Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/chCq3JtQiEo5pj5qio1I3XKA1tY.roa
File: chCq3JtQiEo5pj5qio1I3XKA1tY.roa (raw, json)
Hash identifier: yKzzTA3sp6SAn661/GJPt7v1hmpeXJvRxhU1cfsZhPs=
Subject key identifier: 72:10:AA:DC:9B:50:88:4A:39:A6:3E:6A:8A:8D:48:DD:72:80:D6:D6
Certificate issuer: /CN=44f2b4d93b2aaf3a02697223b792f60218cad2b6
Certificate serial: 01856E7906D931F318F7D13E0EC429E64491
Authority key identifier: 44:F2:B4:D9:3B:2A:AF:3A:02:69:72:23:B7:92:F6:02:18:CA:D2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPK02TsqrzoCaXIjt5L2AhjK0rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/chCq3JtQiEo5pj5qio1I3XKA1tY.roa
Signing time: Sun 01 Jan 2023 17:55:03 +0000
ROA not before: Sun 01 Jan 2023 17:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51662
IP address blocks: 185.195.44.0/22 maxlen: 22
185.195.44.0/24 maxlen: 24
185.195.45.0/24 maxlen: 24
185.195.47.0/24 maxlen: 24
185.195.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:06:d9:31:f3:18:f7:d1:3e:0e:c4:29:e6:44:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f2b4d93b2aaf3a02697223b792f60218cad2b6
Validity
Not Before: Jan 1 17:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7210aadc9b50884a39a63e6a8a8d48dd7280d6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e5:e7:eb:e1:0c:91:ab:8c:39:9d:e4:25:06:
1c:3f:4f:e7:42:98:38:46:9e:af:f1:4e:8b:43:29:
61:15:54:04:f2:50:11:5d:d1:78:10:74:5c:88:5e:
7f:62:d3:e9:77:84:f4:b5:e5:bf:5c:5a:88:2c:55:
5d:f9:e2:c1:b0:75:3a:59:21:a0:09:b1:6f:26:a5:
5d:f7:4a:ed:c5:ea:01:4e:7c:b5:20:6b:43:79:77:
6d:e9:ff:e2:f4:e6:05:21:c0:91:2b:98:17:cb:10:
fd:57:fc:f5:eb:78:21:c1:6f:c1:c0:7d:83:e9:20:
55:21:be:2e:72:b3:e5:67:70:e1:6b:aa:ae:04:82:
e1:97:68:16:22:3b:ea:26:82:d5:25:6c:78:d7:60:
b7:66:d2:ea:ca:65:b9:44:e8:df:32:97:be:16:3d:
d6:61:f6:56:f1:18:a9:9a:62:8f:50:e8:f4:e2:6a:
3d:d3:6e:58:8a:34:9b:8b:ac:a7:36:93:be:57:53:
26:0d:42:f0:6b:27:47:c7:89:4a:83:ca:92:97:81:
b1:4c:48:c9:b0:3f:71:a8:10:a1:cf:f7:4b:cc:31:
c9:fd:2e:ca:83:5a:ff:d1:24:64:f5:b8:2b:33:db:
7a:24:55:8a:d8:5e:a8:c4:bd:cb:9e:72:47:c1:db:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:10:AA:DC:9B:50:88:4A:39:A6:3E:6A:8A:8D:48:DD:72:80:D6:D6
X509v3 Authority Key Identifier:
keyid:44:F2:B4:D9:3B:2A:AF:3A:02:69:72:23:B7:92:F6:02:18:CA:D2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPK02TsqrzoCaXIjt5L2AhjK0rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/chCq3JtQiEo5pj5qio1I3XKA1tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/388110-0366-479b-9bf9-50d7f7eaa1ad/1/RPK02TsqrzoCaXIjt5L2AhjK0rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.44.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:c8:b3:eb:69:66:a2:2f:34:80:71:e4:28:17:c1:de:52:f7:
