Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/EDWWhSGVqvMs0l5mid3G-sz32xw.roa
File: EDWWhSGVqvMs0l5mid3G-sz32xw.roa (raw, json)
Hash identifier: dpfqopfHg6dmaLaU86eh8RyMF4smpRodGn5d9iTyNHE=
Subject key identifier: 10:35:96:85:21:95:AA:F3:2C:D2:5E:66:89:DD:C6:FA:CC:F7:DB:1C
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 018CC9BCB193C06FED6F08BDF3ECFA5FD7C8
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/EDWWhSGVqvMs0l5mid3G-sz32xw.roa
Signing time: Tue 02 Jan 2024 10:33:55 +0000
ROA not before: Tue 02 Jan 2024 10:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 85.158.133.0/24 maxlen: 24
85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.128.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.130.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b1:93:c0:6f:ed:6f:08:bd:f3:ec:fa:5f:d7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 2 10:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=103596852195aaf32cd25e6689ddc6faccf7db1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:77:57:8e:ab:bc:c6:6f:bb:af:3a:8b:14:
46:0e:b1:12:65:10:ec:08:68:f6:cc:41:44:d9:b0:
3d:06:8c:a8:1a:8b:cf:2a:84:d9:ba:34:90:56:e2:
1b:09:f1:f6:df:df:9d:98:fc:2e:9c:44:2f:80:ff:
b2:9c:84:02:5e:13:8c:d9:af:97:d1:3c:78:77:d3:
3b:fc:38:a5:57:70:57:82:96:1b:e8:f4:6e:bd:1f:
1b:15:82:d6:db:72:ca:f0:8b:6b:ca:33:2c:04:13:
d0:63:f9:9d:b3:4e:88:61:4f:20:d5:c6:4c:24:f4:
44:2f:38:1e:7a:3d:d7:27:3f:69:e4:b6:87:b0:fa:
93:8c:95:85:94:eb:f9:d1:6b:5e:1f:90:40:12:d2:
1d:62:0c:b7:f8:9a:72:ef:11:22:64:83:1d:10:76:
8f:03:64:d7:fd:e7:fa:15:0d:1c:d5:5d:1e:d7:e0:
7a:af:3b:c5:53:32:c2:bb:88:4a:0a:29:8e:c6:58:
c8:43:0a:a4:83:99:52:01:b7:c9:86:5a:45:9d:0d:
1b:28:40:3f:05:ef:6f:e8:b2:e2:03:6e:6b:da:c5:
20:3c:b3:de:e4:30:35:a5:27:67:85:5d:93:91:4e:
e4:e0:04:7d:ca:57:80:17:c4:cb:a8:93:db:0b:bf:
fa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:35:96:85:21:95:AA:F3:2C:D2:5E:66:89:DD:C6:FA:CC:F7:DB:1C
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/EDWWhSGVqvMs0l5mid3G-sz32xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:bd:15:48:fc:41:56:b4:b1:53:f6:94:d5:1b:04:71:f3:b5:
f9:a9:ff:47:3e:9b:5c:d7:ef:e0:fe:5e:aa:00:00:c8:aa:28:
a4:e9:83:28:b6:fb:55:e7:e1:60:ad:29:e8:56:13:0f:56:bc:
f7:a2:05:75:98:09:35:d3:b0:37:7d:eb:49:5d:74:3a:43:ef:
7c:4c:e4:cc:fc:4c:c1:cc:d4:59:e6:e8:28:7b:7f:8e:0d:66:
34:dc:61:82:3a:d7:34:e8:dc:0f:e9:6c:e2:cf:9b:68:95:22:
bd:18:d3:5e:ea:46:b4:2a:97:97:5a:f8:97:23:b3:94:56:5a:
4d:38:b1:33:74:f3:29:d3:08:31:c0:9f:79:12:9b:cf:87:2d:
4b:ec:2a:66:52:38:0b:7c:94:0c:85:f1:01:86:11:fd:76:2b:
d9:3f:3a:8f:7c:70:4b:a4:62:93:8c:e9:90:e3:ab:43:ab:f8:
84:51:62:b2:a3:85:a7:dd:b6:de:f9:c3:2e:4c:64:67:8d:3b:
f7:8b:6c:b1:2a:7d:03:9f:9f:64:b1:c8:d3:63:f1:1d:96:5c:
91:66:20:0b:14:f4:83:90:5e:04:8c:f5:6b:d6:d2:47:2e:cb:
e8:f8:4c:a7:02:22:72:04:30:0f:b2:34:42:ff:e8:2e:bc:9b:
b2:c9:b2:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLGTwG/tbwi98+z6X9fIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM1OTY4NTIxOTVhYWYzMmNkMjVlNjY4OWRkYzZmYWNjZjdkYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFR3V46rvMZvu686ixRGDrESZRDs
CGj2zEFE2bA9BoyoGovPKoTZujSQVuIbCfH239+dmPwunEQvgP+ynIQCXhOM2a+X
0Tx4d9M7/DilV3BXgpYb6PRuvR8bFYLW23LK8ItryjMsBBPQY/mds06IYU8g1cZM
JPRELzgeej3XJz9p5LaHsPqTjJWFlOv50WteH5BAEtIdYgy3+Jpy7xEiZIMdEHaP
A2TX/ef6FQ0c1V0e1+B6rzvFUzLCu4hKCimOxljIQwqkg5lSAbfJhlpFnQ0bKEA/
Be9v6LLiA25r2sUgPLPe5DA1pSdnhV2TkU7k4AR9yleAF8TLqJPbC7/6DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBA1loUhlarzLNJeZondxvrM99scMB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvRURXV2hTR1Zxdk1zMGw1bWlkM0ctc3ozMnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0G
CSqGSIb3DQEBCwUAA4IBAQB8vRVI/EFWtLFT9pTVGwRx87X5qf9HPptc1+/g/l6q
AADIqiik6YMotvtV5+FgrSnoVhMPVrz3ogV1mAk107A3fetJXXQ6Q+98TOTM/EzB
zNRZ5ugoe3+ODWY03GGCOtc06NwP6Wziz5tolSK9GNNe6ka0KpeXWviXI7OUVlpN
OLEzdPMp0wgxwJ95EpvPhy1L7CpmUjgLfJQMhfEBhhH9divZPzqPfHBLpGKTjOmQ
46tDq/iEUWKyo4Wn3bbe+cMuTGRnjTv3i2yxKn0Dn59kscjTY/EdllyRZiALFPSD
kF4EjPVr1tJHLsvo+EynAiJyBDAPsjRC/+guvJuyybJV
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:27 2024 by rpki-client on console.sobornost.net