Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/2DHtnxTTZALc5fCACc0hfi12iKE.roa
File: 2DHtnxTTZALc5fCACc0hfi12iKE.roa (raw, json)
Hash identifier: ddnGGMTieVXpm5U0Ha8L7C/PbS8juuYC4GC6VZmIj8w=
Subject key identifier: D8:31:ED:9F:14:D3:64:02:DC:E5:F0:80:09:CD:21:7E:2D:76:88:A1
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B30E4B07665F5061033E42CB3D871CF53
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/2DHtnxTTZALc5fCACc0hfi12iKE.roa
Signing time: Sun 15 Oct 2023 01:12:55 +0000
ROA not before: Sun 15 Oct 2023 01:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.93.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:30:e4:b0:76:65:f5:06:10:33:e4:2c:b3:d8:71:cf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 15 01:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d831ed9f14d36402dce5f08009cd217e2d7688a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f9:31:d1:5d:46:49:40:5e:c8:55:de:3c:15:
3f:31:d5:49:e3:02:6e:a7:ce:0b:55:55:95:22:4b:
13:77:b6:f4:f3:a9:9f:25:cd:bd:85:86:f3:14:19:
26:70:eb:be:86:44:bf:53:92:ab:76:86:ed:29:69:
c4:0f:da:40:39:6d:68:0f:02:5b:07:f1:09:81:7d:
70:b7:0f:c4:3e:e1:6e:08:21:8e:47:97:7b:ca:f0:
48:94:99:ab:8b:b3:be:16:49:f5:2f:d0:7d:f1:17:
88:f5:5a:27:b8:b8:e7:d6:a0:9b:d9:25:59:41:af:
3a:44:81:c1:24:14:aa:23:0d:f6:41:d4:b5:3b:5e:
ee:3a:8c:90:7d:1c:73:64:21:32:e2:c5:84:d9:32:
39:da:d4:d3:c1:00:44:94:71:f5:1a:b5:4d:20:6d:
b4:65:c5:44:d5:68:3a:10:33:8f:6a:7d:0f:52:95:
e3:a2:be:7b:be:14:46:9e:6d:30:9e:70:f2:4d:b3:
8e:51:35:a3:fb:a6:cc:9f:e0:6c:19:22:a1:fd:55:
78:76:03:51:9c:f8:5c:0c:07:db:57:9c:b6:7e:c7:
5c:64:90:63:ab:4e:54:47:f4:87:11:9a:63:32:4f:
8c:79:72:43:bb:0a:10:c0:cb:81:b6:ef:bc:53:4b:
2e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:31:ED:9F:14:D3:64:02:DC:E5:F0:80:09:CD:21:7E:2D:76:88:A1
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/2DHtnxTTZALc5fCACc0hfi12iKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.208.0/23
85.237.220.0/23
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a4:8e:a4:cc:af:10:a1:97:87:96:50:ca:ff:df:a1:f7:5e:
44:be:55:2d:ce:8d:03:ab:c4:df:5b:af:8b:21:3c:4c:34:c4:
0d:1f:f9:83:1d:e6:06:c4:80:c1:16:f3:fe:a9:51:24:f1:36:
86:3c:4f:b1:53:42:66:d1:01:67:75:ba:75:4f:69:8a:34:38:
b1:eb:35:9c:14:51:ec:cb:3e:e5:1b:76:b8:1d:85:d3:8f:b8:
aa:79:b0:9a:c4:cd:65:82:26:ad:c4:99:fc:ef:71:b0:4c:0b:
ed:2d:f9:7b:86:8b:c0:02:a5:f3:92:9b:d5:c5:20:3e:7e:e5:
c0:11:ba:0e:64:c0:ce:f0:0a:78:f8:17:04:38:b7:d4:57:5e:
df:8e:41:28:d4:a4:98:36:b3:65:e8:ba:2d:49:3a:53:bb:50:
eb:b1:07:3c:a7:04:03:a3:79:a4:a7:d2:c5:75:7b:a4:cf:cd:
a1:c6:8a:83:06:97:53:7f:ba:62:ec:a4:6f:98:47:74:5f:8d:
2d:95:2f:8a:0a:64:95:73:b5:25:bd:1f:f8:2c:76:ad:30:ce:
b4:e1:d8:32:87:9c:dc:a3:f6:18:93:b0:1c:07:97:fb:21:40:
ec:7e:4f:61:ed:21:e3:ac:0a:54:f3:ec:89:c0:00:01:3c:2e:
7b:77:6c:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsw5LB2ZfUGEDPkLLPYcc9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDE1MDExMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODMxZWQ5ZjE0ZDM2NDAyZGNlNWYwODAwOWNkMjE3ZTJkNzY4OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvkx0V1GSUBeyFXePBU/MdVJ4wJu
p84LVVWVIksTd7b086mfJc29hYbzFBkmcOu+hkS/U5KrdobtKWnED9pAOW1oDwJb
B/EJgX1wtw/EPuFuCCGOR5d7yvBIlJmri7O+Fkn1L9B98ReI9VonuLjn1qCb2SVZ
Qa86RIHBJBSqIw32QdS1O17uOoyQfRxzZCEy4sWE2TI52tTTwQBElHH1GrVNIG20
ZcVE1Wg6EDOPan0PUpXjor57vhRGnm0wnnDyTbOOUTWj+6bMn+BsGSKh/VV4dgNR
nPhcDAfbV5y2fsdcZJBjq05UR/SHEZpjMk+MeXJDuwoQwMuBtu+8U0suEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNgx7Z8U02QC3OXwgAnNIX4tdoihMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvMkRIdG54VFRaQUxjNWZDQUNjMGhmaTEyaUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVZ46AwQB
Ve3QAwQBVe3cAwQAuV0gMA0GCSqGSIb3DQEBCwUAA4IBAQBppI6kzK8QoZeHllDK
/9+h915EvlUtzo0Dq8TfW6+LITxMNMQNH/mDHeYGxIDBFvP+qVEk8TaGPE+xU0Jm
0QFndbp1T2mKNDix6zWcFFHsyz7lG3a4HYXTj7iqebCaxM1lgiatxJn873GwTAvt
Lfl7hovAAqXzkpvVxSA+fuXAEboOZMDO8Ap4+BcEOLfUV17fjkEo1KSYNrNl6Lot
STpTu1DrsQc8pwQDo3mkp9LFdXukz82hxoqDBpdTf7pi7KRvmEd0X40tlS+KCmSV
c7UlvR/4LHatMM604dgyh5zco/YYk7AcB5f7IUDsfk9h7SHjrApU8+yJwAABPC57
d2yJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:45 2025 by rpki-client