:e5:b4:74:d3:80:fe:a8:88:50:48:d8:0f:21:
93:79:61:87
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYUCEJoIovlmp2FVSrgmHt20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjIxMjExMTY0MjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM2N2RhYzdlM2I0ZWE0ODM1ODExMTEzYWE3NzRjZjVjZmY3MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIfnczZSeEBy9fAAmtwBXwERMMsP
1qJhcSzsLN9THBHDOBuMdW1FDKnkSL76fJiqMmZ7W90Jwdvt2vv2TTtQRXnGFScu
QcT4IfW6NJz/hba5xGMyHcb7mnW5EaTgjahI0bSrqAnXRyK7Id+7U1+fcLvSwfGE
+6ezQA05vrHTgh6QzSp7UZiaDPQZg6AelKrB39g9sn+dZnmlt+9Tg69nYjEpUbXX
0+Wn8w6pwTNrROCxtIMrKTYe3BXMGKc238c57Y0gFuzqkDVuzzSuEaa5XKGJBkux
FUtAgYkw0lMItC8xrJTK6FkrhGNe5WyASubHYwLNOYlR8tvP2N+crx9zjQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMs2fax+O06kg1gRETqndM9c/3LeMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEveXpaOXJINDdUcVNEV0JFUk9xZDB6MXpfY3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVZ45AwQD
Ve3AAwQAVe3LMAwDBABV7c0DBAVV7cADBAC5XSADBAG5XSIDBAPBbcADBADCqdkw
DQYJKoZIhvcNAQELBQADggEBAGWhB5Y2xE5DkU4D1PN5NVCdIO3qXh/Z0QsAnJ9x
Rw85bc+1407JhTlA3PPsgeGr3q3Bc9wpND6/R3K8n/2BVImQ89rLV/xyJQr5JTER
n6TSa49geungMEahdYsNngfwcjMIwZl1djAEJoI+PzwpgeOGHeZQi5umLffLwWmL
78OkLJNfbCIT2GVhYYDLKZJlV/7+PXPq3AUFrG3w8XRgnFqIU7Ae6iKE/eT3ok3T
gK6x4xRQU3E9OCI5CsTH+hC7VNW5UUW9ACqzgvT/sNqZSbW4kSClpj+YWLLepHK9
pH4jy488IE/hXtRxX8glFMuz5bR004D+qIhQSNgPIZN5YYc=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:03 2023 by rpki-client on console.sobornost.net