Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Y2PujBAo2Ko5kzdXvs0u7HqT2Pk.roa
File: Y2PujBAo2Ko5kzdXvs0u7HqT2Pk.roa (raw, json)
Hash identifier: IDQqfsRhDs16qjE0wXoAAg3bnqdJ2feikqda4jOdIkU=
Subject key identifier: 63:63:EE:8C:10:28:D8:AA:39:93:37:57:BE:CD:2E:EC:7A:93:D8:F9
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 018CC725A4F5AF7604687FC382D0FA1A73D0
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Y2PujBAo2Ko5kzdXvs0u7HqT2Pk.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4224
IP address blocks: 185.220.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a4:f5:af:76:04:68:7f:c3:82:d0:fa:1a:73:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6363ee8c1028d8aa39933757becd2eec7a93d8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1d:e3:e1:a5:31:60:fc:ca:10:eb:88:81:64:
8c:aa:9c:12:9a:7a:fd:e3:9e:ab:f9:35:03:26:50:
53:9f:ab:f6:2b:71:1d:c3:7b:92:ff:f8:01:1d:ed:
a0:81:79:7a:00:aa:40:75:c5:cc:40:0d:e3:0f:e8:
6d:73:e6:d5:0e:6c:fd:7e:f8:04:66:d1:17:44:b8:
4b:30:56:b0:3a:63:cc:a9:bd:ed:c7:73:3a:f1:ed:
1f:6c:3e:c6:1e:88:8f:e5:5a:0f:9c:ca:6c:f4:dc:
7a:43:b1:11:74:75:f8:3f:4a:d0:6c:c6:52:71:60:
91:cb:0e:67:d5:5b:e3:47:3b:01:5b:5d:e5:02:63:
0a:91:28:27:0a:40:6d:69:86:48:7c:61:43:61:4d:
58:dc:49:f3:cf:3c:af:2b:b3:32:b8:a8:95:33:c7:
2a:76:15:af:4b:b8:c4:18:41:6f:dd:05:ef:0f:54:
f9:4d:91:fd:b4:01:11:4c:dc:04:c6:2b:b7:88:82:
c6:d7:0a:f6:a8:3f:46:4a:40:d5:83:3e:a2:83:86:
fd:0c:ce:a8:d8:13:ae:a9:fa:36:ca:5b:c5:10:b9:
55:91:e4:bf:2f:3d:3e:a5:0a:e2:64:b7:4f:36:bb:
cf:a8:31:87:e4:b3:1e:82:d9:b4:77:37:9e:2b:ee:
e3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:63:EE:8C:10:28:D8:AA:39:93:37:57:BE:CD:2E:EC:7A:93:D8:F9
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Y2PujBAo2Ko5kzdXvs0u7HqT2Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.103.0/24
Signature Algorithm: sha256WithRSAEncryption
83:fe:9b:5c:61:6d:e1:12:3f:5b:b9:aa:71:c7:1c:a2:0a:33:
7e:ec:a8:5f:e7:5d:e7:50:8a:d1:d1:40:cc:76:ce:9b:ce:4c:
b6:e0:67:e4:ac:50:c7:39:f1:3a:7b:91:6c:ba:24:ef:b2:39:
8a:3d:34:d7:cb:37:ca:11:6f:d8:76:3a:9b:fe:93:dc:c4:c7:
98:8a:da:2b:55:e0:b7:1f:88:08:9a:78:0f:47:da:e1:e9:0b:
20:e3:35:51:1a:8b:e6:07:24:47:f8:83:73:c3:14:d5:11:b4:
45:11:7e:c6:ea:07:de:d5:a5:98:f6:c1:0b:34:08:c2:70:b8:
e5:f3:79:03:7f:09:7b:c8:92:dc:ef:a0:77:a7:bb:ad:f6:92:
cd:89:9d:7a:ec:7f:cf:a5:d1:61:9b:39:4a:a3:16:b7:f6:40:
a3:98:65:4c:8c:5f:e5:59:8b:e2:98:8f:6c:8c:42:22:f5:c4:
6e:1d:8f:bc:87:ed:7a:0a:f7:d6:be:21:c9:25:89:ba:04:03:
9b:aa:a7:24:c8:41:6d:2b:ec:14:de:6b:8d:e3:70:9b:c6:a2:
6d:44:f0:03:63:aa:f4:0e:11:2a:d5:f1:e0:e2:57:b5:8a:b5:
d8:e1:b9:9f:b5:5a:73:f0:3c:c0:49:4e:d6:01:d8:39:f4:67:
b1:93:14:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJaT1r3YEaH/DgtD6GnPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzYzZWU4YzEwMjhkOGFhMzk5MzM3NTdiZWNkMmVlYzdhOTNkOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7x3j4aUxYPzKEOuIgWSMqpwSmnr9
456r+TUDJlBTn6v2K3Edw3uS//gBHe2ggXl6AKpAdcXMQA3jD+htc+bVDmz9fvgE
ZtEXRLhLMFawOmPMqb3tx3M68e0fbD7GHoiP5VoPnMps9Nx6Q7ERdHX4P0rQbMZS
cWCRyw5n1VvjRzsBW13lAmMKkSgnCkBtaYZIfGFDYU1Y3EnzzzyvK7MyuKiVM8cq
dhWvS7jEGEFv3QXvD1T5TZH9tAERTNwExiu3iILG1wr2qD9GSkDVgz6ig4b9DM6o
2BOuqfo2ylvFELlVkeS/Lz0+pQriZLdPNrvPqDGH5LMegtm0dzeeK+7j6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNj7owQKNiqOZM3V77NLux6k9j5MB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEvWTJQdWpCQW8yS281a3pkWHZzMHU3SHFUMlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudxnMA0G
CSqGSIb3DQEBCwUAA4IBAQCD/ptcYW3hEj9buapxxxyiCjN+7Khf513nUIrR0UDM
ds6bzky24GfkrFDHOfE6e5FsuiTvsjmKPTTXyzfKEW/Ydjqb/pPcxMeYitorVeC3
H4gImngPR9rh6Qsg4zVRGovmByRH+INzwxTVEbRFEX7G6gfe1aWY9sELNAjCcLjl
83kDfwl7yJLc76B3p7ut9pLNiZ167H/PpdFhmzlKoxa39kCjmGVMjF/lWYvimI9s
jEIi9cRuHY+8h+16CvfWviHJJYm6BAObqqckyEFtK+wU3muN43CbxqJtRPADY6r0
DhEq1fHg4le1irXY4bmftVpz8DzASU7WAdg59GexkxR8
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:53 2025 by rpki-client