Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/0c5de4-ed86-48f9-bc06-f4ca21dbd20a/1/u-K-0rtXqJdWXd50XVzR0ad42K4.roa
File: u-K-0rtXqJdWXd50XVzR0ad42K4.roa (raw, json)
Hash identifier: gRVD2S4H8nyAUXymNYqxwm0skZpVm8ephCXiiiOphsU=
Subject key identifier: BB:E2:BE:D2:BB:57:A8:97:56:5D:DE:74:5D:5C:D1:D1:A7:78:D8:AE
Certificate issuer: /CN=3ef9ea90bbcde7c2cffcfbb6312b1b637a2e490a
Certificate serial: 01856FD4E4D9D974859BF534464E4BCE6121
Authority key identifier: 3E:F9:EA:90:BB:CD:E7:C2:CF:FC:FB:B6:31:2B:1B:63:7A:2E:49:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvnqkLvN58LP_Pu2MSsbY3ouSQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/0c5de4-ed86-48f9-bc06-f4ca21dbd20a/1/u-K-0rtXqJdWXd50XVzR0ad42K4.roa
Signing time: Mon 02 Jan 2023 00:15:00 +0000
ROA not before: Mon 02 Jan 2023 00:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204326
IP address blocks: 171.22.92.0/22 maxlen: 22
171.22.92.0/24 maxlen: 24
2a09:3cc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:e4:d9:d9:74:85:9b:f5:34:46:4e:4b:ce:61:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef9ea90bbcde7c2cffcfbb6312b1b637a2e490a
Validity
Not Before: Jan 2 00:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbe2bed2bb57a897565dde745d5cd1d1a778d8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f2:8e:e7:2d:c5:64:a1:1c:67:fe:a3:6a:c5:
cd:80:75:50:67:da:bf:c6:3a:a7:30:8b:1c:9e:63:
d5:87:2f:0b:a8:b5:c7:7c:e2:c1:e8:40:33:53:f8:
f4:d3:56:17:f3:13:d6:60:3d:23:76:5c:34:59:2e:
d1:a2:2c:80:92:f9:11:10:9a:b6:87:d9:dc:a3:b5:
5d:f0:a6:0c:c1:42:4a:39:76:0f:8d:43:17:9e:b3:
b6:9e:a1:0f:d8:97:4e:0f:5c:6b:17:57:8c:f1:3d:
31:2d:be:d9:61:84:08:16:23:5a:50:fb:1e:a2:21:
38:4a:ab:f8:79:af:83:39:e5:60:ec:47:92:d2:2d:
8a:dd:59:cd:36:6e:b6:15:3a:4e:7b:c5:ee:cb:58:
e3:41:ba:79:f4:89:ff:cf:51:c8:68:d2:be:07:27:
ad:b6:88:b4:b8:f0:bc:a8:39:0c:ec:a9:19:92:a2:
63:7c:9a:d4:cd:57:3c:fc:d8:1e:32:06:15:76:fe:
42:d2:fa:73:4c:c4:2f:bd:f8:cf:9c:1b:9d:ba:ba:
2f:72:57:f6:f4:c8:f0:dc:06:42:b3:64:8f:63:09:
5d:7e:19:aa:14:7b:a0:ec:01:78:63:07:91:35:bf:
ab:64:14:e3:49:09:1e:5b:58:01:89:cb:62:63:46:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E2:BE:D2:BB:57:A8:97:56:5D:DE:74:5D:5C:D1:D1:A7:78:D8:AE
X509v3 Authority Key Identifier:
keyid:3E:F9:EA:90:BB:CD:E7:C2:CF:FC:FB:B6:31:2B:1B:63:7A:2E:49:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvnqkLvN58LP_Pu2MSsbY3ouSQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/0c5de4-ed86-48f9-bc06-f4ca21dbd20a/1/u-K-0rtXqJdWXd50XVzR0ad42K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/0c5de4-ed86-48f9-bc06-f4ca21dbd20a/1/PvnqkLvN58LP_Pu2MSsbY3ouSQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.92.0/22
