Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/04lNTYAYtA9syW2dWJ710Zf-1yU.roa
File: 04lNTYAYtA9syW2dWJ710Zf-1yU.roa (raw, json)
Hash identifier: 9l1LtODh2dDHG4PYt89RxW3witbkwpCHVALs/xWwzXQ=
Subject key identifier: D3:89:4D:4D:80:18:B4:0F:6C:C9:6D:9D:58:9E:F5:D1:97:FE:D7:25
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B9E1B624F8BD5DC426D60B2B4AF8C5000
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/04lNTYAYtA9syW2dWJ710Zf-1yU.roa
Signing time: Sun 05 Nov 2023 06:11:16 +0000
ROA not before: Sun 05 Nov 2023 06:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.100.214.0/24 maxlen: 24
85.158.58.0/23 maxlen: 23
85.237.208.0/23 maxlen: 23
85.237.220.0/23 maxlen: 23
85.237.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9e:1b:62:4f:8b:d5:dc:42:6d:60:b2:b4:af:8c:50:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Nov 5 06:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3894d4d8018b40f6cc96d9d589ef5d197fed725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5a:b9:bb:2e:78:94:ba:f4:96:6a:eb:77:3b:
c8:4b:df:a4:f0:4f:f3:39:18:3d:c1:76:fe:71:98:
d6:4f:58:b5:5a:d7:67:3a:27:b6:09:6c:33:c9:d2:
4a:c2:2c:6c:69:7c:64:2f:3a:ea:d3:4b:38:1e:ae:
c9:99:af:a1:86:4e:b5:8a:2e:7c:74:8e:47:10:fb:
cb:9d:cc:2d:7a:c0:03:0c:1a:08:0f:32:00:9f:2d:
2e:2c:1e:10:79:4f:bc:04:98:cf:51:2a:a2:17:82:
bc:3d:28:be:1b:8b:af:e5:6e:bd:56:97:35:57:34:
c5:9d:fb:b5:df:da:f9:44:b6:b6:8e:7b:c1:39:5d:
71:5c:8a:23:9e:52:55:e4:e9:e9:69:81:ab:db:21:
50:ae:75:45:d4:6e:c8:53:33:b7:44:4c:e4:04:81:
51:57:2b:28:df:29:4e:cf:bb:1a:65:37:f4:17:d5:
86:a6:88:44:66:3d:21:1a:cb:0b:5c:6e:3b:00:14:
fd:41:09:17:0a:8b:43:58:14:76:9d:48:15:ff:7a:
41:56:d7:85:90:a6:aa:ae:93:d1:32:72:b9:94:7f:
65:ab:23:be:81:4a:28:61:95:b7:44:79:29:cf:12:
ad:b9:1d:44:d6:a0:60:87:29:b7:00:40:58:ab:bb:
cc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:89:4D:4D:80:18:B4:0F:6C:C9:6D:9D:58:9E:F5:D1:97:FE:D7:25
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/04lNTYAYtA9syW2dWJ710Zf-1yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.208.0/23
85.237.220.0-85.237.222.255
185.100.214.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:fa:59:4b:be:cb:e8:d8:29:50:05:d9:52:35:b2:02:03:
09:2c:75:c9:3b:22:9b:f7:af:e9:50:f2:97:e1:14:2a:fb:38:
fd:21:d4:55:8c:db:07:44:e4:0e:47:be:1c:f6:6f:3e:63:e1:
25:15:e0:14:03:59:c1:cc:39:09:a9:94:bf:89:d5:cc:35:70:
47:2c:1e:e3:6e:2c:33:13:69:0b:bf:31:a2:d6:4b:a2:e2:14:
80:10:7e:73:43:91:6a:45:0a:95:85:1b:8d:6a:a4:a1:fb:eb:
11:0e:6e:b6:bd:4f:33:d3:98:53:6f:3c:f2:d9:67:de:83:a0:
a6:1f:b7:7a:00:f7:ba:25:b8:10:21:6a:ec:8c:d9:08:44:36:
0f:86:92:41:b6:d3:84:13:a6:58:44:53:26:0c:51:6c:18:ca:
cb:34:66:5a:e0:44:d4:ea:47:0f:fb:08:b3:f1:42:64:e2:a0:
90:af:9f:f8:77:67:91:cb:16:aa:42:1a:4b:eb:40:38:29:ec:
40:df:6b:02:f7:3c:c9:be:a2:98:9a:73:24:fb:9b:04:12:22:
6b:ed:b7:97:49:dd:92:03:60:0d:63:19:6f:33:b8:10:31:7f:
db:ef:59:78:9e:2c:80:ce:f6:4e:30:58:7f:82:39:14:a3:56:
be:b5:6c:ae
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYueG2JPi9XcQm1gsrSvjFAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMTA1MDYxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg5NGQ0ZDgwMThiNDBmNmNjOTZkOWQ1ODllZjVkMTk3ZmVkNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1q5uy54lLr0lmrrdzvIS9+k8E/z
ORg9wXb+cZjWT1i1WtdnOie2CWwzydJKwixsaXxkLzrq00s4Hq7Jma+hhk61ii58
dI5HEPvLncwtesADDBoIDzIAny0uLB4QeU+8BJjPUSqiF4K8PSi+G4uv5W69Vpc1
VzTFnfu139r5RLa2jnvBOV1xXIojnlJV5OnpaYGr2yFQrnVF1G7IUzO3REzkBIFR
Vyso3ylOz7saZTf0F9WGpohEZj0hGssLXG47ABT9QQkXCotDWBR2nUgV/3pBVteF
kKaqrpPRMnK5lH9lqyO+gUooYZW3RHkpzxKtuR1E1qBghym3AEBYq7vMJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNOJTU2AGLQPbMltnVie9dGX/tclMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvMDRsTlRZQVl0QTlzeVcyZFdKNzEwWmYtMXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVZ46AwQB
Ve3QMAwDBAJV7dwDBABV7d4DBAC5ZNYwDQYJKoZIhvcNAQELBQADggEBAHr4+llL
vsvo2ClQBdlSNbICAwksdck7Ipv3r+lQ8pfhFCr7OP0h1FWM2wdE5A5Hvhz2bz5j
4SUV4BQDWcHMOQmplL+J1cw1cEcsHuNuLDMTaQu/MaLWS6LiFIAQfnNDkWpFCpWF
G41qpKH76xEObra9TzPTmFNvPPLZZ96DoKYft3oA97oluBAhauyM2QhENg+GkkG2
04QTplhEUyYMUWwYyss0ZlrgRNTqRw/7CLPxQmTioJCvn/h3Z5HLFqpCGkvrQDgp
7EDfawL3PMm+opiacyT7mwQSImvtt5dJ3ZIDYA1jGW8zuBAxf9vvWXieLIDO9k4w
WH+CORSjVr61bK4=
-----END CERTIFICATE-----
Generated at Wed Nov 8 07:16:17 2023 by rpki-client on console-fra.rpki-client.org