Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/1DKgRqwQVbucO4u5BqfOD4vTIzk.roa
File: 1DKgRqwQVbucO4u5BqfOD4vTIzk.roa (raw, json)
Hash identifier: jRZVc4yEUu/cPve4ZcoEePcb//mN/tQ4wwYcc79Xh/E=
Subject key identifier: D4:32:A0:46:AC:10:55:BB:9C:3B:8B:B9:06:A7:CE:0F:8B:D3:23:39
Certificate issuer: /CN=44f2b4d93b2aaf3a02697223b792f60218cad2b6
Certificate serial: 01856E7907827AB211CAEACE8467A52904D7
Authority key identifier: 44:F2:B4:D9:3B:2A:AF:3A:02:69:72:23:B7:92:F6:02:18:CA:D2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPK02TsqrzoCaXIjt5L2AhjK0rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/1DKgRqwQVbucO4u5BqfOD4vTIzk.roa
Signing time: Sun 01 Jan 2023 17:55:03 +0000
ROA not before: Sun 01 Jan 2023 17:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.195.44.0/24 maxlen: 24
185.195.44.0/22 maxlen: 22
185.195.46.0/24 maxlen: 24
185.195.45.0/24 maxlen: 24
185.195.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:07:82:7a:b2:11:ca:ea:ce:84:67:a5:29:04:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f2b4d93b2aaf3a02697223b792f60218cad2b6
Validity
Not Before: Jan 1 17:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d432a046ac1055bb9c3b8bb906a7ce0f8bd32339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:06:46:94:28:b5:a0:2a:c9:be:9a:e7:d7:31:
df:ff:cf:ba:c4:07:f2:7d:e7:44:73:40:b7:64:0e:
b6:ba:c4:ca:b1:ae:a0:1d:44:bc:b7:03:c1:5b:c3:
d7:3b:29:df:fd:25:65:e3:4b:2e:76:01:d4:05:0b:
e1:8f:6d:89:a4:a8:d3:ba:ab:5f:92:a4:3e:af:53:
d2:03:fd:40:4f:c0:c8:af:87:46:e9:72:55:fa:bb:
c2:0d:67:64:39:d3:df:b3:e6:87:24:3b:77:6a:91:
fe:6b:4e:8c:ff:52:7a:a9:8b:a9:35:5e:2b:04:2a:
3c:96:27:1f:fb:52:2a:85:4a:e9:fe:ca:c2:a8:1c:
6f:bc:5a:04:b2:2e:52:e1:da:ad:1d:5c:33:bd:63:
ef:5c:a2:7d:b4:b4:b5:4b:51:cf:9d:c6:63:0e:f2:
89:ca:c7:76:b5:7d:71:25:4a:98:4b:e0:5e:4c:6a:
a0:d6:8d:e0:89:a7:1b:fa:1a:22:87:cc:47:37:19:
f4:74:63:9b:8d:ef:fc:aa:cb:43:34:fb:83:e8:be:
98:4e:fe:52:2b:88:7b:98:99:8f:d3:6e:b1:46:bf:
6d:90:ef:ac:6d:f7:65:ec:a4:ce:f2:28:56:1d:28:
a7:f4:4d:40:74:58:8a:e3:26:48:47:33:5c:f1:7a:
47:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:32:A0:46:AC:10:55:BB:9C:3B:8B:B9:06:A7:CE:0F:8B:D3:23:39
X509v3 Authority Key Identifier:
keyid:44:F2:B4:D9:3B:2A:AF:3A:02:69:72:23:B7:92:F6:02:18:CA:D2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPK02TsqrzoCaXIjt5L2AhjK0rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/1DKgRqwQVbucO4u5BqfOD4vTIzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/RPK02TsqrzoCaXIjt5L2AhjK0rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.44.0/22
