Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Edf2sNSUW0mHown0Ay4io_b0_U8.roa
File: Edf2sNSUW0mHown0Ay4io_b0_U8.roa (raw, json)
Hash identifier: Y8X5qMYG1l3DRLD4onuACW0f3BOmbDwPujrNsBxzgns=
Subject key identifier: 11:D7:F6:B0:D4:94:5B:49:87:A3:09:F4:03:2E:22:A3:F6:F4:FD:4F
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018AF821DF4F62B04120E02CB9AEB530229F
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Edf2sNSUW0mHown0Ay4io_b0_U8.roa
Signing time: Wed 04 Oct 2023 00:41:24 +0000
ROA not before: Wed 04 Oct 2023 00:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.194.0/24 maxlen: 24
193.109.196.0/24 maxlen: 24
85.237.204.0/24 maxlen: 24
85.237.206.0/23 maxlen: 23
85.237.202.0/24 maxlen: 24
85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.208.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.139.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f8:21:df:4f:62:b0:41:20:e0:2c:b9:ae:b5:30:22:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 4 00:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11d7f6b0d4945b4987a309f4032e22a3f6f4fd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:d1:40:dc:fe:0d:60:34:09:c7:bc:7c:26:
1e:bc:89:6e:d3:fc:0a:dd:6a:e8:c8:68:75:3d:44:
2a:03:d7:20:97:60:c7:99:16:8b:68:d5:54:eb:b6:
bc:73:e0:76:e4:ed:dd:0e:d6:44:84:56:3d:d7:2c:
83:40:6e:37:ab:37:cf:c7:bf:e7:98:61:a6:e8:2a:
a9:4d:c3:31:b2:d4:2a:a0:e9:37:1f:3f:9f:86:50:
27:f1:cf:db:f0:e6:74:42:d4:d6:ab:d3:1a:a3:22:
02:4c:dc:03:2b:3f:54:2b:8b:95:93:e1:2f:1b:af:
87:33:fc:c6:cf:0d:88:cf:42:12:24:d7:0a:20:9a:
c4:5e:49:90:f9:df:8d:be:33:46:22:95:32:58:bb:
d5:26:ce:70:8f:ba:b7:e4:6d:1c:ea:bc:cf:9a:30:
1f:67:7c:32:13:1e:c6:f0:8d:7d:a3:d8:d4:04:1d:
73:e4:54:bd:3e:8c:f4:b7:4e:3d:25:3a:21:4f:16:
09:87:36:51:03:e8:c9:43:19:e5:41:9e:20:a1:90:
5b:a7:a4:c4:5c:03:1d:5b:a4:76:0a:62:95:90:89:
75:4b:5b:6e:88:e9:a4:c3:ef:13:d8:ef:bd:ea:48:
ae:8f:22:7d:2e:01:d4:59:2a:8b:b8:59:5f:2a:76:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D7:F6:B0:D4:94:5B:49:87:A3:09:F4:03:2E:22:A3:F6:F4:FD:4F
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Edf2sNSUW0mHown0Ay4io_b0_U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.202.0/24
85.237.204.0/24
85.237.206.0-85.237.209.255
85.237.220.0/23
185.139.26.0/24
193.109.194.0/24
193.109.196.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:a2:bc:52:6a:57:5a:a7:cf:66:5a:d7:24:1d:f9:f1:94:d2:
31:e4:c4:db:b0:77:b1:b0:ae:0c:81:20:d7:c8:a9:4e:5f:8a:
0f:79:b3:36:da:0b:a8:a5:4c:81:69:28:e5:4a:7d:81:73:dc:
e2:fd:d8:75:ba:bf:60:72:95:bf:f6:3d:11:37:7c:6e:bc:ac:
13:c0:1d:aa:9d:6f:ac:9a:76:45:e6:85:6d:ba:11:69:47:02:
2b:47:3d:01:03:d1:06:c0:52:5c:94:b2:56:53:7f:89:60:e0:
44:96:15:bb:a4:c6:6f:b9:fa:8b:2d:66:59:70:0e:e1:52:a0:
94:a7:d8:bb:d7:90:e9:a7:3a:2a:ad:cd:3f:08:3d:c3:ba:bb:
5b:46:f3:6e:61:ac:3f:90:4a:f9:8b:dd:61:38:9d:e6:01:90:
49:ea:2e:84:f2:d2:8f:54:08:02:eb:08:1c:4e:95:99:bc:ba:
fb:d8:b1:ab:30:23:7d:41:6b:40:73:66:c5:3f:15:84:a7:79:
93:87:1e:87:f6:c3:13:c5:45:73:6c:11:e4:97:5b:53:03:d8:
40:55:ba:07:3e:31:69:0a:e3:f9:7b:52:64:b5:3e:82:36:c7:
00:ed:4a:0e:71:c4:f9:5d:c1:d8:00:3f:57:50:96:3f:8d:60:
d2:c5:bb:9a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYr4Id9PYrBBIOAsua61MCKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDA0MDA0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQ3ZjZiMGQ0OTQ1YjQ5ODdhMzA5ZjQwMzJlMjJhM2Y2ZjRmZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT3RQNz+DWA0Cce8fCYevIlu0/wK
3WroyGh1PUQqA9cgl2DHmRaLaNVU67a8c+B25O3dDtZEhFY91yyDQG43qzfPx7/n
mGGm6CqpTcMxstQqoOk3Hz+fhlAn8c/b8OZ0QtTWq9MaoyICTNwDKz9UK4uVk+Ev
G6+HM/zGzw2Iz0ISJNcKIJrEXkmQ+d+NvjNGIpUyWLvVJs5wj7q35G0c6rzPmjAf
Z3wyEx7G8I19o9jUBB1z5FS9Poz0t049JTohTxYJhzZRA+jJQxnlQZ4goZBbp6TE
XAMdW6R2CmKVkIl1S1tuiOmkw+8T2O+96kiujyJ9LgHUWSqLuFlfKnZVGwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBHX9rDUlFtJh6MJ9AMuIqP29P1PMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvRWRmMnNOU1VXMG1Ib3duMEF5NGlvX2IwX1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBVZ46AwQA
Ve3KAwQAVe3MMAwDBAFV7c4DBAFV7dADBAFV7dwDBAC5ixoDBADBbcIDBADBbcQw
DQYJKoZIhvcNAQELBQADggEBAIuivFJqV1qnz2Za1yQd+fGU0jHkxNuwd7GwrgyB
INfIqU5fig95szbaC6ilTIFpKOVKfYFz3OL92HW6v2Bylb/2PRE3fG68rBPAHaqd
b6yadkXmhW26EWlHAitHPQED0QbAUlyUslZTf4lg4ESWFbukxm+5+ostZllwDuFS
oJSn2LvXkOmnOiqtzT8IPcO6u1tG825hrD+QSvmL3WE4neYBkEnqLoTy0o9UCALr
CBxOlZm8uvvYsaswI31Ba0BzZsU/FYSneZOHHof2wxPFRXNsEeSXW1MD2EBVugc+
MWkK4/l7UmS1PoI2xwDtSg5xxPldwdgAP1dQlj+NYNLFu5o=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:26 2025 by rpki-client