Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hmFJsASW7NZOBvxAJt9D-YCoxlM.roa
File: hmFJsASW7NZOBvxAJt9D-YCoxlM.roa (raw, json)
Hash identifier: naa1HYPampPO3TVIc2RK4HxXPV3r1C+BvG14RrfCidM=
Subject key identifier: 86:61:49:B0:04:96:EC:D6:4E:06:FC:40:26:DF:43:F9:80:A8:C6:53
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B936F7171E298BC2CA72BCE5916C202A8
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hmFJsASW7NZOBvxAJt9D-YCoxlM.roa
Signing time: Fri 03 Nov 2023 04:27:16 +0000
ROA not before: Fri 03 Nov 2023 04:27:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.158.58.0/23 maxlen: 23
85.237.208.0/23 maxlen: 23
85.237.220.0/23 maxlen: 23
85.237.222.0/24 maxlen: 24
185.93.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:6f:71:71:e2:98:bc:2c:a7:2b:ce:59:16:c2:02:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Nov 3 04:27:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=866149b00496ecd64e06fc4026df43f980a8c653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:91:2a:a2:68:1e:61:ae:4d:13:bd:99:51:
cf:c4:e7:32:e1:92:06:60:4f:3c:fe:73:7a:81:bb:
94:fb:c9:0f:5e:5e:ad:cd:80:c8:7d:1a:41:b1:a1:
7a:a2:e9:ab:e6:24:9c:ee:bc:b5:6c:b0:9d:7b:e8:
8e:cc:d6:db:07:fe:47:81:79:07:62:f1:a8:0f:8d:
0b:3b:ab:f7:e3:9f:9d:72:50:7d:42:d7:f9:af:6c:
7f:6d:60:1d:27:ec:1d:59:10:5f:a6:84:17:c0:0a:
d8:0b:1c:95:a5:a4:a7:b2:4b:e8:28:65:04:ba:80:
65:b5:46:fa:8b:d0:13:a7:84:7d:3f:4b:db:fe:8d:
3f:a2:d4:e6:50:cc:aa:08:44:ea:e6:d7:82:8c:e0:
6e:7a:1f:48:c7:4a:94:ef:f5:39:2a:e2:d6:10:6d:
0a:70:37:05:f5:5c:18:b6:8c:50:76:01:62:b1:c9:
9b:30:4e:a9:cc:1e:c8:4f:93:65:4f:31:e0:d2:0c:
c5:6b:d5:e8:25:67:85:b7:7d:82:63:e1:c7:63:b5:
49:5c:65:5e:b3:fd:87:b6:22:d6:39:74:d7:0f:e6:
61:4f:62:fe:11:42:dc:4d:8b:70:12:48:53:9b:b6:
4b:36:90:c5:a5:d7:95:1e:46:23:65:4b:1e:08:03:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:61:49:B0:04:96:EC:D6:4E:06:FC:40:26:DF:43:F9:80:A8:C6:53
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/hmFJsASW7NZOBvxAJt9D-YCoxlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.208.0/23
85.237.220.0-85.237.222.255
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f2:35:a1:da:09:31:7b:32:8e:d8:e9:37:87:d4:68:d6:d0:
2c:0d:9c:73:98:db:6f:a4:f8:34:2b:b9:60:ef:06:7f:96:0b:
47:f2:7b:de:8c:cb:3f:01:41:43:98:45:e0:3e:78:74:71:66:
51:80:9d:1a:70:2a:ec:5e:86:07:90:21:fe:9d:0c:0e:a1:61:
b4:b1:61:92:58:a3:73:ae:15:a3:cc:08:0e:fb:9c:6a:c2:69:
74:d6:3b:9b:4b:de:59:7c:f6:ae:5e:61:5b:59:d1:5b:52:17:
62:9d:2f:c0:fc:0f:7b:c3:0e:67:02:42:6f:b4:e5:45:c7:2c:
c2:f8:fe:e3:ec:8e:8b:de:c1:a6:1d:f5:a6:b9:15:25:b4:fc:
bf:4c:49:db:f1:99:03:ea:04:62:75:52:fa:d1:03:7b:3f:5c:
c9:3e:6c:67:51:ce:52:b1:b6:f3:b6:4d:3d:d1:97:d9:1c:22:
be:17:66:59:9d:fe:25:20:07:bb:84:d8:35:0a:45:c7:03:10:
e0:d7:02:ee:25:2a:c0:7e:6a:93:b1:27:cd:b1:8a:3f:a3:12:
c0:99:7b:1d:a7:aa:61:6f:78:b3:d1:bc:4c:7e:20:87:bd:bc:
2b:d5:30:a7:fa:86:d3:9a:e2:18:24:f9:91:85:19:84:15:d6:
d7:89:5c:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuTb3Fx4pi8LKcrzlkWwgKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMTAzMDQyNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYxNDliMDA0OTZlY2Q2NGUwNmZjNDAyNmRmNDNmOTgwYThjNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv2RKqJoHmGuTRO9mVHPxOcy4ZIG
YE88/nN6gbuU+8kPXl6tzYDIfRpBsaF6oumr5iSc7ry1bLCde+iOzNbbB/5HgXkH
YvGoD40LO6v345+dclB9Qtf5r2x/bWAdJ+wdWRBfpoQXwArYCxyVpaSnskvoKGUE
uoBltUb6i9ATp4R9P0vb/o0/otTmUMyqCETq5teCjOBueh9Ix0qU7/U5KuLWEG0K
cDcF9VwYtoxQdgFiscmbME6pzB7IT5NlTzHg0gzFa9XoJWeFt32CY+HHY7VJXGVe
s/2HtiLWOXTXD+ZhT2L+EULcTYtwEkhTm7ZLNpDFpdeVHkYjZUseCANrywIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIZhSbAEluzWTgb8QCbfQ/mAqMZTMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvaG1GSnNBU1c3TlpPQnZ4QUp0OUQtWUNveGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVZ46AwQB
Ve3QMAwDBAJV7dwDBABV7d4DBAC5XSAwDQYJKoZIhvcNAQELBQADggEBACHyNaHa
CTF7Mo7Y6TeH1GjW0CwNnHOY22+k+DQruWDvBn+WC0fye96Myz8BQUOYReA+eHRx
ZlGAnRpwKuxehgeQIf6dDA6hYbSxYZJYo3OuFaPMCA77nGrCaXTWO5tL3ll89q5e
YVtZ0VtSF2KdL8D8D3vDDmcCQm+05UXHLML4/uPsjovewaYd9aa5FSW0/L9MSdvx
mQPqBGJ1UvrRA3s/XMk+bGdRzlKxtvO2TT3Rl9kcIr4XZlmd/iUgB7uE2DUKRccD
EODXAu4lKsB+apOxJ82xij+jEsCZex2nqmFveLPRvEx+IIe9vCvVMKf6htOa4hgk
+ZGFGYQV1teJXF8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:12 2025 by rpki-client