Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/pBm-MPBX-RztZ-ugvZylGFG-NN8.roa
File: pBm-MPBX-RztZ-ugvZylGFG-NN8.roa (raw, json)
Hash identifier: 0/x1+5rEFCoNzy3fdELKLDaP6Yo3AtTj1ozLPyBce1c=
Subject key identifier: A4:19:BE:30:F0:57:F9:1C:ED:67:EB:A0:BD:9C:A5:18:51:BE:34:DF
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018AE29CC736EA5AEE0F88306802D4B7377D
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/pBm-MPBX-RztZ-ugvZylGFG-NN8.roa
Signing time: Fri 29 Sep 2023 20:23:59 +0000
ROA not before: Fri 29 Sep 2023 20:23:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
193.109.194.0/24 maxlen: 24
85.237.206.0/23 maxlen: 23
85.237.202.0/24 maxlen: 24
85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.208.0/24 maxlen: 24
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.139.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e2:9c:c7:36:ea:5a:ee:0f:88:30:68:02:d4:b7:37:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Sep 29 20:23:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a419be30f057f91ced67eba0bd9ca51851be34df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7a:02:1c:2a:f6:4f:2a:96:67:37:46:a9:f8:
b5:b9:2e:71:cc:ed:37:75:a5:bb:aa:ec:f8:ff:aa:
a0:df:cc:30:0b:b2:4e:b6:b8:f7:04:0e:3c:5f:4d:
e9:64:42:82:1e:fa:a8:49:54:fa:6f:50:cd:3f:e0:
fc:98:19:46:68:47:54:82:07:eb:c8:26:b9:5c:84:
e9:ee:b8:85:fd:a9:b0:9b:2c:88:7a:e0:c0:1a:e1:
96:aa:bb:9d:ee:fc:69:76:cb:36:72:b6:48:f7:b5:
ab:cf:d6:aa:86:bb:85:4c:bd:ec:0c:a6:2e:38:c4:
ce:3f:af:6d:98:12:a8:d5:f3:cd:1b:ae:c7:87:0d:
90:24:f4:86:e1:c2:f2:a7:ab:f6:17:56:06:09:a9:
fe:6d:21:b3:dd:a9:8c:51:44:11:e6:c7:19:a8:50:
4c:7c:6f:12:6c:77:7a:d6:f0:9d:6a:41:f5:6b:ef:
50:e7:4e:a6:bf:2f:0d:38:7d:7d:da:44:0d:f5:e7:
59:c4:b3:20:e4:f7:9d:37:d2:47:9c:7b:2a:e5:5e:
73:fb:9c:43:3f:81:8e:96:46:23:c0:e0:9d:65:a6:
b2:fd:5b:71:0d:0d:85:22:ce:e1:7f:c9:8d:e6:de:
1d:48:53:83:8f:a9:04:71:7d:06:e7:5b:5a:61:93:
a1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:19:BE:30:F0:57:F9:1C:ED:67:EB:A0:BD:9C:A5:18:51:BE:34:DF
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/pBm-MPBX-RztZ-ugvZylGFG-NN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/23
85.237.202.0/24
85.237.206.0-85.237.209.255
85.237.220.0/23
185.139.26.0/24
193.109.194.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:56:a3:d7:9f:4b:8d:fd:74:3c:48:e8:78:35:f0:e3:cd:84:
5c:eb:7b:68:50:ea:2d:f5:29:45:7f:d2:7d:d9:ad:4b:8d:f4:
c7:79:f9:31:b7:26:be:cf:55:76:d0:2f:c7:e2:9a:4a:5a:6c:
7f:6b:9d:c3:e1:ef:1f:9c:42:1c:1f:a8:ec:cc:80:aa:8f:ae:
22:f6:bb:df:82:46:d5:89:5b:df:f7:08:3c:99:85:0c:b2:96:
75:fa:d9:14:8f:db:d1:f5:ec:47:c8:5a:54:11:d5:54:22:5b:
0a:d5:44:ca:99:97:8a:db:e8:4b:a8:65:af:f4:9f:87:0c:c2:
66:42:4c:c4:d9:a3:f2:42:c1:11:95:8b:c9:06:a7:53:c2:24:
f9:e9:c9:f6:4f:89:12:17:53:48:ca:dd:23:ad:b1:c0:8b:a6:
ed:a7:f9:91:4f:70:68:09:19:eb:ec:ec:27:3d:fa:28:bc:7a:
c5:98:6d:48:2e:d5:fa:6f:51:d1:ef:e4:c6:1e:e4:58:23:5d:
7e:5f:17:14:dd:7e:6d:56:f1:77:ec:78:89:ef:72:41:0d:d3:
3c:e7:51:2b:d8:b9:da:21:dd:26:87:69:a4:21:f0:04:c6:20:
9a:4d:1c:9e:3f:0d:6e:9d:2b:38:2d:07:ee:fd:d1:72:b3:de:
79:12:21:db
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYrinMc26lruD4gwaALUtzd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMwOTI5MjAyMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE5YmUzMGYwNTdmOTFjZWQ2N2ViYTBiZDljYTUxODUxYmUzNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHoCHCr2TyqWZzdGqfi1uS5xzO03
daW7quz4/6qg38wwC7JOtrj3BA48X03pZEKCHvqoSVT6b1DNP+D8mBlGaEdUggfr
yCa5XITp7riF/amwmyyIeuDAGuGWqrud7vxpdss2crZI97Wrz9aqhruFTL3sDKYu
OMTOP69tmBKo1fPNG67Hhw2QJPSG4cLyp6v2F1YGCan+bSGz3amMUUQR5scZqFBM
fG8SbHd61vCdakH1a+9Q506mvy8NOH192kQN9edZxLMg5PedN9JHnHsq5V5z+5xD
P4GOlkYjwOCdZaay/VtxDQ2FIs7hf8mN5t4dSFODj6kEcX0G51taYZOhxQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKQZvjDwV/kc7WfroL2cpRhRvjTfMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvcEJtLU1QQlgtUnp0Wi11Z3ZaeWxHRkctTk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBVZ46AwQA
Ve3KMAwDBAFV7c4DBAFV7dADBAFV7dwDBAC5ixoDBADBbcIDBADBbcYwDQYJKoZI
hvcNAQELBQADggEBAI1Wo9efS439dDxI6Hg18OPNhFzre2hQ6i31KUV/0n3ZrUuN
9Md5+TG3Jr7PVXbQL8fimkpabH9rncPh7x+cQhwfqOzMgKqPriL2u9+CRtWJW9/3
CDyZhQyylnX62RSP29H17EfIWlQR1VQiWwrVRMqZl4rb6EuoZa/0n4cMwmZCTMTZ
o/JCwRGVi8kGp1PCJPnpyfZPiRIXU0jK3SOtscCLpu2n+ZFPcGgJGevs7Cc9+ii8
esWYbUgu1fpvUdHv5MYe5FgjXX5fFxTdfm1W8XfseInvckEN0zznUSvYudoh3SaH
aaQh8ATGIJpNHJ4/DW6dKzgtB+790XKz3nkSIds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:14 2024 by rpki-client on console-ams.rpki-client.org