Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/3Palq24GLQLnGeEXhAaF6J7ZMJs.roa
File: 3Palq24GLQLnGeEXhAaF6J7ZMJs.roa (raw, json)
Hash identifier: hLx5oc6AY9tVmthkoOGN7G5Z52eXvtaBBBC6WLcM98I=
Subject key identifier: DC:F6:A5:AB:6E:06:2D:02:E7:19:E1:17:84:06:85:E8:9E:D9:30:9B
Certificate issuer: /CN=ff40503cb21a922897971726f6b7eecc253f1193
Certificate serial: 01856FB119018802C9555E9E02EEB7535275
Authority key identifier: FF:40:50:3C:B2:1A:92:28:97:97:17:26:F6:B7:EE:CC:25:3F:11:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0BQPLIakiiXlxcm9rfuzCU_EZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/3Palq24GLQLnGeEXhAaF6J7ZMJs.roa
Signing time: Sun 01 Jan 2023 23:35:55 +0000
ROA not before: Sun 01 Jan 2023 23:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206844
IP address blocks: 171.22.245.0/24 maxlen: 24
171.22.246.0/23 maxlen: 23
171.22.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:19:01:88:02:c9:55:5e:9e:02:ee:b7:53:52:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40503cb21a922897971726f6b7eecc253f1193
Validity
Not Before: Jan 1 23:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf6a5ab6e062d02e719e117840685e89ed9309b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:79:b0:0c:1b:f4:72:33:ed:d3:af:11:ca:4c:
aa:34:b2:a0:2e:4f:66:8c:3c:cb:fb:15:42:4d:11:
98:dc:54:6a:b4:77:1b:a4:f6:d0:65:54:f6:16:6f:
8e:fd:34:c6:5c:aa:23:3d:28:32:a9:85:da:04:f1:
7b:1a:23:11:d7:29:76:aa:72:09:3f:64:b8:2c:b6:
f8:90:2f:02:d9:75:42:67:97:99:74:60:75:48:fc:
40:5c:5b:ba:5b:5d:05:72:b9:b7:e8:d7:dd:d0:c7:
88:66:9b:30:72:12:c3:6a:5f:cb:d5:f2:1e:7d:df:
2f:1b:11:f6:a4:ea:c0:bc:a2:2e:ff:81:1f:7c:8b:
a7:9d:34:4c:e7:56:7a:52:cf:3f:3d:4a:26:d7:3d:
25:bb:49:a7:82:a7:dd:af:21:1e:8b:27:1d:c8:33:
b1:94:6e:4c:27:60:9e:cd:0f:6f:d3:41:3b:70:8d:
f1:50:46:fb:5b:32:ff:bd:a1:fb:d8:69:2d:45:03:
32:23:83:dd:be:ec:10:3b:d1:c6:a7:70:66:ed:3d:
1c:28:2a:41:7a:5c:e7:0c:4f:27:82:41:2c:24:7f:
73:05:3f:15:6f:58:ce:5d:fc:47:73:11:a8:0f:12:
a0:94:7e:fa:ba:d9:e7:f6:7e:6e:67:61:4e:5e:3e:
df:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F6:A5:AB:6E:06:2D:02:E7:19:E1:17:84:06:85:E8:9E:D9:30:9B
X509v3 Authority Key Identifier:
keyid:FF:40:50:3C:B2:1A:92:28:97:97:17:26:F6:B7:EE:CC:25:3F:11:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0BQPLIakiiXlxcm9rfuzCU_EZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/3Palq24GLQLnGeEXhAaF6J7ZMJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/529414-d7a5-49eb-9bd6-cbf1bbb0fd18/1/_0BQPLIakiiXlxcm9rfuzCU_EZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.244.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:d8:72:a7:b0:f2:f3:02:4b:8b:f4:31:a5:32:e8:18:02:14:
eb:92:ea:fd:b8:92:eb:2e:81:6a:e7:45:67:8d:6c:bb:81:d9:
ee:2d:20:0b:35:5a:1b:e3:76:56:30:66:a6:cf:c8:66:26:fc:
f4:71:5d:67:d7:04:bf:06:49:29:4a:9a:08:37:15:ba:07:ff:
30:d2:d7:73:c0:1b:c8:12:e0:fa:b6:76:aa:25:4b:9e:ce:77:
ad:10:76:65:c2:f0:63:8c:ec:fc:7b:d6:47:29:d3:a0:1d:58:
56:8d:65:61:87:a1:9e:92:8e:2a:40:20:ef:84:10:d6:54:ed:
d4:06:a7:c5:62:5a:b6:83:f4:4c:f9:3c:10:a6:04:19:86:8c:
b8:ab:70:74:1a:20:d5:28:fa:d2:ce:68:46:9c:30:15:01:df:
37:da:e9:c5:b2:ec:fe:4c:a7:78:9d:4d:8e:a2:22:4a:55:5e:
78:b5:08:f1:c6:b7:ad:60:3d:24:17:f3:11:f4:25:73:d4:6d:
5c:02:81:1a:2e:0c:59:75:68:fc:64:ca:db:8c:8e:20:10:b5:
3c:05:b5:aa:88:13:c1:ae:c1:1f:0e:db:6b:2a:24:39:53:c9:
f4:79:88:5f:1e:c1:1f:9c:25:46:93:ed:9e:42:00:dd:dc:bc:
1e:72:e4:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvsRkBiALJVV6eAu63U1J1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDA1MDNjYjIxYTkyMjg5Nzk3MTcyNmY2YjdlZWNjMjUz
ZjExOTMwHhcNMjMwMTAxMjMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y2YTVhYjZlMDYyZDAyZTcxOWUxMTc4NDA2ODVlODllZDkzMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13mwDBv0cjPt068RykyqNLKgLk9m
jDzL+xVCTRGY3FRqtHcbpPbQZVT2Fm+O/TTGXKojPSgyqYXaBPF7GiMR1yl2qnIJ
P2S4LLb4kC8C2XVCZ5eZdGB1SPxAXFu6W10Fcrm36Nfd0MeIZpswchLDal/L1fIe
fd8vGxH2pOrAvKIu/4EffIunnTRM51Z6Us8/PUom1z0lu0mngqfdryEeiycdyDOx
lG5MJ2CezQ9v00E7cI3xUEb7WzL/vaH72GktRQMyI4PdvuwQO9HGp3Bm7T0cKCpB
elznDE8ngkEsJH9zBT8Vb1jOXfxHcxGoDxKglH76utnn9n5uZ2FOXj7fBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNz2patuBi0C5xnhF4QGheie2TCbMB8GA1UdIwQY
MBaAFP9AUDyyGpIol5cXJva37swlPxGTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBCUVBMSWFraWlYbHhjbTlyZnV6Q1VfRVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81Mjk0MTQtZDdhNS00OWViLTliZDYt
Y2JmMWJiYjBmZDE4LzEvM1BhbHEyNEdMUUxuR2VFWGhBYUY2SjdaTUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81Mjk0MTQtZDdhNS00OWViLTliZDYtY2JmMWJiYjBmZDE4
LzEvXzBCUVBMSWFraWlYbHhjbTlyZnV6Q1VfRVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxb0MA0G
CSqGSIb3DQEBCwUAA4IBAQCd2HKnsPLzAkuL9DGlMugYAhTrkur9uJLrLoFq50Vn
jWy7gdnuLSALNVob43ZWMGamz8hmJvz0cV1n1wS/BkkpSpoINxW6B/8w0tdzwBvI
EuD6tnaqJUueznetEHZlwvBjjOz8e9ZHKdOgHVhWjWVhh6Geko4qQCDvhBDWVO3U
BqfFYlq2g/RM+TwQpgQZhoy4q3B0GiDVKPrSzmhGnDAVAd832unFsuz+TKd4nU2O
oiJKVV54tQjxxretYD0kF/MR9CVz1G1cAoEaLgxZdWj8ZMrbjI4gELU8BbWqiBPB
rsEfDttrKiQ5U8n0eYhfHsEfnCVGk+2eQgDd3LwecuS5
-----END CERTIFICATE-----
Generated at Tue Dec 19 12:33:02 2023 by rpki-client on console-ams.rpki-client.org