Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/d5rze5BJChD1y94ihZk8MT2NUXg.roa
File: d5rze5BJChD1y94ihZk8MT2NUXg.roa (raw, json)
Hash identifier: r6tcuj5cQAVHAWHtHyNScYAyDYFsfHI+G+DbT136THw=
Subject key identifier: 77:9A:F3:7B:90:49:0A:10:F5:CB:DE:22:85:99:3C:31:3D:8D:51:78
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018A460B0FB4647C55FA833B3DD6A56B639B
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/d5rze5BJChD1y94ihZk8MT2NUXg.roa
Signing time: Wed 30 Aug 2023 10:44:04 +0000
ROA not before: Wed 30 Aug 2023 10:44:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.109.197.0/24 maxlen: 24
193.109.198.0/24 maxlen: 24
85.237.206.0/24 maxlen: 24
85.237.202.0/24 maxlen: 24
85.237.208.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
85.237.220.0/24 maxlen: 24
85.237.221.0/24 maxlen: 24
85.237.223.0/24 maxlen: 24
185.139.26.0/24 maxlen: 24
85.158.57.0/24 maxlen: 24
85.158.58.0/24 maxlen: 24
185.93.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:0b:0f:b4:64:7c:55:fa:83:3b:3d:d6:a5:6b:63:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Aug 30 10:44:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=779af37b90490a10f5cbde2285993c313d8d5178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:c8:49:a3:8a:be:a4:c7:89:90:0a:e2:88:
96:23:a2:82:33:32:7e:0a:44:07:8f:6e:23:28:1d:
54:33:53:82:ec:88:61:08:27:8c:40:39:93:64:99:
a1:91:45:87:1a:b6:14:5e:37:5f:8a:06:ab:6e:80:
df:33:d3:c3:e4:ef:81:88:7d:6c:3a:37:38:0f:d6:
ee:e3:c9:07:11:61:71:61:87:75:35:fc:2e:a8:d9:
c2:0e:44:19:20:1e:89:61:6d:99:e7:2e:da:70:b6:
f8:15:7d:1f:6d:e4:ab:bb:40:9a:6e:39:a2:02:08:
37:50:c8:f8:ee:5e:4e:8f:bd:7f:98:0c:95:4a:91:
1f:04:6c:22:f0:60:ff:c7:18:c1:20:fd:75:b6:29:
0a:22:f6:00:30:87:3b:b1:50:72:95:b0:55:df:bc:
ad:39:52:5f:c1:5d:df:48:e5:1d:d2:62:78:40:64:
48:cd:1b:6a:cc:b9:99:9f:0f:fd:59:86:04:d0:29:
9f:91:b2:bb:56:44:f6:a0:aa:7e:a4:45:52:63:d9:
61:d8:a4:2b:ae:4f:ca:b7:4e:6e:cc:38:4e:9a:3e:
48:e1:e4:a2:09:15:79:e1:46:f9:df:b5:c4:1e:03:
22:0a:da:cd:0f:f9:31:37:d0:68:b2:3a:3e:95:f3:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9A:F3:7B:90:49:0A:10:F5:CB:DE:22:85:99:3C:31:3D:8D:51:78
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/d5rze5BJChD1y94ihZk8MT2NUXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.58.255
85.237.202.0/24
85.237.206.0/24
85.237.208.0/24
85.237.220.0/23
85.237.223.0/24
185.93.33.0/24
185.139.26.0/24
193.109.197.0-193.109.198.255
Signature Algorithm: sha256WithRSAEncryption
07:56:17:2f:af:da:4d:d9:1c:49:ce:7f:1d:0c:64:be:be:79:
e6:37:27:a4:3c:54:8b:9e:37:8f:f0:34:b5:06:35:6c:ac:15:
29:d3:d7:7d:47:4e:2c:97:a1:12:19:26:cc:d4:2b:1d:ac:78:
b7:31:b9:57:6c:e9:1f:eb:8d:23:fe:d9:92:d0:92:31:06:0b:
da:33:96:41:a5:4c:8b:94:13:ea:bf:4d:4b:3f:d0:54:d0:36:
1d:e1:2a:8b:3a:5f:ba:ab:20:cd:01:89:50:4e:27:66:4b:4b:
45:89:1d:5a:bf:5f:9f:20:52:00:21:4c:87:23:de:ff:bf:c7:
df:72:f3:3c:e2:40:f1:f5:c7:41:22:43:f2:99:e9:83:bd:8a:
2e:0a:bc:b2:46:86:8c:9e:1d:ad:7f:c3:26:04:02:e7:6f:e7:
25:ea:3d:6a:b9:f0:f1:17:d8:65:a5:db:47:55:7a:d1:4a:da:
3f:d1:19:99:6c:cb:07:46:7e:e7:b0:1f:33:31:c2:f2:3b:e8:
a2:62:6d:22:4a:21:34:ab:6b:b0:61:61:dc:de:9f:62:52:0b:
46:ff:68:4c:0e:6a:ea:f9:9f:96:69:49:eb:8a:58:b0:41:e7:
13:d3:63:f0:88:1f:b9:2c:e1:6c:26:65:ae:33:01:54:84:51:
c0:f5:96:3d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYpGCw+0ZHxV+oM7Pdala2ObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMwODMwMTA0NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzlhZjM3YjkwNDkwYTEwZjVjYmRlMjI4NTk5M2MzMTNkOGQ1MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsjISaOKvqTHiZAK4oiWI6KCMzJ+
CkQHj24jKB1UM1OC7IhhCCeMQDmTZJmhkUWHGrYUXjdfigarboDfM9PD5O+BiH1s
Ojc4D9bu48kHEWFxYYd1NfwuqNnCDkQZIB6JYW2Z5y7acLb4FX0fbeSru0Cabjmi
Agg3UMj47l5Oj71/mAyVSpEfBGwi8GD/xxjBIP11tikKIvYAMIc7sVBylbBV37yt
OVJfwV3fSOUd0mJ4QGRIzRtqzLmZnw/9WYYE0CmfkbK7VkT2oKp+pEVSY9lh2KQr
rk/Kt05uzDhOmj5I4eSiCRV54Ub537XEHgMiCtrND/kxN9Bosjo+lfPyaQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHea83uQSQoQ9cveIoWZPDE9jVF4MB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvZDVyemU1QkpDaEQxeTk0aWhaazhNVDJOVVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBABVnjkD
BABVnjoDBABV7coDBABV7c4DBABV7dADBAFV7dwDBABV7d8DBAC5XSEDBAC5ixow
DAMEAMFtxQMEAMFtxjANBgkqhkiG9w0BAQsFAAOCAQEAB1YXL6/aTdkcSc5/HQxk
vr555jcnpDxUi543j/A0tQY1bKwVKdPXfUdOLJehEhkmzNQrHax4tzG5V2zpH+uN
I/7ZktCSMQYL2jOWQaVMi5QT6r9NSz/QVNA2HeEqizpfuqsgzQGJUE4nZktLRYkd
Wr9fnyBSACFMhyPe/7/H33LzPOJA8fXHQSJD8pnpg72KLgq8skaGjJ4drX/DJgQC
52/nJeo9arnw8RfYZaXbR1V60UraP9EZmWzLB0Z+57AfMzHC8jvoomJtIkohNKtr
sGFh3N6fYlILRv9oTA5q6vmflmlJ64pYsEHnE9Nj8IgfuSzhbCZlrjMBVIRRwPWW
PQ==
-----END CERTIFICATE-----
Generated at Fri May 9 02:49:08 2025 by rpki-client