Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/qd2pUeC8RQRk4yav5krjC0B_5Jo.roa
File: qd2pUeC8RQRk4yav5krjC0B_5Jo.roa (raw, json)
Hash identifier: FfT+b3+tnO/2p90FIkDIAOysFCjgpCslPt0qK1cY+tI=
Subject key identifier: A9:DD:A9:51:E0:BC:45:04:64:E3:26:AF:E6:4A:E3:0B:40:7F:E4:9A
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018AD96321EE011AE453E6EFF06B87CB425D
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/qd2pUeC8RQRk4yav5krjC0B_5Jo.roa
Signing time: Thu 28 Sep 2023 01:24:27 +0000
ROA not before: Thu 28 Sep 2023 01:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
193.109.194.0/24 maxlen: 24
85.237.206.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.208.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.139.26.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.158.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d9:63:21:ee:01:1a:e4:53:e6:ef:f0:6b:87:cb:42:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Sep 28 01:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9dda951e0bc450464e326afe64ae30b407fe49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:12:a3:6a:c3:46:25:4a:06:ba:30:e5:a6:
8d:b9:37:26:c8:cb:95:bd:36:c5:51:f6:3f:90:79:
4c:37:d7:4d:f5:33:a8:bc:34:e8:e8:23:c4:d4:e9:
35:be:c4:0c:4d:61:0f:56:05:30:4e:69:c8:3c:8c:
8c:90:d3:c8:8f:d6:e7:d9:75:1f:99:f8:06:5c:a0:
51:64:7f:16:cb:58:b1:df:a2:6e:40:22:8c:d3:dd:
62:32:8f:8c:99:10:cd:a6:ff:b6:e9:a7:da:ce:83:
92:6b:15:a3:58:aa:7d:fe:05:bd:92:d2:d1:ee:1d:
99:17:91:2e:89:7f:01:66:91:52:83:b7:af:58:da:
c0:85:5e:0d:e9:5c:81:62:02:a5:4f:9b:0d:4d:56:
5a:a6:d0:28:89:db:8e:a5:60:87:98:54:1e:cf:ad:
1c:aa:ce:98:bc:e8:79:32:0b:65:9c:9d:28:4c:b3:
39:be:2b:4c:97:cc:4f:1b:f7:35:1a:a7:75:a8:ce:
0a:3b:9f:83:3a:71:cb:e1:79:d2:06:1a:be:33:2e:
41:13:78:e5:ce:e0:30:0a:93:23:88:40:a9:dc:eb:
d9:87:0f:99:fc:4d:da:2c:2a:ca:bd:eb:29:03:32:
96:c4:6d:df:23:61:cc:25:8e:d3:a4:58:dd:d3:4f:
1a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DD:A9:51:E0:BC:45:04:64:E3:26:AF:E6:4A:E3:0B:40:7F:E4:9A
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/qd2pUeC8RQRk4yav5krjC0B_5Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.59.255
85.237.202.0/24
85.237.206.0/24
85.237.208.0/23
85.237.220.0/23
185.139.26.0/24
193.109.194.0/24
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a8:e0:68:5b:8f:bd:a9:f5:bf:c3:12:94:58:2c:98:05:6a:
e3:13:47:41:e8:d4:73:36:7d:f0:67:d8:da:9c:23:35:0d:14:
8a:2b:52:5a:c8:b0:80:8e:fb:e3:d2:72:6f:59:ae:6e:1c:59:
91:4d:f4:34:3c:60:fd:c1:ff:ee:be:f2:ef:ac:aa:48:3d:64:
5c:2d:2b:a2:a3:7c:e1:bd:a5:65:80:b1:0b:77:e5:66:5d:b9:
47:de:0a:83:78:ac:d1:35:9e:33:64:6a:59:1b:0b:33:10:39:
b0:24:4e:92:3c:ef:a5:1a:60:e3:71:72:0d:cc:45:4d:a2:f5:
c6:7e:00:c9:0a:4c:57:36:b8:5b:b2:40:79:83:c6:08:41:e5:
da:df:14:a3:07:f9:48:af:82:17:67:c3:93:be:a4:50:a0:75:
75:7c:df:62:e9:00:c8:6e:71:36:da:b6:67:8e:ba:13:09:69:
01:95:a1:26:67:e8:42:98:9f:8c:3a:35:89:a6:73:2e:61:43:
f1:c8:e2:94:c6:7b:9d:74:55:e9:e5:b3:02:61:ba:98:6b:4d:
23:c5:89:5d:1a:12:c8:2d:f0:df:49:69:fb:6c:4c:c0:2f:56:
3b:ba:d2:c4:cd:ca:0b:8e:3f:25:2e:29:42:32:11:12:66:78:
f5:8c:05:37
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYrZYyHuARrkU+bv8GuHy0JdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMwOTI4MDEyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRkYTk1MWUwYmM0NTA0NjRlMzI2YWZlNjRhZTMwYjQwN2ZlNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN8So2rDRiVKBrow5aaNuTcmyMuV
vTbFUfY/kHlMN9dN9TOovDTo6CPE1Ok1vsQMTWEPVgUwTmnIPIyMkNPIj9bn2XUf
mfgGXKBRZH8Wy1ix36JuQCKM091iMo+MmRDNpv+26afazoOSaxWjWKp9/gW9ktLR
7h2ZF5EuiX8BZpFSg7evWNrAhV4N6VyBYgKlT5sNTVZaptAoiduOpWCHmFQez60c
qs6YvOh5MgtlnJ0oTLM5vitMl8xPG/c1Gqd1qM4KO5+DOnHL4XnSBhq+My5BE3jl
zuAwCpMjiECp3OvZhw+Z/E3aLCrKvespAzKWxG3fI2HMJY7TpFjd008adwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKndqVHgvEUEZOMmr+ZK4wtAf+SaMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvcWQycFVlQzhSUVJrNHlhdjVrcmpDMEJfNUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABVnjkD
BAJVnjgDBABV7coDBABV7c4DBAFV7dADBAFV7dwDBAC5ixoDBADBbcIDBADBbcYw
DQYJKoZIhvcNAQELBQADggEBAJWo4Ghbj72p9b/DEpRYLJgFauMTR0Ho1HM2ffBn
2NqcIzUNFIorUlrIsICO++PScm9Zrm4cWZFN9DQ8YP3B/+6+8u+sqkg9ZFwtK6Kj
fOG9pWWAsQt35WZduUfeCoN4rNE1njNkalkbCzMQObAkTpI876UaYONxcg3MRU2i
9cZ+AMkKTFc2uFuyQHmDxghB5drfFKMH+Uivghdnw5O+pFCgdXV832LpAMhucTba
tmeOuhMJaQGVoSZn6EKYn4w6NYmmcy5hQ/HI4pTGe510VenlswJhuphrTSPFiV0a
Esgt8N9JaftsTMAvVju60sTNyguOPyUuKUIyERJmePWMBTc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:40 2025 by rpki-client