Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/UEs4OQXASir_gPEWJgNYPtwD2q0.roa
File: UEs4OQXASir_gPEWJgNYPtwD2q0.roa (raw, json)
Hash identifier: FQWs97DWu3NATgRPfsr8PLT9l0lqhkQaj7nn7wSPCFM=
Subject key identifier: 50:4B:38:39:05:C0:4A:2A:FF:80:F1:16:26:03:58:3E:DC:03:DA:AD
Certificate issuer: /CN=58bdb1bd75727519e400bfe88a75123d6184de14
Certificate serial: 018CC87021D9C484936076F84BD1A037D1F1
Authority key identifier: 58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/UEs4OQXASir_gPEWJgNYPtwD2q0.roa
Signing time: Tue 02 Jan 2024 04:30:41 +0000
ROA not before: Tue 02 Jan 2024 04:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209137
IP address blocks: 185.170.137.0/24 maxlen: 24
185.170.136.0/22 maxlen: 22
185.170.136.0/23 maxlen: 23
185.170.138.0/24 maxlen: 24
185.170.139.0/24 maxlen: 24
185.170.138.0/23 maxlen: 23
185.170.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:21:d9:c4:84:93:60:76:f8:4b:d1:a0:37:d1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bdb1bd75727519e400bfe88a75123d6184de14
Validity
Not Before: Jan 2 04:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=504b383905c04a2aff80f1162603583edc03daad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e1:04:d3:71:6e:2f:16:01:4e:59:f6:0d:88:
44:99:81:73:6d:e8:d3:9a:35:28:7a:0f:6b:48:e6:
0f:91:86:59:5e:d1:cb:0f:25:6d:4a:5d:f9:e0:ae:
24:04:1f:94:a8:0b:94:40:af:5b:f9:12:0a:52:61:
8d:37:47:49:3e:7c:ad:0b:86:94:f5:a1:f9:58:7c:
2f:d6:a1:37:3c:56:29:fa:32:cb:bc:95:df:ee:22:
d9:a5:3d:c7:01:d7:6a:e9:02:8d:d3:6d:c8:3e:c4:
c9:18:94:80:d9:62:d1:63:4d:98:8a:2b:fa:c1:b7:
ca:ee:a7:b5:97:7c:c5:51:06:69:70:30:1b:59:ed:
01:a0:ff:a2:29:e6:7e:be:7b:58:cb:d6:d2:2c:e6:
e6:6e:97:d5:09:65:7b:fc:17:2a:2c:6b:04:47:5c:
56:90:43:a4:86:5a:0f:a1:fc:df:0c:91:18:96:4b:
16:ed:c1:bd:e0:f5:be:16:8f:81:27:5d:87:08:da:
f8:ee:90:1b:3c:d0:1f:03:04:3e:b6:a1:13:78:69:
0e:dd:c3:30:bc:cf:a4:f1:cf:23:c8:6a:a4:2e:07:
3a:ab:00:25:a6:fc:70:c6:29:2c:86:07:b4:3c:e7:
ba:09:10:5b:6b:71:e4:5c:db:fa:dd:be:58:1f:43:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4B:38:39:05:C0:4A:2A:FF:80:F1:16:26:03:58:3E:DC:03:DA:AD
X509v3 Authority Key Identifier:
keyid:58:BD:B1:BD:75:72:75:19:E4:00:BF:E8:8A:75:12:3D:61:84:DE:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL2xvXVydRnkAL_oinUSPWGE3hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/UEs4OQXASir_gPEWJgNYPtwD2q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/aae9db-e0c9-478e-bb58-24da551c68ab/1/WL2xvXVydRnkAL_oinUSPWGE3hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.136.0/22
