Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/059b97-5912-42a8-9c2a-6c5930ced73d/1/iWc0rDehP0zMPsqwctnsjqqXERk.roa
File: iWc0rDehP0zMPsqwctnsjqqXERk.roa (raw, json)
Hash identifier: h+WpjtrLCHh9nHRz8K1bAEQSRul8JDbimwuaR2af/20=
Subject key identifier: 89:67:34:AC:37:A1:3F:4C:CC:3E:CA:B0:72:D9:EC:8E:AA:97:11:19
Certificate issuer: /CN=62aa933281198fd2d19bc97a0258c001ffc9ed9d
Certificate serial: 018571D7C71645DE5CB7C078B9756DFFDB5C
Authority key identifier: 62:AA:93:32:81:19:8F:D2:D1:9B:C9:7A:02:58:C0:01:FF:C9:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqqTMoEZj9LRm8l6AljAAf_J7Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/059b97-5912-42a8-9c2a-6c5930ced73d/1/iWc0rDehP0zMPsqwctnsjqqXERk.roa
Signing time: Mon 02 Jan 2023 09:37:24 +0000
ROA not before: Mon 02 Jan 2023 09:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136526
IP address blocks: 185.202.103.0/24 maxlen: 24
185.202.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c7:16:45:de:5c:b7:c0:78:b9:75:6d:ff:db:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62aa933281198fd2d19bc97a0258c001ffc9ed9d
Validity
Not Before: Jan 2 09:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=896734ac37a13f4ccc3ecab072d9ec8eaa971119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:45:e1:e6:81:80:40:a8:9f:e6:48:9b:c8:1c:
e4:0a:f3:2e:17:2a:fd:e2:7c:e3:78:c7:86:d4:4a:
82:b4:b0:32:8c:79:ec:45:74:5a:04:eb:ef:60:f3:
92:72:ea:e0:e5:af:cd:d9:ee:a1:5d:7b:0e:44:0d:
24:8c:37:af:b5:61:69:20:0e:3b:3b:05:72:b1:1c:
55:e3:b2:a9:59:20:c1:0b:4f:32:a2:ad:6c:a1:68:
ef:f1:5a:a5:86:1e:69:da:ed:94:f8:83:5e:fe:0e:
0a:8f:2b:4b:50:5c:ca:a4:0a:bb:c1:4b:0e:8f:17:
71:7c:34:ba:83:99:76:b1:d0:2e:95:bb:a0:38:ce:
eb:a0:ad:79:0c:2b:2d:c3:1f:30:04:02:76:62:ec:
c5:9c:c3:18:a3:c7:00:41:b7:9d:b2:24:0e:17:6e:
2a:28:23:55:be:81:08:d4:f5:d4:cf:e0:fd:1b:04:
a2:5a:f8:a7:8b:9e:b4:2d:f3:7d:2c:80:59:3d:fd:
12:f1:76:74:fa:15:29:78:d5:3c:8e:97:24:c6:56:
c6:dc:37:ff:ef:f9:ee:b1:26:6e:19:aa:e4:7e:cc:
cf:b8:31:d4:2b:0e:78:67:c5:59:5f:69:16:9a:35:
03:6e:9b:af:d5:9b:af:35:73:d3:cc:9e:0a:d0:5c:
18:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:67:34:AC:37:A1:3F:4C:CC:3E:CA:B0:72:D9:EC:8E:AA:97:11:19
X509v3 Authority Key Identifier:
keyid:62:AA:93:32:81:19:8F:D2:D1:9B:C9:7A:02:58:C0:01:FF:C9:ED:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqqTMoEZj9LRm8l6AljAAf_J7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/059b97-5912-42a8-9c2a-6c5930ced73d/1/iWc0rDehP0zMPsqwctnsjqqXERk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/059b97-5912-42a8-9c2a-6c5930ced73d/1/YqqTMoEZj9LRm8l6AljAAf_J7Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.102.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:2a:25:fe:5f:56:f1:cc:be:4c:2f:b5:09:a6:b2:e2:04:55:
