Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/b2582f-586b-436a-a6e3-e069ee107add/1/wc2YTTqZu_ZfiRjMD3y02xaUsko.roa
File: wc2YTTqZu_ZfiRjMD3y02xaUsko.roa (raw, json)
Hash identifier: LM/FwSmelKssGweHrskFer212d31QKucqPggfsRe9io=
Subject key identifier: C1:CD:98:4D:3A:99:BB:F6:5F:89:18:CC:0F:7C:B4:DB:16:94:B2:4A
Certificate issuer: /CN=d25a9e2c4ac8bc02bc3ff8925ac13174d2d478c4
Certificate serial: 01942220378FDA4B5FAAAD14765DC350AA5D
Authority key identifier: D2:5A:9E:2C:4A:C8:BC:02:BC:3F:F8:92:5A:C1:31:74:D2:D4:78:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0lqeLErIvAK8P_iSWsExdNLUeMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/b2582f-586b-436a-a6e3-e069ee107add/1/wc2YTTqZu_ZfiRjMD3y02xaUsko.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201736
IP address blocks: 185.67.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:37:8f:da:4b:5f:aa:ad:14:76:5d:c3:50:aa:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25a9e2c4ac8bc02bc3ff8925ac13174d2d478c4
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1cd984d3a99bbf65f8918cc0f7cb4db1694b24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:40:1a:6b:8e:12:5c:06:4a:28:af:ca:34:33:
4f:4e:3b:92:08:2a:64:37:cd:61:c7:43:25:0a:72:
77:ab:24:cd:8e:c1:c9:48:bb:e3:27:0f:f8:5f:55:
4a:e5:63:b2:1a:4f:cd:6a:89:8d:da:67:41:b1:77:
4f:73:14:4b:83:67:38:20:c4:9c:a9:82:51:8e:68:
5f:04:f6:4b:03:b0:dd:14:94:91:54:c4:47:e6:5a:
83:68:d8:dc:8c:e1:0e:cf:16:af:d1:c6:1c:ac:cd:
eb:f0:15:4f:ba:11:46:ba:f0:5b:64:68:0b:0b:8f:
0c:18:cb:c6:da:70:7d:62:09:6f:6f:bc:a1:ed:35:
fa:17:2f:bd:e7:3e:39:aa:bf:ff:05:60:2e:a1:2a:
4f:cb:35:dc:47:92:db:bb:45:58:d2:75:28:24:37:
c9:b7:8b:57:ac:1d:7f:dc:47:f3:86:bc:c0:ee:6f:
c0:b3:32:00:a0:b3:de:1b:8e:bd:28:86:a9:aa:33:
98:bb:33:1d:26:d5:e1:36:22:6b:4c:95:00:06:23:
fd:49:b1:ff:74:20:b1:11:7e:26:19:71:05:40:8a:
4a:1a:87:85:45:94:0e:2f:40:cb:b0:4c:69:2e:3d:
cc:92:fa:ec:de:12:25:61:d6:fe:17:47:d7:c3:ac:
85:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CD:98:4D:3A:99:BB:F6:5F:89:18:CC:0F:7C:B4:DB:16:94:B2:4A
X509v3 Authority Key Identifier:
keyid:D2:5A:9E:2C:4A:C8:BC:02:BC:3F:F8:92:5A:C1:31:74:D2:D4:78:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lqeLErIvAK8P_iSWsExdNLUeMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b2582f-586b-436a-a6e3-e069ee107add/1/wc2YTTqZu_ZfiRjMD3y02xaUsko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b2582f-586b-436a-a6e3-e069ee107add/1/0lqeLErIvAK8P_iSWsExdNLUeMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.228.0/22