Signature Algorithm: sha256WithRSAEncryption
92:a5:a7:52:e0:fb:c0:98:e6:7e:5f:49:b3:cb:96:47:b1:92:
95:53:da:95:f0:3f:62:2e:33:bb:e5:7d:71:a0:3d:82:b3:97:
b0:eb:1e:54:5a:ed:6d:83:ea:cd:d3:8d:e4:8f:e2:7a:eb:00:
e9:c3:83:48:60:63:77:73:38:03:24:3e:9d:1b:f2:ae:f4:bb:
88:72:e8:a7:2d:63:2d:6d:92:07:54:4a:fd:53:25:d6:ca:cc:
f2:56:6b:ad:9d:00:16:03:b4:b8:80:3d:3c:d8:b2:5b:ad:e4:
48:27:2d:33:f9:e8:b4:85:78:80:10:5c:90:1a:95:c3:66:d6:
ff:dc:5a:00:4a:29:65:61:ae:16:fd:57:5f:8e:3b:7c:3f:80:
97:8d:c0:74:0b:8e:12:6a:e4:7c:3c:7c:10:86:58:87:a4:37:
bd:47:7f:1e:d6:ee:ce:74:81:60:42:07:a4:7c:7f:1a:74:84:
7b:8e:16:74:cb:88:b8:0c:cd:fc:10:df:a3:62:b3:48:8b:1b:
1c:69:70:cb:36:12:bf:16:f7:ec:ae:ef:00:ee:f7:29:9a:46:
3a:89:01:54:00:9b:98:8e:74:99:e0:bd:90:b0:42:26:51:50:
78:b4:a1:ec:a8:f5:93:42:79:d0:84:58:63:2f:be:8f:dd:f7:
12:06:5a:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueQeCerIRyurOhGelKQTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjJiNGQ5M2IyYWFmM2EwMjY5NzIyM2I3OTJmNjAyMThj
YWQyYjYwHhcNMjMwMTAxMTc1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDMyYTA0NmFjMTA1NWJiOWMzYjhiYjkwNmE3Y2UwZjhiZDMyMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAZGlCi1oCrJvprn1zHf/8+6xAfy
fedEc0C3ZA62usTKsa6gHUS8twPBW8PXOynf/SVl40sudgHUBQvhj22JpKjTuqtf
kqQ+r1PSA/1AT8DIr4dG6XJV+rvCDWdkOdPfs+aHJDt3apH+a06M/1J6qYupNV4r
BCo8licf+1IqhUrp/srCqBxvvFoEsi5S4dqtHVwzvWPvXKJ9tLS1S1HPncZjDvKJ
ysd2tX1xJUqYS+BeTGqg1o3giacb+hoih8xHNxn0dGObje/8qstDNPuD6L6YTv5S
K4h7mJmP026xRr9tkO+sbfdl7KTO8ihWHSin9E1AdFiK4yZIRzNc8XpHPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQyoEasEFW7nDuLuQanzg+L0yM5MB8GA1UdIwQY
MBaAFETytNk7Kq86AmlyI7eS9gIYytK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBLMDJUc3Fyem9DYVhJanQ1TDJBaGpLMHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODgxMTAtMDM2Ni00NzliLTliZjkt
NTBkN2Y3ZWFhMWFkLzEvMURLZ1Jxd1FWYnVjTzR1NUJxZk9ENHZUSXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODgxMTAtMDM2Ni00NzliLTliZjktNTBkN2Y3ZWFhMWFk
LzEvUlBLMDJUc3Fyem9DYVhJanQ1TDJBaGpLMHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCSpadS4PvAmOZ+X0mzy5ZHsZKVU9qV8D9iLjO75X1x
oD2Cs5ew6x5UWu1tg+rN043kj+J66wDpw4NIYGN3czgDJD6dG/Ku9LuIcuinLWMt
bZIHVEr9UyXWyszyVmutnQAWA7S4gD082LJbreRIJy0z+ei0hXiAEFyQGpXDZtb/
3FoASillYa4W/Vdfjjt8P4CXjcB0C44SauR8PHwQhliHpDe9R38e1u7OdIFgQgek
fH8adIR7jhZ0y4i4DM38EN+jYrNIixscaXDLNhK/Fvfsru8A7vcpmkY6iQFUAJuY
jnSZ4L2QsEImUVB4tKHsqPWTQnnQhFhjL76P3fcSBloT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org