15:bf:eb:14:f7:7f:c7:5c:e0:05:26:4f:8c:0d:84:7e:43:c0:
13:d0:56:bc:11:d8:53:ec:bc:c3:ea:a0:07:88:f4:f3:e5:bf:
cf:16:e2:87:de:d3:ba:74:78:4d:a6:b7:88:55:42:1c:79:72:
9e:c7:31:fc:91:00:77:22:a8:13:be:82:56:c8:d0:67:52:1c:
7b:d9:66:5d:de:91:58:e5:4e:1a:9d:55:fd:27:c1:c0:97:0b:
e3:1b:6e:8c:ef:e3:5f:c1:1f:ff:c9:80:f9:2e:e4:eb:22:0c:
39:55:62:e7:a1:a0:11:c1:f9:c1:22:cb:9a:1f:c1:97:e2:9d:
c7:95:ce:e2:6e:29:d4:12:1b:44:da:fb:5e:e9:b3:b9:f8:5b:
4d:65:9c:83:e4:2a:e5:81:b9:ed:8a:85:c7:de:b8:eb:a8:f8:
ca:6e:fd:e5:6d:88:50:06:c3:f7:8f:95:27:ca:c8:f3:c2:0c:
4b:09:bd:6b:c1:56:7c:1f:84:c9:eb:39:30:8b:40:ca:0f:b9:
9a:46:9e:8b:d4:25:1f:74:9e:2e:ae:1f:4c:1f:2d:75:78:3e:
3c:3d:c7:c1:ca:8d:49:00:e2:3f:7a:25:bb:01:17:5e:1a:72:
05:a5:66:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx18cWRd5ct8B4uXVt/9tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYWE5MzMyODExOThmZDJkMTliYzk3YTAyNThjMDAxZmZj
OWVkOWQwHhcNMjMwMTAyMDkzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY3MzRhYzM3YTEzZjRjY2MzZWNhYjA3MmQ5ZWM4ZWFhOTcxMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0Xh5oGAQKif5kibyBzkCvMuFyr9
4nzjeMeG1EqCtLAyjHnsRXRaBOvvYPOScurg5a/N2e6hXXsORA0kjDevtWFpIA47
OwVysRxV47KpWSDBC08yoq1soWjv8Vqlhh5p2u2U+INe/g4KjytLUFzKpAq7wUsO
jxdxfDS6g5l2sdAulbugOM7roK15DCstwx8wBAJ2YuzFnMMYo8cAQbedsiQOF24q
KCNVvoEI1PXUz+D9GwSiWvini560LfN9LIBZPf0S8XZ0+hUpeNU8jpckxlbG3Df/
7/nusSZuGarkfszPuDHUKw54Z8VZX2kWmjUDbpuv1ZuvNXPTzJ4K0FwYEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlnNKw3oT9MzD7KsHLZ7I6qlxEZMB8GA1UdIwQY
MBaAFGKqkzKBGY/S0ZvJegJYwAH/ye2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFxVE1vRVpqOUxSbThsNkFsakFBZl9KN1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8wNTliOTctNTkxMi00MmE4LTljMmEt
NmM1OTMwY2VkNzNkLzEvaVdjMHJEZWhQMHpNUHNxd2N0bnNqcXFYRVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8wNTliOTctNTkxMi00MmE4LTljMmEtNmM1OTMwY2VkNzNk
LzEvWXFxVE1vRVpqOUxSbThsNkFsakFBZl9KN1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucpmMA0G
CSqGSIb3DQEBCwUAA4IBAQALKiX+X1bxzL5ML7UJprLiBFUVv+sU93/HXOAFJk+M
DYR+Q8AT0Fa8EdhT7LzD6qAHiPTz5b/PFuKH3tO6dHhNpreIVUIceXKexzH8kQB3
IqgTvoJWyNBnUhx72WZd3pFY5U4anVX9J8HAlwvjG26M7+NfwR//yYD5LuTrIgw5
VWLnoaARwfnBIsuaH8GX4p3Hlc7ibinUEhtE2vte6bO5+FtNZZyD5CrlgbntioXH
3rjrqPjKbv3lbYhQBsP3j5UnysjzwgxLCb1rwVZ8H4TJ6zkwi0DKD7maRp6L1CUf
dJ4urh9MHy11eD48PcfByo1JAOI/eiW7ARdeGnIFpWYj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:09 2025 by rpki-client