Signature Algorithm: sha256WithRSAEncryption
89:cb:c1:99:55:14:01:91:8f:31:16:50:98:e1:12:4a:f4:d2:
40:74:ee:4a:45:4d:03:84:55:a0:04:13:f9:90:fa:7d:1e:69:
4d:17:4a:1d:7d:e9:b3:24:c2:8c:8f:52:0b:db:f3:09:da:e2:
34:08:d3:38:0e:95:84:43:74:b1:b8:0b:cb:17:8c:be:9a:a2:
b9:66:79:90:34:41:9d:b7:e8:bf:cd:69:3b:bf:5a:a3:72:01:
e8:a9:a8:36:40:7b:b7:60:f4:9b:14:aa:53:83:2d:05:4b:78:
07:67:0b:d4:c3:db:53:19:8d:40:a4:14:1b:71:f6:a7:65:03:
71:59:69:b0:a0:f1:e1:70:ce:3b:26:0e:70:2b:d1:42:d3:3d:
90:be:c6:30:9d:77:e2:18:ab:dd:75:73:47:66:2d:66:e7:7f:
75:2b:2f:b6:f0:18:f8:39:66:68:70:1c:0e:ae:07:af:06:6f:
b4:fd:8a:0c:94:6c:5c:cf:a6:3d:e9:38:fa:35:39:78:07:a5:
20:56:ee:e5:58:49:e5:fb:29:83:d5:17:60:9a:45:17:95:cd:
0d:4f:9f:06:2a:4b:c5:8c:90:b4:3c:b8:4c:ad:3c:ae:09:9b:
8a:bf:6b:20:23:c7:73:22:19:e9:77:92:30:28:bf:bc:f9:aa:
a4:b2:23:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcCHZxISTYHb4S9GgN9HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmRiMWJkNzU3Mjc1MTllNDAwYmZlODhhNzUxMjNkNjE4
NGRlMTQwHhcNMjQwMTAyMDQzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRiMzgzOTA1YzA0YTJhZmY4MGYxMTYyNjAzNTgzZWRjMDNkYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueEE03FuLxYBTln2DYhEmYFzbejT
mjUoeg9rSOYPkYZZXtHLDyVtSl354K4kBB+UqAuUQK9b+RIKUmGNN0dJPnytC4aU
9aH5WHwv1qE3PFYp+jLLvJXf7iLZpT3HAddq6QKN023IPsTJGJSA2WLRY02Yiiv6
wbfK7qe1l3zFUQZpcDAbWe0BoP+iKeZ+vntYy9bSLObmbpfVCWV7/BcqLGsER1xW
kEOkhloPofzfDJEYlksW7cG94PW+Fo+BJ12HCNr47pAbPNAfAwQ+tqETeGkO3cMw
vM+k8c8jyGqkLgc6qwAlpvxwxikshge0POe6CRBba3HkXNv63b5YH0M3YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBLODkFwEoq/4DxFiYDWD7cA9qtMB8GA1UdIwQY
MBaAFFi9sb11cnUZ5AC/6Ip1Ej1hhN4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0wyeHZYVnlkUm5rQUxfb2luVVNQV0dFM2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hYWU5ZGItZTBjOS00NzhlLWJiNTgt
MjRkYTU1MWM2OGFiLzEvVUVzNE9RWEFTaXJfZ1BFV0pnTllQdHdEMnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9hYWU5ZGItZTBjOS00NzhlLWJiNTgtMjRkYTU1MWM2OGFi
LzEvV0wyeHZYVnlkUm5rQUxfb2luVVNQV0dFM2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaqIMA0G
CSqGSIb3DQEBCwUAA4IBAQCJy8GZVRQBkY8xFlCY4RJK9NJAdO5KRU0DhFWgBBP5
kPp9HmlNF0odfemzJMKMj1IL2/MJ2uI0CNM4DpWEQ3SxuAvLF4y+mqK5ZnmQNEGd
t+i/zWk7v1qjcgHoqag2QHu3YPSbFKpTgy0FS3gHZwvUw9tTGY1ApBQbcfanZQNx
WWmwoPHhcM47Jg5wK9FC0z2QvsYwnXfiGKvddXNHZi1m5391Ky+28Bj4OWZocBwO
rgevBm+0/YoMlGxcz6Y96Tj6NTl4B6UgVu7lWEnl+ymD1RdgmkUXlc0NT58GKkvF
jJC0PLhMrTyuCZuKv2sgI8dzIhnpd5IwKL+8+aqksiPh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:40 2025 by rpki-client