Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/zrZvOAJ_5F_ks9e4Y72ZkmNIqvA.roa
File: zrZvOAJ_5F_ks9e4Y72ZkmNIqvA.roa (raw, json)
Hash identifier: HcE7/w4dn+1LplqM2UAPiIB1PgPzfqfbARulIeaG4GE=
Subject key identifier: CE:B6:6F:38:02:7F:E4:5F:E4:B3:D7:B8:63:BD:99:92:63:48:AA:F0
Certificate issuer: /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial: 018B8D8614979D8997BB1CD94E336889C0F8
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/zrZvOAJ_5F_ks9e4Y72ZkmNIqvA.roa
Signing time: Thu 02 Nov 2023 00:54:16 +0000
ROA not before: Thu 02 Nov 2023 00:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 85.158.58.0/24 maxlen: 24
85.237.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8d:86:14:97:9d:89:97:bb:1c:d9:4e:33:68:89:c0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Validity
Not Before: Nov 2 00:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceb66f38027fe45fe4b3d7b863bd99926348aaf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:6b:ed:eb:b1:0b:2a:ae:bf:41:fa:3d:3c:
50:25:8d:47:db:18:46:67:15:54:a7:7d:e5:fb:ef:
3d:10:c1:46:2a:44:fa:eb:2b:ed:4b:2f:09:2e:8e:
38:69:1d:2f:20:4d:df:b0:07:fb:0b:9e:45:18:e0:
67:41:2a:de:4f:20:ab:25:2f:d5:f2:ba:7f:84:94:
81:7e:b1:73:96:53:4f:a2:11:a7:79:2f:6a:f7:15:
29:b4:25:3a:67:21:c0:d3:81:76:15:d3:82:b0:d0:
0b:64:c5:1f:42:f0:04:ee:5d:a5:cb:51:3b:50:8c:
b4:2b:ca:66:0e:49:81:c9:cf:89:ae:d5:38:33:3b:
74:75:50:dc:21:2a:ba:6e:a0:5f:eb:0d:87:e8:87:
14:f1:29:1a:dd:de:67:20:98:06:db:d5:fc:18:38:
e6:c5:05:34:f9:10:45:27:75:33:5e:b6:1a:2a:a2:
ef:b0:5e:3d:73:35:ec:0e:0c:6c:0f:12:37:3f:33:
0b:24:6d:10:84:7b:68:ff:a6:4a:2b:15:bd:e1:25:
a2:08:24:5b:18:c4:1e:14:78:6a:b4:1c:8b:91:f1:
81:5c:6a:59:f5:be:6f:35:a8:17:9f:be:55:17:55:
0b:49:85:26:62:d2:62:c1:38:3c:41:12:e6:91:8f:
77:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B6:6F:38:02:7F:E4:5F:E4:B3:D7:B8:63:BD:99:92:63:48:AA:F0
X509v3 Authority Key Identifier:
keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/zrZvOAJ_5F_ks9e4Y72ZkmNIqvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/24
85.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
99:bb:3c:59:d1:27:3e:55:f8:86:d6:5a:1d:b2:d9:93:fa:7c:
5e:71:26:b8:85:1a:cb:1e:03:0d:8d:3f:14:29:95:5c:7b:45:
39:4f:0e:d3:88:9f:d1:88:ca:3c:5b:01:f5:d3:e2:e2:9e:06:
81:4e:94:1b:35:13:d6:14:eb:4b:a3:12:92:06:f5:77:f4:34:
72:b6:9f:97:d3:3d:be:3d:e2:59:8b:fe:de:18:0c:eb:7e:c9:
7e:0b:d5:87:d1:28:2b:88:da:a8:8a:9a:85:24:54:0a:23:3c:
c8:f7:3c:5b:58:a1:b0:c1:2b:08:db:a8:59:d9:62:2f:24:15:
9c:d0:12:37:d4:4e:69:4b:9c:0a:a4:3d:5f:fb:96:e1:0d:93:
63:5a:e1:c4:2f:97:d6:28:be:37:e6:78:a9:71:02:b9:12:58:
e6:1e:92:a4:8e:72:49:15:bd:61:c1:c8:83:30:b3:f9:c9:5b:
35:b8:ae:a4:53:73:60:dc:77:f9:e0:e4:61:d2:32:16:5e:2a:
28:5b:fc:3e:af:96:96:5e:6f:9d:fc:6c:cd:b6:4c:9b:62:74:
71:b0:cb:e9:bb:46:fb:9a:18:4d:b9:96:db:41:e2:77:af:6b:
49:82:72:48:be:b8:25:21:59:b9:d9:e1:59:5b:d6:98:da:8f:
b0:8b:ec:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuNhhSXnYmXuxzZTjNoicD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmY3ZjNhZDUzZjI5YTNjNDNmMGFkODIwMTdhMDUzNjhj
MDEwNGEwHhcNMjMxMTAyMDA1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI2NmYzODAyN2ZlNDVmZTRiM2Q3Yjg2M2JkOTk5MjYzNDhhYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApThr7euxCyquv0H6PTxQJY1H2xhG
ZxVUp33l++89EMFGKkT66yvtSy8JLo44aR0vIE3fsAf7C55FGOBnQSreTyCrJS/V
8rp/hJSBfrFzllNPohGneS9q9xUptCU6ZyHA04F2FdOCsNALZMUfQvAE7l2ly1E7
UIy0K8pmDkmByc+JrtU4Mzt0dVDcISq6bqBf6w2H6IcU8Ska3d5nIJgG29X8GDjm
xQU0+RBFJ3UzXrYaKqLvsF49czXsDgxsDxI3PzMLJG0QhHto/6ZKKxW94SWiCCRb
GMQeFHhqtByLkfGBXGpZ9b5vNagXn75VF1ULSYUmYtJiwTg8QRLmkY93dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM62bzgCf+Rf5LPXuGO9mZJjSKrwMB8GA1UdIwQY
MBaAFFi/fzrVPymjxD8K2CAXoFNowBBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUt
OGIzZDUyN2M0OWU0LzEvenJadk9BSl81Rl9rczllNFk3MlprbU5JcXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zNjRiOTQtNmNhNC00ZjlhLTg4YTUtOGIzZDUyN2M0OWU0
LzEvV0w5X090VV9LYVBFUHdyWUlCZWdVMmpBRUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ46AwQA
Ve3RMA0GCSqGSIb3DQEBCwUAA4IBAQCZuzxZ0Sc+VfiG1lodstmT+nxecSa4hRrL
HgMNjT8UKZVce0U5Tw7TiJ/RiMo8WwH10+LingaBTpQbNRPWFOtLoxKSBvV39DRy
tp+X0z2+PeJZi/7eGAzrfsl+C9WH0SgriNqoipqFJFQKIzzI9zxbWKGwwSsI26hZ
2WIvJBWc0BI31E5pS5wKpD1f+5bhDZNjWuHEL5fWKL435nipcQK5EljmHpKkjnJJ
Fb1hwciDMLP5yVs1uK6kU3Ng3Hf54ORh0jIWXiooW/w+r5aWXm+d/GzNtkybYnRx
sMvpu0b7mhhNuZbbQeJ3r2tJgnJIvrglIVm52eFZW9aY2o+wi+xQ
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:10:09 2025 by rpki-client