e1:26:ed:22:c0:be:32:31:cd:58:9f:cc:ee:75:21:68:cc:67:
c6:df:18:bf:3a:d1:ce:80:0d:9a:8b:ef:fe:58:b6:61:49:50:
7f:70:c7:a7:4b:06:5f:33:47:10:59:f9:12:fc:5a:2d:fb:ff:
6a:e8:87:c6:0f:1e:d8:b7:6a:a1:7f:a6:1e:b4:02:b6:70:9c:
c6:66:35:12:ab:bb:dd:5e:75:71:6f:45:98:4b:9e:27:18:d5:
9b:fa:64:06:14:13:8c:4d:56:69:07:ff:fc:84:92:ab:ec:5d:
98:72:e3:49:1d:76:7e:67:67:9f:7f:e9:b3:ec:aa:6d:00:7b:
38:01:4a:a0:70:b7:a5:2b:2b:94:d4:8e:10:50:eb:cc:87:b3:
85:5b:86:e1:4b:55:d9:18:3f:c2:ea:32:40:b4:e6:7e:78:83:
7e:f0:5b:86:f8:fa:18:66:5a:18:b7:56:bd:f0:01:6a:1a:93:
7d:d7:ad:dc:5c:49:3e:48:61:b1:f7:24:d6:00:ea:fe:3c:20:
38:f6:15:4a:37:b3:39:b3:0a:4b:15:f6:bb:3e:20:89:74:d4:
50:b2:09:16:e3:34:9f:65:b2:3c:62:6a:5e:99:8b:69:ae:8d:
b7:60:2f:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueQbZMfMY99E+DsQp5kSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjJiNGQ5M2IyYWFmM2EwMjY5NzIyM2I3OTJmNjAyMThj
YWQyYjYwHhcNMjMwMTAxMTc1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjEwYWFkYzliNTA4ODRhMzlhNjNlNmE4YThkNDhkZDcyODBkNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuXn6+EMkauMOZ3kJQYcP0/nQpg4
Rp6v8U6LQylhFVQE8lARXdF4EHRciF5/YtPpd4T0teW/XFqILFVd+eLBsHU6WSGg
CbFvJqVd90rtxeoBTny1IGtDeXdt6f/i9OYFIcCRK5gXyxD9V/z163ghwW/BwH2D
6SBVIb4ucrPlZ3Dha6quBILhl2gWIjvqJoLVJWx412C3ZtLqymW5ROjfMpe+Fj3W
YfZW8RipmmKPUOj04mo9025YijSbi6ynNpO+V1MmDULwaydHx4lKg8qSl4GxTEjJ
sD9xqBChz/dLzDHJ/S7Kg1r/0SRk9bgrM9t6JFWK2F6oxL3LnnJHwdt1/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIQqtybUIhKOaY+aoqNSN1ygNbWMB8GA1UdIwQY
MBaAFETytNk7Kq86AmlyI7eS9gIYytK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBLMDJUc3Fyem9DYVhJanQ1TDJBaGpLMHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODgxMTAtMDM2Ni00NzliLTliZjkt
NTBkN2Y3ZWFhMWFkLzEvY2hDcTNKdFFpRW81cGo1cWlvMUkzWEtBMXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODgxMTAtMDM2Ni00NzliLTliZjktNTBkN2Y3ZWFhMWFk
LzEvUlBLMDJUc3Fyem9DYVhJanQ1TDJBaGpLMHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMsMA0G
CSqGSIb3DQEBCwUAA4IBAQC7yLPraWaiLzSAceQoF8HeUvfhJu0iwL4yMc1Yn8zu
dSFozGfG3xi/OtHOgA2ai+/+WLZhSVB/cMenSwZfM0cQWfkS/Fot+/9q6IfGDx7Y
t2qhf6YetAK2cJzGZjUSq7vdXnVxb0WYS54nGNWb+mQGFBOMTVZpB//8hJKr7F2Y
cuNJHXZ+Z2eff+mz7KptAHs4AUqgcLelKyuU1I4QUOvMh7OFW4bhS1XZGD/C6jJA
tOZ+eIN+8FuG+PoYZloYt1a98AFqGpN9163cXEk+SGGx9yTWAOr+PCA49hVKN7M5
swpLFfa7PiCJdNRQsgkW4zSfZbI8YmpemYtpro23YC+Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:10 2025 by rpki-client