Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/3IchiwK10SU5kMsOdEbnpgAZOOg.roa
File: 3IchiwK10SU5kMsOdEbnpgAZOOg.roa (raw, json)
Hash identifier: ZxQCHiGFCx91ytAFVYLRG+lc3YlvFtDFT2q7uutx2sU=
Subject key identifier: DC:87:21:8B:02:B5:D1:25:39:90:CB:0E:74:46:E7:A6:00:19:38:E8
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018570B05DE47FDEBF58C6289B66B6CF0382
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/3IchiwK10SU5kMsOdEbnpgAZOOg.roa
Signing time: Mon 02 Jan 2023 04:14:44 +0000
ROA not before: Mon 02 Jan 2023 04:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.203.148.0/22 maxlen: 22
185.162.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:5d:e4:7f:de:bf:58:c6:28:9b:66:b6:cf:03:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Jan 2 04:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc87218b02b5d1253990cb0e7446e7a6001938e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:53:51:4f:5e:78:74:2e:28:8b:a1:7d:a1:11:
c9:f9:ff:ec:fd:48:39:17:1f:37:25:94:dd:73:65:
1c:c1:63:2e:0c:f8:57:90:bb:96:9a:8a:b4:90:c0:
2f:e1:2c:bb:68:b0:88:17:bd:38:07:3b:72:bd:dd:
b8:fe:7a:e2:9c:3a:c8:88:de:c6:c6:96:77:00:52:
83:ea:b3:ff:c3:49:d5:47:fc:d1:fd:7c:e9:3f:71:
69:61:12:84:4c:91:f4:f1:f6:ed:a4:6f:ad:90:3f:
ab:a9:34:3d:58:e2:a2:f6:f1:6a:a0:d4:6a:19:4d:
9f:d1:78:03:32:29:df:31:9c:29:29:91:f2:cb:48:
87:6d:3c:fb:a3:e2:92:b1:4f:6f:9f:76:88:6d:54:
6e:e8:5c:88:0e:4c:ac:05:89:a3:80:07:89:6b:9c:
4b:f7:05:55:6a:6d:47:f9:c2:fc:d7:a0:66:e6:74:
2d:16:82:e0:84:40:75:7d:1a:d1:a2:dd:ad:b6:b1:
e9:fe:67:a8:a2:d0:c8:9a:c2:9b:76:b2:ca:23:01:
51:a5:12:a2:6d:75:f7:c5:81:c2:e4:56:b3:36:a9:
a9:8f:ed:5c:8a:d9:16:5c:db:f7:8f:86:b7:c8:9e:
d9:bd:ba:79:b5:7b:ab:38:c3:47:62:8c:25:d7:56:
cd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:87:21:8B:02:B5:D1:25:39:90:CB:0E:74:46:E7:A6:00:19:38:E8
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/3IchiwK10SU5kMsOdEbnpgAZOOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.72.0/23
185.203.148.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:61:46:73:52:d3:e0:be:3f:31:42:73:f2:a3:88:59:4c:7c:
7c:38:91:44:cd:ad:f5:27:aa:80:58:aa:c5:a3:e1:04:26:cb:
3e:20:fd:ac:85:f6:af:48:2d:15:68:ff:fe:67:95:51:4b:37:
a5:e8:9d:be:9f:69:e6:66:f3:11:5b:da:ec:b2:7d:4e:c2:79:
d4:7f:fc:e3:df:8c:b1:52:73:08:d4:24:d8:ab:97:a1:56:67:
05:f0:fe:d5:24:84:06:70:86:a7:2b:14:05:bf:31:89:dd:c0:
c3:f6:84:52:b0:17:5d:18:30:5c:29:46:cf:1d:d3:a9:2f:47:
e0:59:ea:17:44:32:1b:eb:7a:bd:aa:d8:b7:bc:eb:77:9d:f8:
71:f6:aa:ff:ef:98:27:a2:da:cd:09:f1:97:17:a4:3c:ec:8c:
82:70:8f:b0:29:f7:a7:42:02:9e:28:a6:bf:3b:f9:1b:ed:fa:
e1:c6:06:18:bf:6e:2d:47:7b:d6:ed:4d:f2:ca:6a:cb:54:8c:
c0:e6:a6:0b:1c:89:5d:15:a2:ec:fc:a4:1f:62:e7:84:c7:28:
1a:3f:88:f1:68:ba:5b:96:c2:98:a9:65:52:0c:a7:c7:61:0e:
9a:9e:b4:8f:56:d3:c3:6e:1f:56:7d:88:dd:a1:20:69:ac:8c:
9d:7d:10:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsF3kf96/WMYom2a2zwOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwMTAyMDQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg3MjE4YjAyYjVkMTI1Mzk5MGNiMGU3NDQ2ZTdhNjAwMTkzOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31NRT154dC4oi6F9oRHJ+f/s/Ug5
Fx83JZTdc2UcwWMuDPhXkLuWmoq0kMAv4Sy7aLCIF704Bztyvd24/nrinDrIiN7G
xpZ3AFKD6rP/w0nVR/zR/XzpP3FpYRKETJH08fbtpG+tkD+rqTQ9WOKi9vFqoNRq
GU2f0XgDMinfMZwpKZHyy0iHbTz7o+KSsU9vn3aIbVRu6FyIDkysBYmjgAeJa5xL
9wVVam1H+cL816Bm5nQtFoLghEB1fRrRot2ttrHp/meootDImsKbdrLKIwFRpRKi
bXX3xYHC5FazNqmpj+1citkWXNv3j4a3yJ7Zvbp5tXurOMNHYowl11bNMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNyHIYsCtdElOZDLDnRG56YAGTjoMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvM0ljaGl3SzEwU1U1a01zT2RFYm5wZ0FaT09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaJIAwQC
ucuUMA0GCSqGSIb3DQEBCwUAA4IBAQCkYUZzUtPgvj8xQnPyo4hZTHx8OJFEza31
J6qAWKrFo+EEJss+IP2shfavSC0VaP/+Z5VRSzel6J2+n2nmZvMRW9rssn1OwnnU
f/zj34yxUnMI1CTYq5ehVmcF8P7VJIQGcIanKxQFvzGJ3cDD9oRSsBddGDBcKUbP
HdOpL0fgWeoXRDIb63q9qti3vOt3nfhx9qr/75gnotrNCfGXF6Q87IyCcI+wKfen
QgKeKKa/O/kb7frhxgYYv24tR3vW7U3yymrLVIzA5qYLHIldFaLs/KQfYueExyga
P4jxaLpblsKYqWVSDKfHYQ6anrSPVtPDbh9WfYjdoSBprIydfRCg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:20 2025 by rpki-client