Signature Algorithm: sha256WithRSAEncryption
58:c1:91:34:5a:00:4f:42:f2:cb:ef:55:58:0f:fc:5c:20:cd:
72:11:a9:98:99:d1:fa:57:a1:63:47:a5:a3:60:0f:d9:aa:fa:
02:31:09:45:cf:04:4e:1c:77:43:d0:e7:fd:7c:73:bb:de:9f:
35:1d:6c:b4:f5:4a:b6:d4:bd:ce:b8:90:36:74:f3:53:b3:d1:
cf:1a:2e:0a:58:39:ab:ca:f0:4d:fd:bd:80:18:6e:f1:e5:50:
d8:d8:4a:29:e8:18:9b:21:51:49:b1:93:d1:21:5c:b8:05:62:
80:b4:34:01:42:cf:6c:ba:17:6e:31:a4:2e:4a:28:e9:ca:b8:
f7:dd:e1:37:db:f1:36:4e:48:23:05:95:79:f5:18:4d:a0:1d:
68:f5:8d:31:22:9f:56:fb:97:f4:f3:7c:ac:5f:25:cd:7d:ca:
77:1b:24:be:c3:e9:8b:15:20:0d:79:1a:0f:4d:14:a2:9d:fa:
de:73:b3:9e:29:e7:d9:46:85:86:96:d7:f5:dc:c0:c7:04:7a:
5d:63:82:8f:23:7b:76:6b:e0:fb:25:cf:92:b6:58:fc:d2:88:
1f:77:00:90:ad:b2:a3:ea:8c:03:75:cb:d2:ef:1e:60:5e:c6:
1a:24:95:a2:a5:d4:3e:6d:0a:1e:f7:3d:fb:63:1b:22:e7:4a:
d2:1b:16:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDeP2ktfqq0Udl3DUKpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWE5ZTJjNGFjOGJjMDJiYzNmZjg5MjVhYzEzMTc0ZDJk
NDc4YzQwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWNkOTg0ZDNhOTliYmY2NWY4OTE4Y2MwZjdjYjRkYjE2OTRiMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkAaa44SXAZKKK/KNDNPTjuSCCpk
N81hx0MlCnJ3qyTNjsHJSLvjJw/4X1VK5WOyGk/NaomN2mdBsXdPcxRLg2c4IMSc
qYJRjmhfBPZLA7DdFJSRVMRH5lqDaNjcjOEOzxav0cYcrM3r8BVPuhFGuvBbZGgL
C48MGMvG2nB9Yglvb7yh7TX6Fy+95z45qr//BWAuoSpPyzXcR5Lbu0VY0nUoJDfJ
t4tXrB1/3EfzhrzA7m/AszIAoLPeG469KIapqjOYuzMdJtXhNiJrTJUABiP9SbH/
dCCxEX4mGXEFQIpKGoeFRZQOL0DLsExpLj3Mkvrs3hIlYdb+F0fXw6yFJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHNmE06mbv2X4kYzA98tNsWlLJKMB8GA1UdIwQY
MBaAFNJanixKyLwCvD/4klrBMXTS1HjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxxZUxFckl2QUs4UF9pU1dzRXhkTkxVZU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iMjU4MmYtNTg2Yi00MzZhLWE2ZTMt
ZTA2OWVlMTA3YWRkLzEvd2MyWVRUcVp1X1pmaVJqTUQzeTAyeGFVc2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iMjU4MmYtNTg2Yi00MzZhLWE2ZTMtZTA2OWVlMTA3YWRk
LzEvMGxxZUxFckl2QUs4UF9pU1dzRXhkTkxVZU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBYwZE0WgBPQvLL71VYD/xcIM1yEamYmdH6V6FjR6Wj
YA/ZqvoCMQlFzwROHHdD0Of9fHO73p81HWy09Uq21L3OuJA2dPNTs9HPGi4KWDmr
yvBN/b2AGG7x5VDY2Eop6BibIVFJsZPRIVy4BWKAtDQBQs9suhduMaQuSijpyrj3
3eE32/E2TkgjBZV59RhNoB1o9Y0xIp9W+5f083ysXyXNfcp3GyS+w+mLFSANeRoP
TRSinfrec7OeKefZRoWGltf13MDHBHpdY4KPI3t2a+D7Jc+Stlj80ogfdwCQrbKj
6owDdcvS7x5gXsYaJJWipdQ+bQoe9z37Yxsi50rSGxaL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:50 2025 by rpki-client