IPv6:
2a09:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:e0:e1:f8:87:68:b3:90:cb:c0:d9:b0:43:13:c5:ee:fe:2e:
49:58:da:c3:f5:0c:06:a0:17:35:2e:06:cd:a6:80:f0:fa:5b:
16:47:84:ff:8a:c5:9c:9a:be:11:20:1e:5f:b5:87:38:ce:b4:
91:e9:a1:ae:68:ae:df:0e:e8:3d:a7:5c:e5:81:d9:f6:fb:ec:
75:6c:4f:50:b6:c1:ff:97:7b:c3:cb:8f:87:b2:f7:b7:3b:85:
40:b4:12:f3:51:d9:dc:2f:34:f2:d8:0f:40:14:49:fd:86:d2:
28:a3:5f:a9:8b:73:d6:89:b7:b4:dd:c8:f2:dd:ac:62:1a:a7:
1c:a0:fe:b3:15:cd:05:0e:a1:1d:8c:03:1d:7b:be:dd:48:f6:
bb:d2:c7:cd:bc:47:2a:bf:94:96:88:1e:9a:6d:9a:4b:77:ec:
24:64:44:ce:cf:92:f4:b6:76:dd:47:c5:5c:b8:37:6f:1c:1c:
80:57:9f:fc:ce:f3:fe:1c:3e:a8:6f:e6:b6:12:75:66:00:bd:
ed:3a:fe:64:14:68:ae:25:12:cc:57:a5:44:d7:c3:62:44:43:
54:3f:ea:b3:2f:59:a0:92:87:65:81:d0:17:1e:7f:b0:fe:7c:
4b:51:3f:b2:02:9e:12:25:e6:05:62:be:3d:ba:07:a8:3c:57:
a1:38:4c:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1OTZ2XSFm/U0Rk5LzmEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjllYTkwYmJjZGU3YzJjZmZjZmJiNjMxMmIxYjYzN2Ey
ZTQ5MGEwHhcNMjMwMTAyMDAxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmUyYmVkMmJiNTdhODk3NTY1ZGRlNzQ1ZDVjZDFkMWE3NzhkOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fKO5y3FZKEcZ/6jasXNgHVQZ9q/
xjqnMIscnmPVhy8LqLXHfOLB6EAzU/j001YX8xPWYD0jdlw0WS7RoiyAkvkREJq2
h9nco7Vd8KYMwUJKOXYPjUMXnrO2nqEP2JdOD1xrF1eM8T0xLb7ZYYQIFiNaUPse
oiE4Sqv4ea+DOeVg7EeS0i2K3VnNNm62FTpOe8Xuy1jjQbp59In/z1HIaNK+Byet
toi0uPC8qDkM7KkZkqJjfJrUzVc8/NgeMgYVdv5C0vpzTMQvvfjPnBudurovclf2
9Mjw3AZCs2SPYwldfhmqFHug7AF4YweRNb+rZBTjSQkeW1gBictiY0bmOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLvivtK7V6iXVl3edF1c0dGneNiuMB8GA1UdIwQY
MBaAFD756pC7zefCz/z7tjErG2N6LkkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZucWtMdk41OExQX1B1Mk1Tc2JZM291U1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wYzVkZTQtZWQ4Ni00OGY5LWJjMDYt
ZjRjYTIxZGJkMjBhLzEvdS1LLTBydFhxSmRXWGQ1MFhWelIwYWQ0Mks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wYzVkZTQtZWQ4Ni00OGY5LWJjMDYtZjRjYTIxZGJkMjBh
LzEvUHZucWtMdk41OExQX1B1Mk1Tc2JZM291U1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCqxZcMA0E
AgACMAcDBQMqCTzAMA0GCSqGSIb3DQEBCwUAA4IBAQA94OH4h2izkMvA2bBDE8Xu
/i5JWNrD9QwGoBc1LgbNpoDw+lsWR4T/isWcmr4RIB5ftYc4zrSR6aGuaK7fDug9
p1zlgdn2++x1bE9QtsH/l3vDy4+Hsve3O4VAtBLzUdncLzTy2A9AFEn9htIoo1+p
i3PWibe03cjy3axiGqccoP6zFc0FDqEdjAMde77dSPa70sfNvEcqv5SWiB6abZpL
d+wkZETOz5L0tnbdR8VcuDdvHByAV5/8zvP+HD6ob+a2EnVmAL3tOv5kFGiuJRLM
V6VE18NiRENUP+qzL1mgkodlgdAXHn+w/nxLUT+yAp4SJeYFYr49ugeoPFehOEw0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:49 2023 by rpki-client on console-fra.rpki-client.org