Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/kY1HdKWxjpBg0schoa0H9VuKZc4.roa
File: kY1HdKWxjpBg0schoa0H9VuKZc4.roa (raw, json)
Hash identifier: czac70Z6ge3O7DvS+FtBIVHOubrf0DErhrhpcsSmi1M=
Subject key identifier: 91:8D:47:74:A5:B1:8E:90:60:D2:C7:21:A1:AD:07:F5:5B:8A:65:CE
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B6EC8336570FF4E21AC4939A96BDDCC9E
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/kY1HdKWxjpBg0schoa0H9VuKZc4.roa
Signing time: Fri 27 Oct 2023 01:38:15 +0000
ROA not before: Fri 27 Oct 2023 01:38:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.158.57.0/24 maxlen: 24
85.158.58.0/23 maxlen: 23
85.158.58.0/24 maxlen: 24
85.237.211.0/24 maxlen: 24
85.237.208.0/23 maxlen: 23
85.237.209.0/24 maxlen: 24
85.237.220.0/23 maxlen: 23
185.93.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6e:c8:33:65:70:ff:4e:21:ac:49:39:a9:6b:dd:cc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Oct 27 01:38:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=918d4774a5b18e9060d2c721a1ad07f55b8a65ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:55:ad:8c:3b:97:6a:b7:95:6a:0a:7d:4e:
70:31:64:c9:ce:12:3c:e6:fc:80:69:b6:49:a7:af:
d8:ca:c1:2f:05:e2:05:2e:94:82:fc:50:2d:90:d2:
82:e3:0e:76:3c:6c:39:e2:c5:0a:8c:3b:0a:61:91:
4c:52:68:ad:cd:a6:f8:4c:03:e9:00:b1:2d:24:10:
58:71:1f:6f:f6:5f:42:78:c0:e0:c5:9f:2f:3f:d9:
44:08:25:90:8c:ea:f2:db:ee:a5:a1:48:c7:c1:a4:
00:93:3f:1e:59:ee:d1:fe:7f:1b:b1:36:1d:14:3d:
86:61:5b:4f:25:f5:da:8f:01:ed:1a:0d:9d:eb:d7:
9a:05:87:a7:5a:97:fd:df:20:b9:4b:cf:65:e2:0c:
a3:cd:fe:f9:1b:95:58:3d:5a:ce:f5:7f:df:4d:b2:
3a:8c:f2:97:68:59:40:2e:18:22:d7:55:1d:1b:55:
91:89:6e:83:4d:57:3b:2c:42:1d:0c:8e:c1:b3:1a:
cd:50:37:1f:3a:63:39:8b:11:75:d3:12:5e:11:f5:
a8:b1:c5:a2:20:7b:73:6f:91:0d:7d:8c:48:4a:23:
88:2e:cf:1c:e6:ee:85:e5:36:dd:49:ac:07:75:57:
29:6a:2c:25:f7:cb:55:5d:93:e0:bf:aa:e8:84:72:
06:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8D:47:74:A5:B1:8E:90:60:D2:C7:21:A1:AD:07:F5:5B:8A:65:CE
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/kY1HdKWxjpBg0schoa0H9VuKZc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0-85.158.59.255
85.237.208.0/23
85.237.211.0/24
85.237.220.0/23
185.93.32.0/24
Signature Algorithm: sha256WithRSAEncryption
27:18:4a:80:d3:26:f7:f6:45:ae:a0:a8:df:13:2e:b1:1c:13:
f2:65:53:5d:40:e5:f1:4c:2d:7a:07:37:17:4e:79:77:cc:3f:
03:c0:2a:6e:a0:f5:f5:4b:f7:49:28:ad:c0:ae:60:1f:51:c1:
4f:bd:cc:0b:b1:d5:f0:9a:52:2c:6c:39:97:c5:92:2e:82:37:
3c:d5:e2:9c:61:ec:7a:63:23:96:ee:3b:35:dd:5d:c1:dd:49:
bc:85:a1:c5:ed:08:f0:bb:7a:ad:69:74:0d:88:5a:7f:2a:59:
fc:36:d9:d7:b8:e1:0e:a2:7e:c2:fc:7f:fe:6d:6a:f8:f8:1c:
d9:a9:db:34:7b:f8:58:49:b1:e7:2b:0f:45:14:73:a2:45:1d:
a2:c0:28:50:0e:18:ba:f5:78:f2:28:13:e4:49:63:ce:1c:08:
ad:8d:3d:30:07:4b:7f:70:a6:54:4f:bb:9f:70:d2:d9:3c:63:
05:8a:56:02:0e:9c:6d:35:ad:c6:26:ac:e0:fc:d4:91:3e:47:
b1:7e:80:17:86:d3:ce:68:3c:65:d0:eb:0e:50:64:f6:e3:7c:
58:ff:6a:9d:d0:d3:93:30:c3:ba:5a:8b:bc:3c:70:4d:38:db:
fe:f4:f3:0a:5a:a5:3c:64:e9:36:9a:5f:48:f9:7b:d9:8c:03:
95:fa:85:c6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYtuyDNlcP9OIaxJOalr3cyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMDI3MDEzODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThkNDc3NGE1YjE4ZTkwNjBkMmM3MjFhMWFkMDdmNTViOGE2NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2xVrYw7l2q3lWoKfU5wMWTJzhI8
5vyAabZJp6/YysEvBeIFLpSC/FAtkNKC4w52PGw54sUKjDsKYZFMUmitzab4TAPp
ALEtJBBYcR9v9l9CeMDgxZ8vP9lECCWQjOry2+6loUjHwaQAkz8eWe7R/n8bsTYd
FD2GYVtPJfXajwHtGg2d69eaBYenWpf93yC5S89l4gyjzf75G5VYPVrO9X/fTbI6
jPKXaFlALhgi11UdG1WRiW6DTVc7LEIdDI7BsxrNUDcfOmM5ixF10xJeEfWoscWi
IHtzb5ENfYxISiOILs8c5u6F5TbdSawHdVcpaiwl98tVXZPgv6rohHIGawIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJGNR3SlsY6QYNLHIaGtB/VbimXOMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEva1kxSGRLV3hqcEJnMHNjaG9hMEg5VnVLWmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABVnjkD
BAJVnjgDBAFV7dADBABV7dMDBAFV7dwDBAC5XSAwDQYJKoZIhvcNAQELBQADggEB
ACcYSoDTJvf2Ra6gqN8TLrEcE/JlU11A5fFMLXoHNxdOeXfMPwPAKm6g9fVL90ko
rcCuYB9RwU+9zAux1fCaUixsOZfFki6CNzzV4pxh7HpjI5buOzXdXcHdSbyFocXt
CPC7eq1pdA2IWn8qWfw22de44Q6ifsL8f/5tavj4HNmp2zR7+FhJsecrD0UUc6JF
HaLAKFAOGLr1ePIoE+RJY84cCK2NPTAHS39wplRPu59w0tk8YwWKVgIOnG01rcYm
rOD81JE+R7F+gBeG085oPGXQ6w5QZPbjfFj/ap3Q05Mww7pai7w8cE042/708wpa
pTxk6TaaX0j5e9mMA5X6hcY=
-----END CERTIFICATE-----
Generated at Thu May 8 14:44:56 2025 by rpki-client