Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/EXGA0nMQU6AcHMcXQW6hpnygzyk.roa
File: EXGA0nMQU6AcHMcXQW6hpnygzyk.roa (raw, json)
Hash identifier: hLU3pM1jrwW1bleil9hmR/vItcNKjs8YByu9A5TDYRQ=
Subject key identifier: 11:71:80:D2:73:10:53:A0:1C:1C:C7:17:41:6E:A1:A6:7C:A0:CF:29
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B837C30A92C4902F15EE175CE35BA7CAE
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/EXGA0nMQU6AcHMcXQW6hpnygzyk.roa
Signing time: Tue 31 Oct 2023 02:07:16 +0000
ROA not before: Tue 31 Oct 2023 02:07:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
85.237.222.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:7c:30:a9:2c:49:02:f1:5e:e1:75:ce:35:ba:7c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 31 02:07:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=117180d2731053a01c1cc717416ea1a67ca0cf29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8b:f8:2b:0a:b4:21:e9:90:3e:5a:77:75:d2:
a5:2e:ca:6e:d3:1a:72:22:57:cb:0f:be:d8:06:a8:
61:e2:4b:93:06:06:3d:18:c1:12:31:70:49:b8:e5:
19:f3:cb:c6:13:11:c6:a0:f1:d6:dc:61:2d:15:9f:
94:9b:5f:e7:10:ab:ed:1c:79:6c:fb:76:42:d7:47:
04:35:1e:ff:9a:8f:18:45:64:98:22:d6:fe:95:eb:
32:88:9c:dd:43:ad:bf:37:42:63:30:c2:7e:d3:f2:
16:2b:44:07:b8:94:f7:74:1c:5e:c3:71:01:44:75:
b1:c4:61:39:5b:f9:d9:9b:ee:46:4e:6a:a3:ce:51:
06:21:06:9f:5c:71:a1:eb:ba:2b:3b:c4:82:17:0b:
d3:d1:c4:b4:2a:28:5c:c6:36:66:99:16:0e:7d:23:
a8:76:63:3d:a1:be:16:02:b5:15:5b:71:96:e4:ac:
f5:f6:02:17:ec:7b:22:ab:83:0e:be:ae:71:91:7a:
98:9b:0b:dd:71:4e:2c:1d:f6:f8:ac:8e:f3:63:c3:
57:b9:af:b4:08:b1:71:d5:83:36:4c:8c:4b:6a:eb:
cc:ae:04:eb:5d:33:4c:31:d3:e0:6f:ca:63:0c:25:
a0:11:72:98:67:41:4f:7c:93:01:d2:d4:7f:30:f7:
9e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:71:80:D2:73:10:53:A0:1C:1C:C7:17:41:6E:A1:A6:7C:A0:CF:29
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/EXGA0nMQU6AcHMcXQW6hpnygzyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.208.0/23
85.237.211.0/24
85.237.220.0-85.237.222.255
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
92:6b:e2:50:92:de:d0:a2:cb:b4:e6:05:82:1c:45:a6:f8:df:
99:d1:4f:1a:35:4f:7e:91:41:70:76:3e:d1:51:c7:d0:5b:5d:
4b:a5:cf:04:51:b8:0d:27:68:93:0d:e7:2f:84:48:29:48:a4:
aa:ae:01:ca:b4:0a:59:56:77:f2:30:41:ba:94:7e:1a:2d:31:
73:76:35:80:cf:9b:f9:1d:4a:bd:4e:e3:ef:d7:5d:a7:fd:02:
e6:17:6d:27:d4:e1:9b:30:d2:f7:03:5a:32:48:c3:2a:41:6d:
81:ae:18:fa:07:b3:e7:50:89:e9:78:a2:f1:33:a0:59:0f:8d:
c4:0d:ca:6e:5c:ad:c4:f6:3b:a3:1f:fa:1b:5e:72:7c:9c:d9:
46:31:9d:b3:bf:b4:04:30:34:b9:bd:d7:d6:be:31:03:ae:75:
e9:9c:f2:49:64:e2:8f:de:3e:4e:b5:10:43:c2:2e:99:5f:78:
bb:94:d7:da:b5:5c:f7:93:45:81:2c:ee:4f:99:be:1f:8d:c7:
13:9b:72:85:d5:16:6d:00:91:74:41:4d:05:9f:a9:09:c2:d4:
10:38:db:26:c2:9d:b9:42:fc:67:7b:c0:c1:e5:c4:f0:02:da:
08:53:83:81:52:e8:e2:65:8e:f2:fb:2a:42:7c:b0:88:2e:29:
92:b7:0f:43
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYuDfDCpLEkC8V7hdc41unyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDMxMDIwNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTcxODBkMjczMTA1M2EwMWMxY2M3MTc0MTZlYTFhNjdjYTBjZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ov4Kwq0IemQPlp3ddKlLspu0xpy
IlfLD77YBqhh4kuTBgY9GMESMXBJuOUZ88vGExHGoPHW3GEtFZ+Um1/nEKvtHHls
+3ZC10cENR7/mo8YRWSYItb+lesyiJzdQ62/N0JjMMJ+0/IWK0QHuJT3dBxew3EB
RHWxxGE5W/nZm+5GTmqjzlEGIQafXHGh67orO8SCFwvT0cS0KihcxjZmmRYOfSOo
dmM9ob4WArUVW3GW5Kz19gIX7Hsiq4MOvq5xkXqYmwvdcU4sHfb4rI7zY8NXua+0
CLFx1YM2TIxLauvMrgTrXTNMMdPgb8pjDCWgEXKYZ0FPfJMB0tR/MPeeEwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBFxgNJzEFOgHBzHF0FuoaZ8oM8pMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvRVhHQTBuTVFVNkFjSE1jWFFXNmhwbnlnenlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVZ46AwQB
Ve3QAwQAVe3TMAwDBAJV7dwDBABV7d4DBAC5XSAwDQYJKoZIhvcNAQELBQADggEB
AJJr4lCS3tCiy7TmBYIcRab435nRTxo1T36RQXB2PtFRx9BbXUulzwRRuA0naJMN
5y+ESClIpKquAcq0CllWd/IwQbqUfhotMXN2NYDPm/kdSr1O4+/XXaf9AuYXbSfU
4Zsw0vcDWjJIwypBbYGuGPoHs+dQiel4ovEzoFkPjcQNym5crcT2O6Mf+htecnyc
2UYxnbO/tAQwNLm919a+MQOudemc8klk4o/ePk61EEPCLplfeLuU19q1XPeTRYEs
7k+Zvh+NxxObcoXVFm0AkXRBTQWfqQnC1BA42ybCnblC/Gd7wMHlxPAC2ghTg4FS
6OJljvL7KkJ8sIguKZK3D0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:00 2024 by rpki-client on console-fra.rpki-client.org