Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/M707D6D0pJSw9wtmHzV54bMXwlY.roa
File: M707D6D0pJSw9wtmHzV54bMXwlY.roa (raw, json)
Hash identifier: 4kxbDfXEzpOH706RNZK+qh/395czjhgqwKF21HR51yE=
Subject key identifier: 33:BD:3B:0F:A0:F4:A4:94:B0:F7:0B:66:1F:35:79:E1:B3:17:C2:56
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B69A92AB8E198CFC1D925E319625D3B01
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/M707D6D0pJSw9wtmHzV54bMXwlY.roa
Signing time: Thu 26 Oct 2023 01:46:16 +0000
ROA not before: Thu 26 Oct 2023 01:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.93.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:69:a9:2a:b8:e1:98:cf:c1:d9:25:e3:19:62:5d:3b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 26 01:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33bd3b0fa0f4a494b0f70b661f3579e1b317c256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:2d:c8:6a:3f:8f:de:e2:2a:bb:9b:1a:fb:
ce:61:d4:cf:c3:56:cc:1f:61:0b:cd:54:aa:2e:9c:
81:05:e6:77:ed:eb:0a:f2:e3:83:39:06:d6:4c:66:
52:ef:5c:8b:67:39:ee:df:55:fa:24:44:e6:71:15:
41:71:ad:cc:ae:d6:25:ea:83:62:6a:16:53:21:65:
4b:f8:b8:77:ba:1b:8a:45:e0:1c:e0:1d:0c:ae:ce:
d2:4f:3f:d7:95:65:0f:5f:f2:c2:3b:4b:6c:af:42:
c3:10:07:da:b1:15:70:a5:d5:75:a1:c0:3a:ae:62:
15:ba:31:95:9b:18:ca:c7:3b:7a:1f:e1:7b:d2:bf:
91:45:28:8a:c9:85:d3:3d:26:da:a0:5d:f9:57:f0:
3f:f2:c2:e1:98:82:67:d4:34:17:4d:71:18:2b:57:
62:e3:cd:12:f3:c5:e1:29:2a:79:be:2a:8a:8e:ec:
38:48:28:6e:62:8d:40:d0:03:8e:e2:11:41:61:7d:
14:66:2b:bb:80:fc:77:03:9c:b6:28:02:83:09:b9:
23:c2:6e:a4:ea:59:3f:23:dd:50:3e:ce:fa:f4:38:
43:ed:f9:53:bb:7c:2a:1f:3d:c7:4c:9e:31:ce:8d:
5e:b3:63:e9:e6:32:22:ab:39:85:e8:35:4b:2c:3d:
fd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BD:3B:0F:A0:F4:A4:94:B0:F7:0B:66:1F:35:79:E1:B3:17:C2:56
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/M707D6D0pJSw9wtmHzV54bMXwlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.208.0/23
85.237.211.0/24
85.237.220.0/23
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:32:6f:c0:59:d1:2e:bd:f4:d0:7f:33:c8:03:08:b0:7a:bd:
9c:0f:f7:3f:a0:14:39:61:6c:2c:2d:cf:aa:17:39:6f:62:ba:
4b:1a:e2:26:fa:e2:cb:1b:c2:84:ce:6e:ba:7d:90:47:db:ed:
48:fa:f9:f5:5d:aa:cc:84:ca:a4:40:66:24:32:f3:2b:b2:12:
62:a1:95:f7:61:72:2a:bf:46:ca:d5:9d:8a:61:7f:e6:f6:f1:
07:4a:92:d3:16:1c:6d:c1:df:3c:ac:8c:0a:4a:aa:66:6a:09:
13:0c:5c:06:7f:80:8f:c5:27:49:12:ec:b4:4e:77:fb:e0:79:
22:0b:f2:57:b7:b1:ab:eb:aa:35:d5:cd:03:22:65:24:69:5e:
5f:b1:51:62:14:69:07:a1:80:e8:c1:d6:01:9e:70:3e:ed:8d:
05:87:80:70:bf:71:9a:97:2f:94:68:47:f7:6b:e9:23:d3:d8:
50:dd:0d:95:7e:0e:e9:45:08:19:5c:ea:1e:fe:bb:ae:cc:36:
d1:91:9f:ed:ac:0c:67:56:0c:01:96:e4:c6:d5:7d:39:c8:1b:
6a:16:0d:80:04:5e:fb:68:6b:52:6b:e6:3b:6b:fd:4a:e2:4c:
bb:e2:ee:35:6f:14:91:86:b9:6d:4f:c7:9a:2b:9d:9b:ca:3e:
ba:15:5a:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtpqSq44ZjPwdkl4xliXTsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDI2MDE0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2JkM2IwZmEwZjRhNDk0YjBmNzBiNjYxZjM1NzllMWIzMTdjMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsQtyGo/j97iKrubGvvOYdTPw1bM
H2ELzVSqLpyBBeZ37esK8uODOQbWTGZS71yLZznu31X6JETmcRVBca3MrtYl6oNi
ahZTIWVL+Lh3uhuKReAc4B0Mrs7STz/XlWUPX/LCO0tsr0LDEAfasRVwpdV1ocA6
rmIVujGVmxjKxzt6H+F70r+RRSiKyYXTPSbaoF35V/A/8sLhmIJn1DQXTXEYK1di
480S88XhKSp5viqKjuw4SChuYo1A0AOO4hFBYX0UZiu7gPx3A5y2KAKDCbkjwm6k
6lk/I91QPs769DhD7flTu3wqHz3HTJ4xzo1es2Pp5jIiqzmF6DVLLD39+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDO9Ow+g9KSUsPcLZh81eeGzF8JWMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvTTcwN0Q2RDBwSlN3OXd0bUh6VjU0Yk1Yd2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBVZ46AwQB
Ve3QAwQAVe3TAwQBVe3cAwQAuV0gMA0GCSqGSIb3DQEBCwUAA4IBAQAaMm/AWdEu
vfTQfzPIAwiwer2cD/c/oBQ5YWwsLc+qFzlvYrpLGuIm+uLLG8KEzm66fZBH2+1I
+vn1XarMhMqkQGYkMvMrshJioZX3YXIqv0bK1Z2KYX/m9vEHSpLTFhxtwd88rIwK
SqpmagkTDFwGf4CPxSdJEuy0Tnf74HkiC/JXt7Gr66o11c0DImUkaV5fsVFiFGkH
oYDowdYBnnA+7Y0Fh4Bwv3Galy+UaEf3a+kj09hQ3Q2Vfg7pRQgZXOoe/ruuzDbR
kZ/trAxnVgwBluTG1X05yBtqFg2ABF77aGtSa+Y7a/1K4ky74u41bxSRhrltT8ea
K52byj66FVpQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:14 2024 by rpki-client on console-ams.rpki-client.org