Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3c8b19-60ab-4bb1-bfd8-0f2b30d9a05f/1/itD78vu4B5wnTm4o7jUw6HrkDDY.roa
File: itD78vu4B5wnTm4o7jUw6HrkDDY.roa (raw, json)
Hash identifier: UirdYIaKzS6yve36/17I2o2xzGfrMnb0von6MJojMdc=
Subject key identifier: 8A:D0:FB:F2:FB:B8:07:9C:27:4E:6E:28:EE:35:30:E8:7A:E4:0C:36
Certificate issuer: /CN=379b5bd8862f76c8eadd36081a98944dc7a745ec
Certificate serial: 0188F6C9A2BAD7271EB66C6A953C6F767D66
Authority key identifier: 37:9B:5B:D8:86:2F:76:C8:EA:DD:36:08:1A:98:94:4D:C7:A7:45:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5tb2IYvdsjq3TYIGpiUTcenRew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3c8b19-60ab-4bb1-bfd8-0f2b30d9a05f/1/itD78vu4B5wnTm4o7jUw6HrkDDY.roa
Signing time: Mon 26 Jun 2023 08:19:49 +0000
ROA not before: Mon 26 Jun 2023 08:19:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60294
IP address blocks: 185.22.44.0/24 maxlen: 24
185.22.44.0/22 maxlen: 22
185.22.45.0/24 maxlen: 24
2a00:6020::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:c9:a2:ba:d7:27:1e:b6:6c:6a:95:3c:6f:76:7d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=379b5bd8862f76c8eadd36081a98944dc7a745ec
Validity
Not Before: Jun 26 08:19:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ad0fbf2fbb8079c274e6e28ee3530e87ae40c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f3:eb:35:77:9d:2a:b4:5a:50:e2:dd:9d:50:
c0:6a:0f:f0:6a:0b:04:04:d2:1b:34:eb:72:35:13:
51:05:d8:07:ee:c3:96:ce:c7:c5:81:83:85:c9:5d:
f7:f8:cb:35:eb:c1:db:55:13:98:5f:01:54:e8:2e:
ca:62:6b:65:d0:4c:bb:1c:bd:e7:6e:96:5c:7c:da:
d3:56:a7:35:ee:e2:05:f5:2a:11:a8:52:7f:cb:4f:
dc:56:78:5e:0c:94:40:ac:49:02:ae:e4:fe:1e:72:
ce:80:d4:49:0d:7c:6a:82:ec:ac:7c:57:c8:cc:70:
bc:9a:f0:b8:96:dc:f5:44:ea:1c:ae:50:78:92:b9:
3a:4a:61:a5:fc:fc:a8:84:66:50:3b:2a:ad:e3:e6:
b4:5a:96:b0:50:17:9f:a7:ae:70:7c:a4:fd:f0:b0:
84:19:66:86:5a:ca:3f:32:7b:fc:25:38:c8:6d:1d:
81:f6:46:b8:81:d6:d0:82:53:41:67:71:2d:3c:9a:
c9:c3:c3:54:e0:c4:a7:dd:1c:fc:74:7a:4f:c6:2b:
95:c7:32:cc:bb:51:7c:f5:cc:52:07:87:bd:8e:8b:
ea:4d:e5:60:7b:ac:8d:78:7a:c5:d7:75:30:81:54:
4a:6e:49:49:70:2d:cf:6d:ea:5e:57:d1:9d:f4:bb:
4f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D0:FB:F2:FB:B8:07:9C:27:4E:6E:28:EE:35:30:E8:7A:E4:0C:36
X509v3 Authority Key Identifier:
keyid:37:9B:5B:D8:86:2F:76:C8:EA:DD:36:08:1A:98:94:4D:C7:A7:45:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5tb2IYvdsjq3TYIGpiUTcenRew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3c8b19-60ab-4bb1-bfd8-0f2b30d9a05f/1/itD78vu4B5wnTm4o7jUw6HrkDDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3c8b19-60ab-4bb1-bfd8-0f2b30d9a05f/1/N5tb2IYvdsjq3TYIGpiUTcenRew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.44.0/22
