Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/0HwAj5gcetZnncqmTCiFidUdLCY.roa
File: 0HwAj5gcetZnncqmTCiFidUdLCY.roa (raw, json)
Hash identifier: xNIjX9ro3atVU4mDgcRT2KsnRt4X0yLxCyB/zfyFgNg=
Subject key identifier: D0:7C:00:8F:98:1C:7A:D6:67:9D:CA:A6:4C:28:85:89:D5:1D:2C:26
Certificate issuer: /CN=a2bf6de589801fee3c21dadb7e480fc5c58fce8f
Certificate serial: 01857343A79DF454039B75AB567C8F61329A
Authority key identifier: A2:BF:6D:E5:89:80:1F:EE:3C:21:DA:DB:7E:48:0F:C5:C5:8F:CE:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/or9t5YmAH-48IdrbfkgPxcWPzo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/0HwAj5gcetZnncqmTCiFidUdLCY.roa
Signing time: Mon 02 Jan 2023 16:14:51 +0000
ROA not before: Mon 02 Jan 2023 16:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.202.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:a7:9d:f4:54:03:9b:75:ab:56:7c:8f:61:32:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2bf6de589801fee3c21dadb7e480fc5c58fce8f
Validity
Not Before: Jan 2 16:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d07c008f981c7ad6679dcaa64c288589d51d2c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f7:d7:8f:64:a9:8b:3f:09:95:65:14:92:33:
6b:f0:7b:54:0e:bd:2a:41:44:43:d8:f6:b7:a7:8a:
55:c8:47:1c:2e:b7:95:74:c7:79:32:21:af:bc:96:
3d:db:a3:31:03:3f:5e:3c:9c:99:9d:5e:ea:de:35:
66:bb:f4:32:e9:5c:38:8e:f3:00:76:44:b7:6b:9b:
cb:20:29:14:ac:21:af:f4:99:c3:12:41:d2:c3:af:
42:73:6a:8d:67:60:d7:2d:84:bf:c5:4a:a0:51:f2:
22:c3:21:b9:76:ca:31:29:94:4f:af:57:92:8a:dc:
19:25:95:03:fc:d2:7e:fe:c8:ef:e4:60:09:e0:07:
3b:1b:16:2b:e4:3b:9c:8a:00:9f:01:fb:d3:8d:fe:
5c:15:a5:83:9a:3c:c8:ad:23:26:a5:f6:8e:1a:78:
ea:35:a6:fb:01:a2:0c:7c:d1:f7:c7:b5:54:63:7b:
ca:ff:aa:5d:5b:4f:c1:d9:0b:16:4e:ba:1b:90:98:
9a:c2:1a:67:fe:c4:5a:9c:0a:d2:68:d8:cc:39:6b:
ca:dc:17:ba:e9:99:cd:4e:46:ea:d0:d9:99:b8:12:
10:40:29:0f:1a:9c:9a:ee:bc:75:7c:96:86:f0:2c:
5d:ac:44:fc:ae:c3:58:0c:f6:96:96:3f:b8:7f:7a:
49:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7C:00:8F:98:1C:7A:D6:67:9D:CA:A6:4C:28:85:89:D5:1D:2C:26
X509v3 Authority Key Identifier:
keyid:A2:BF:6D:E5:89:80:1F:EE:3C:21:DA:DB:7E:48:0F:C5:C5:8F:CE:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/or9t5YmAH-48IdrbfkgPxcWPzo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/0HwAj5gcetZnncqmTCiFidUdLCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2be87f-282c-4127-bf68-561407a83e35/1/or9t5YmAH-48IdrbfkgPxcWPzo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.108.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:53:f6:46:b4:e7:98:46:d7:ce:f9:ac:00:e0:56:83:14:3c:
1c:fd:ad:a9:4d:95:24:e2:d6:7b:fd:c3:2e:10:c9:e2:73:b5:
e0:f0:d5:c6:24:47:0f:e9:a5:d0:0e:02:6e:43:55:a4:b1:93:
87:7d:c2:b7:d2:38:2a:18:66:07:26:bc:0c:da:09:78:d5:c9:
88:16:98:23:44:ed:b8:c2:91:ea:aa:83:a8:25:2b:e5:6d:d0:
56:49:2b:24:bb:c3:35:c0:00:d6:9d:77:70:c3:cf:a6:05:7d:
bd:2d:7c:c0:72:da:35:05:3c:4e:06:fe:63:0c:bc:9c:aa:59:
b8:5e:5f:20:79:70:26:5e:8a:cc:9e:9e:c3:08:da:05:16:32:
35:69:f3:fa:54:20:18:44:6b:d3:5f:a7:8c:ba:87:fc:a0:8d:
bd:54:a1:92:6a:25:71:25:62:7a:e2:c7:65:a7:39:36:96:4c:
52:61:00:60:7b:48:b2:7f:f0:27:e1:eb:b6:94:13:fc:6f:5a:
b5:49:e5:70:76:ab:13:62:2c:df:ca:29:ff:f8:67:b6:57:66:
5b:44:22:13:f0:c8:c3:dd:c6:48:fc:b1:14:b4:ee:5e:00:4f:
1c:37:1f:a4:b8:1c:2a:2d:b9:d0:36:f3:79:9d:da:61:be:5a:
fb:47:c3:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ6ed9FQDm3WrVnyPYTKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYmY2ZGU1ODk4MDFmZWUzYzIxZGFkYjdlNDgwZmM1YzU4
ZmNlOGYwHhcNMjMwMTAyMTYxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdjMDA4Zjk4MWM3YWQ2Njc5ZGNhYTY0YzI4ODU4OWQ1MWQyYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/fXj2Spiz8JlWUUkjNr8HtUDr0q
QURD2Pa3p4pVyEccLreVdMd5MiGvvJY926MxAz9ePJyZnV7q3jVmu/Qy6Vw4jvMA
dkS3a5vLICkUrCGv9JnDEkHSw69Cc2qNZ2DXLYS/xUqgUfIiwyG5dsoxKZRPr1eS
itwZJZUD/NJ+/sjv5GAJ4Ac7GxYr5DucigCfAfvTjf5cFaWDmjzIrSMmpfaOGnjq
Nab7AaIMfNH3x7VUY3vK/6pdW0/B2QsWTrobkJiawhpn/sRanArSaNjMOWvK3Be6
6ZnNTkbq0NmZuBIQQCkPGpya7rx1fJaG8CxdrET8rsNYDPaWlj+4f3pJ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNB8AI+YHHrWZ53KpkwohYnVHSwmMB8GA1UdIwQY
MBaAFKK/beWJgB/uPCHa235ID8XFj86PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3I5dDVZbUFILTQ4SWRyYmZrZ1B4Y1dQem84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYmU4N2YtMjgyYy00MTI3LWJmNjgt
NTYxNDA3YTgzZTM1LzEvMEh3QWo1Z2NldFpubmNxbVRDaUZpZFVkTENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yYmU4N2YtMjgyYy00MTI3LWJmNjgtNTYxNDA3YTgzZTM1
LzEvb3I5dDVZbUFILTQ4SWRyYmZrZ1B4Y1dQem84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpsMA0G
CSqGSIb3DQEBCwUAA4IBAQAaU/ZGtOeYRtfO+awA4FaDFDwc/a2pTZUk4tZ7/cMu
EMnic7Xg8NXGJEcP6aXQDgJuQ1WksZOHfcK30jgqGGYHJrwM2gl41cmIFpgjRO24
wpHqqoOoJSvlbdBWSSsku8M1wADWnXdww8+mBX29LXzActo1BTxOBv5jDLycqlm4
Xl8geXAmXorMnp7DCNoFFjI1afP6VCAYRGvTX6eMuof8oI29VKGSaiVxJWJ64sdl
pzk2lkxSYQBge0iyf/An4eu2lBP8b1q1SeVwdqsTYizfyin/+Ge2V2ZbRCIT8MjD
3cZI/LEUtO5eAE8cNx+kuBwqLbnQNvN5ndphvlr7R8Mo
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net