Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/KGIQs7osx_9Pt2LCSBCJTQt79aY.roa
File: KGIQs7osx_9Pt2LCSBCJTQt79aY.roa (raw, json)
Hash identifier: 8Fig5RM/+8Y+a5NhLPV1ucJLa9IRrtPKsyvQIZd9aF8=
Subject key identifier: 28:62:10:B3:BA:2C:C7:FF:4F:B7:62:C2:48:10:89:4D:0B:7B:F5:A6
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B0AC154AFAAA8E211AA8A441DBFB1D6DB
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/KGIQs7osx_9Pt2LCSBCJTQt79aY.roa
Signing time: Sat 07 Oct 2023 15:28:44 +0000
ROA not before: Sat 07 Oct 2023 15:28:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.237.206.0/23 maxlen: 23
85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.208.0/24 maxlen: 24
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.139.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0a:c1:54:af:aa:a8:e2:11:aa:8a:44:1d:bf:b1:d6:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 7 15:28:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=286210b3ba2cc7ff4fb762c24810894d0b7bf5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:61:6e:1c:eb:81:0d:9c:19:ef:c0:6c:ec:c1:
e2:1b:c3:d9:06:de:97:00:d4:69:4c:7b:08:35:0c:
79:e1:e1:ee:58:b6:00:8e:5c:9c:11:25:f4:91:24:
99:39:d2:1a:f5:26:9e:04:22:e6:07:b1:5e:de:fe:
96:f0:af:e3:cc:bf:f1:98:87:a5:26:a6:21:86:0e:
7b:48:7f:a2:09:0e:bd:22:4c:28:4a:19:b4:65:90:
5d:9b:18:23:4a:ec:d0:3a:08:67:94:42:84:fc:d6:
3c:00:2d:06:93:e9:22:09:f8:c5:cf:d5:f1:6a:62:
22:62:03:de:94:a9:c6:23:ff:dd:f2:27:dd:df:69:
f2:40:e1:fe:3a:fe:7a:10:1f:b8:1c:b5:ed:5c:93:
62:88:79:94:11:14:d7:79:dc:70:4f:f6:32:b9:0b:
b9:a6:b8:f5:be:dc:29:cd:06:cd:58:ef:52:81:cd:
0b:ce:74:f3:8b:1f:f2:7c:76:40:73:58:e9:35:7a:
76:4b:63:b9:da:18:ed:06:1e:24:60:37:6d:02:dd:
f4:5b:2e:b9:a5:23:bb:97:bc:be:f8:60:77:22:3c:
cb:d2:89:e8:ff:87:5b:e5:0c:69:91:96:98:0b:1c:
d9:e8:4d:de:3b:37:25:7a:8b:a5:9d:f0:ef:09:6b:
6a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:62:10:B3:BA:2C:C7:FF:4F:B7:62:C2:48:10:89:4D:0B:7B:F5:A6
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/KGIQs7osx_9Pt2LCSBCJTQt79aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.206.0-85.237.209.255
85.237.220.0/23
185.139.26.0/24
Signature Algorithm: sha256WithRSAEncryption
82:05:53:44:81:c3:85:c1:0c:3b:5e:2d:86:f5:2b:e3:05:f7:
76:64:e7:06:4b:ee:29:01:a5:78:d2:49:80:06:b2:38:19:28:
5d:f4:c9:b4:13:ad:17:e4:58:a6:f0:2b:1a:8b:94:d7:3b:c9:
b6:3c:6a:10:40:a5:82:4f:f5:5d:9d:20:af:ca:91:3e:bc:ff:
f3:85:84:45:e8:9d:26:68:0f:49:57:44:e8:b9:b7:35:ab:55:
23:79:54:e9:d0:b9:41:2d:91:ea:45:16:be:29:df:67:54:02:
db:d4:94:4e:76:33:2a:a3:15:dc:50:50:a2:0e:dc:a5:d9:17:
22:65:27:df:9b:1a:04:a6:7d:cb:7e:66:23:57:9e:cc:43:82:
21:a1:df:12:4c:39:03:9c:59:a9:10:16:3b:0a:dc:21:c0:c4:
0b:65:87:0f:45:bb:58:60:aa:78:90:59:ea:46:36:77:51:ee:
e7:a0:98:6b:0a:76:b6:41:de:74:69:51:76:d2:a4:eb:a5:25:
cd:5a:ca:6a:c4:25:a2:b2:82:0e:b8:9a:4f:76:50:a8:b1:71:
6d:5c:38:5f:33:a6:a3:41:67:75:1a:3d:15:8a:35:50:ed:20:
44:e4:82:66:60:a6:5f:92:c0:0f:6c:8e:bc:8d:77:e3:f1:33:
a0:63:00:fc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYsKwVSvqqjiEaqKRB2/sdbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDA3MTUyODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYyMTBiM2JhMmNjN2ZmNGZiNzYyYzI0ODEwODk0ZDBiN2JmNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2FuHOuBDZwZ78Bs7MHiG8PZBt6X
ANRpTHsINQx54eHuWLYAjlycESX0kSSZOdIa9SaeBCLmB7Fe3v6W8K/jzL/xmIel
JqYhhg57SH+iCQ69IkwoShm0ZZBdmxgjSuzQOghnlEKE/NY8AC0Gk+kiCfjFz9Xx
amIiYgPelKnGI//d8ifd32nyQOH+Ov56EB+4HLXtXJNiiHmUERTXedxwT/YyuQu5
prj1vtwpzQbNWO9Sgc0LznTzix/yfHZAc1jpNXp2S2O52hjtBh4kYDdtAt30Wy65
pSO7l7y++GB3IjzL0ono/4db5QxpkZaYCxzZ6E3eOzcleoulnfDvCWtq9QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFChiELO6LMf/T7diwkgQiU0Le/WmMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvS0dJUXM3b3N4XzlQdDJMQ1NCQ0pUUXQ3OWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVZ46MAwD
BAFV7c4DBAFV7dADBAFV7dwDBAC5ixowDQYJKoZIhvcNAQELBQADggEBAIIFU0SB
w4XBDDteLYb1K+MF93Zk5wZL7ikBpXjSSYAGsjgZKF30ybQTrRfkWKbwKxqLlNc7
ybY8ahBApYJP9V2dIK/KkT68//OFhEXonSZoD0lXROi5tzWrVSN5VOnQuUEtkepF
Fr4p32dUAtvUlE52MyqjFdxQUKIO3KXZFyJlJ9+bGgSmfct+ZiNXnsxDgiGh3xJM
OQOcWakQFjsK3CHAxAtlhw9Fu1hgqniQWepGNndR7uegmGsKdrZB3nRpUXbSpOul
Jc1aymrEJaKygg64mk92UKixcW1cOF8zpqNBZ3UaPRWKNVDtIETkgmZgpl+SwA9s
jryNd+PxM6BjAPw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:28 2025 by rpki-client