IPv6:
2a00:6020::/32
Signature Algorithm: sha256WithRSAEncryption
20:84:5d:e8:a0:34:71:5a:e1:4f:cc:e9:df:15:f2:30:21:fd:
25:6e:83:cc:a6:c9:e8:3b:6d:3f:9b:f2:6e:f6:41:82:4b:18:
42:d3:e2:68:87:02:6b:38:eb:fb:c4:d7:0c:80:05:66:3a:98:
8c:8f:69:ce:54:96:f5:12:f9:72:9e:47:ef:d7:3d:fb:4d:0a:
7f:b0:a2:a6:1d:66:c1:18:36:53:ea:7e:28:a4:7e:c4:9c:75:
ae:57:b8:e5:be:96:ef:58:f0:2c:b2:89:61:e8:7b:20:86:fb:
0b:64:79:bc:0a:3b:25:f1:09:c2:e7:1c:8d:2f:5e:e9:d2:99:
7c:5e:2c:c7:cc:e9:fe:83:b3:11:fd:0f:bd:8b:5f:17:68:42:
16:ad:b4:94:a8:28:80:f9:ba:db:e8:5e:94:8a:23:75:38:c6:
6b:c7:2a:27:71:5a:ed:59:05:86:c0:4b:59:d0:0b:15:ca:1c:
34:10:14:b6:1a:87:86:a8:0b:8e:37:f9:4c:1f:ef:bf:02:5c:
ce:9f:8a:ad:e9:1e:45:83:b0:39:50:f7:a6:70:ab:0f:82:01:
13:c6:75:24:10:3e:cb:04:b9:ee:45:d0:06:67:2c:f7:93:bc:
0f:a0:d0:ec:71:07:88:3f:b8:0d:76:cb:3f:fb:11:2e:48:6f:
e2:95:88:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYj2yaK61ycetmxqlTxvdn1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OWI1YmQ4ODYyZjc2YzhlYWRkMzYwODFhOTg5NDRkYzdh
NzQ1ZWMwHhcNMjMwNjI2MDgxOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQwZmJmMmZiYjgwNzljMjc0ZTZlMjhlZTM1MzBlODdhZTQwYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvPrNXedKrRaUOLdnVDAag/wagsE
BNIbNOtyNRNRBdgH7sOWzsfFgYOFyV33+Ms168HbVROYXwFU6C7KYmtl0Ey7HL3n
bpZcfNrTVqc17uIF9SoRqFJ/y0/cVnheDJRArEkCruT+HnLOgNRJDXxqguysfFfI
zHC8mvC4ltz1ROocrlB4krk6SmGl/PyohGZQOyqt4+a0WpawUBefp65wfKT98LCE
GWaGWso/Mnv8JTjIbR2B9ka4gdbQglNBZ3EtPJrJw8NU4MSn3Rz8dHpPxiuVxzLM
u1F89cxSB4e9jovqTeVge6yNeHrF13UwgVRKbklJcC3PbepeV9Gd9LtPRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIrQ+/L7uAecJ05uKO41MOh65Aw2MB8GA1UdIwQY
MBaAFDebW9iGL3bI6t02CBqYlE3Hp0XsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjV0YjJJWXZkc2pxM1RZSUdwaVVUY2VuUmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYzhiMTktNjBhYi00YmIxLWJmZDgt
MGYyYjMwZDlhMDVmLzEvaXRENzh2dTRCNXduVG00bzdqVXc2SHJrRERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYzhiMTktNjBhYi00YmIxLWJmZDgtMGYyYjMwZDlhMDVm
LzEvTjV0YjJJWXZkc2pxM1RZSUdwaVVUY2VuUmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRYsMA0E
AgACMAcDBQAqAGAgMA0GCSqGSIb3DQEBCwUAA4IBAQAghF3ooDRxWuFPzOnfFfIw
If0lboPMpsnoO20/m/Ju9kGCSxhC0+JohwJrOOv7xNcMgAVmOpiMj2nOVJb1Evly
nkfv1z37TQp/sKKmHWbBGDZT6n4opH7EnHWuV7jlvpbvWPAssolh6HsghvsLZHm8
Cjsl8QnC5xyNL17p0pl8XizHzOn+g7MR/Q+9i18XaEIWrbSUqCiA+brb6F6UiiN1
OMZrxyoncVrtWQWGwEtZ0AsVyhw0EBS2GoeGqAuON/lMH++/AlzOn4qt6R5Fg7A5
UPemcKsPggETxnUkED7LBLnuRdAGZyz3k7wPoNDscQeIP7gNdss/+xEuSG/ilYjT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org