Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hM6hQ6htT3nRxPmmwpvjZK40GLo.roa
File: hM6hQ6htT3nRxPmmwpvjZK40GLo.roa (raw, json)
Hash identifier: BLw9buHcfpYdDRvWZKYpYhMjmKXheNpR73xKBMSGVtg=
Subject key identifier: 84:CE:A1:43:A8:6D:4F:79:D1:C4:F9:A6:C2:9B:E3:64:AE:34:18:BA
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B7240456474FED4E1F181CC077C923AF4
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hM6hQ6htT3nRxPmmwpvjZK40GLo.roa
Signing time: Fri 27 Oct 2023 17:48:16 +0000
ROA not before: Fri 27 Oct 2023 17:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 85.237.199.0/24 maxlen: 24
85.237.198.0/24 maxlen: 24
85.237.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:72:40:45:64:74:fe:d4:e1:f1:81:cc:07:7c:92:3a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 27 17:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84cea143a86d4f79d1c4f9a6c29be364ae3418ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:12:d3:c1:fd:c7:1d:db:8b:e7:c3:dc:c6:
e9:4f:94:d6:71:8d:e0:a8:69:62:02:e2:64:4a:fe:
ff:2a:f6:fb:c0:94:e6:dd:ee:94:6b:97:82:45:62:
82:20:92:cc:23:83:40:09:92:93:07:d8:d2:93:b1:
a5:f8:bc:11:be:c9:a7:46:66:91:14:75:fa:8d:0d:
f7:60:a8:eb:ec:81:03:aa:76:d8:22:40:32:c2:dd:
7a:c2:b7:6d:4f:4e:23:eb:ca:5f:e1:6f:c3:2c:d1:
f9:4b:83:60:c8:b5:fe:15:2a:af:40:36:0e:70:f4:
e7:a0:38:17:c8:97:c4:50:36:f1:86:34:52:c7:44:
da:10:be:8a:14:77:e5:cd:35:72:f1:13:34:ac:82:
71:d9:a0:f6:36:ed:1e:0d:2e:23:d0:37:5c:fa:88:
54:fb:8a:1d:14:7e:bc:d7:6f:e2:24:1f:c5:10:ed:
15:a7:d0:a3:06:21:2c:a0:c3:2c:83:58:f9:6e:eb:
9c:9d:12:b3:20:49:f7:7d:7c:27:9a:75:24:38:c3:
24:5b:5e:45:09:f4:c4:b0:d9:a0:b8:ed:60:ca:5e:
90:1c:c0:07:cb:1b:f1:01:d7:8e:a8:81:1e:f9:8f:
f9:0f:f3:e5:37:0a:63:aa:eb:c5:37:c2:d1:c8:27:
5f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CE:A1:43:A8:6D:4F:79:D1:C4:F9:A6:C2:9B:E3:64:AE:34:18:BA
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hM6hQ6htT3nRxPmmwpvjZK40GLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.195.0/24
85.237.198.0/23
Signature Algorithm: sha256WithRSAEncryption
44:c3:4d:c0:60:b3:04:81:5c:94:e4:76:f1:7e:d8:96:8f:56:
f7:6d:0b:04:be:b5:93:b6:b8:28:05:f7:96:f5:c0:2c:aa:71:
a8:7a:64:a0:20:c1:13:73:1e:f7:63:91:b6:07:b7:31:72:0f:
cf:72:61:ab:0f:02:05:ed:86:ec:fa:b8:56:60:28:cf:a2:8a:
62:f2:f0:e0:ac:23:64:cd:10:a5:03:de:09:3b:59:11:34:89:
d8:e3:4c:70:86:30:d3:43:d8:2d:b7:67:4b:d9:8a:1b:d0:95:
41:da:16:18:45:70:c9:ed:ee:20:82:c9:fe:1b:3a:c3:de:05:
d8:78:34:2e:a9:54:e0:0e:55:fb:13:62:6f:99:7b:9d:ec:3c:
f5:2c:f6:1b:fa:0b:b3:4a:e6:4d:f9:f0:e3:b9:0d:93:ad:3d:
ae:42:cb:cf:56:ec:6a:c7:ee:37:c2:dd:40:ab:84:9c:5c:32:
d1:00:cd:5c:18:13:58:a1:a0:62:d7:cd:85:3c:96:01:f1:9b:
d9:87:42:86:ec:e8:98:b0:36:d9:6a:2e:c3:eb:77:09:6c:af:
23:d6:67:65:64:d1:b6:b1:dc:ac:0c:e8:85:16:ef:30:54:be:
0e:b0:50:aa:b2:b1:2c:f4:9a:56:cf:e1:93:48:b6:26:66:7e:
8a:5f:11:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtyQEVkdP7U4fGBzAd8kjr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDI3MTc0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNlYTE0M2E4NmQ0Zjc5ZDFjNGY5YTZjMjliZTM2NGFlMzQxOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4YS08H9xx3bi+fD3MbpT5TWcY3g
qGliAuJkSv7/Kvb7wJTm3e6Ua5eCRWKCIJLMI4NACZKTB9jSk7Gl+LwRvsmnRmaR
FHX6jQ33YKjr7IEDqnbYIkAywt16wrdtT04j68pf4W/DLNH5S4NgyLX+FSqvQDYO
cPTnoDgXyJfEUDbxhjRSx0TaEL6KFHflzTVy8RM0rIJx2aD2Nu0eDS4j0Ddc+ohU
+4odFH6812/iJB/FEO0Vp9CjBiEsoMMsg1j5buucnRKzIEn3fXwnmnUkOMMkW15F
CfTEsNmguO1gyl6QHMAHyxvxAdeOqIEe+Y/5D/PlNwpjquvFN8LRyCdflQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITOoUOobU950cT5psKb42SuNBi6MB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvaE02aFE2aHRUM25SeFBtbXdwdmpaSzQwR0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3DAwQB
Ve3GMA0GCSqGSIb3DQEBCwUAA4IBAQBEw03AYLMEgVyU5HbxftiWj1b3bQsEvrWT
trgoBfeW9cAsqnGoemSgIMETcx73Y5G2B7cxcg/PcmGrDwIF7Ybs+rhWYCjPoopi
8vDgrCNkzRClA94JO1kRNInY40xwhjDTQ9gtt2dL2Yob0JVB2hYYRXDJ7e4ggsn+
GzrD3gXYeDQuqVTgDlX7E2JvmXud7Dz1LPYb+guzSuZN+fDjuQ2TrT2uQsvPVuxq
x+43wt1Aq4ScXDLRAM1cGBNYoaBi182FPJYB8ZvZh0KG7OiYsDbZai7D63cJbK8j
1mdlZNG2sdysDOiFFu8wVL4OsFCqsrEs9JpWz+GTSLYmZn6KXxGk
-----END CERTIFICATE-----
Generated at Wed Nov 8 07:16:17 2023 by rpki-client on console-fra.rpki-client.org