Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/50/3138352e3232322e34332e302f32342d3234203d3e2038383838.roa
File: 3138352e3232322e34332e302f32342d3234203d3e2038383838.roa (raw, json)
Hash identifier: Sqjp8FCeZUfHiTZqBAVhB3NcRVHY59hW+FLbVJDv78A=
Subject key identifier: FA:60:E5:20:AB:85:28:17:99:20:41:49:70:61:DC:B5:9C:09:06:63
Certificate issuer: /CN=b313ae6f32255d0c6ca43a34ec6e149c0ef58c60
Certificate serial: 05A3ABBE82678239C3EA81C03FABDBAD3E60E3B7
Authority key identifier: B3:13:AE:6F:32:25:5D:0C:6C:A4:3A:34:EC:6E:14:9C:0E:F5:8C:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxOubzIlXQxspDo07G4UnA71jGA.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/50/3138352e3232322e34332e302f32342d3234203d3e2038383838.roa
Signing time: Wed 01 Mar 2023 00:33:18 +0000
ROA not before: Wed 01 Mar 2023 00:28:18 +0000
ROA not after: Wed 28 Feb 2024 00:33:18 +0000
asID: 8888
IP address blocks: 185.222.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:a3:ab:be:82:67:82:39:c3:ea:81:c0:3f:ab:db:ad:3e:60:e3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b313ae6f32255d0c6ca43a34ec6e149c0ef58c60
Validity
Not Before: Mar 1 00:28:18 2023 GMT
Not After : Feb 28 00:33:18 2024 GMT
Subject: CN=FA60E520AB852817992041497061DCB59C090663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ce:8e:cd:c6:2b:3e:c3:3e:32:9f:a7:c5:0c:
dd:74:20:65:21:a9:50:f3:c0:ff:cc:a5:26:4b:78:
f9:52:bf:8f:dc:73:f8:e6:c2:89:80:1a:65:97:e1:
b7:82:9f:10:05:cb:3f:c5:81:8d:0d:06:87:53:b1:
90:7c:32:bf:2c:6b:9e:9d:bc:37:27:ec:96:2e:10:
b0:e7:c9:65:80:42:ba:a9:64:57:a5:3f:7c:d6:4a:
66:58:ac:d6:63:07:9e:66:4c:03:1b:9d:2b:9d:66:
50:86:3d:99:e2:bc:61:5e:a0:d8:09:0b:b0:53:c2:
9d:a4:8f:60:a9:b8:da:34:02:82:f4:73:4d:83:1d:
26:47:78:49:5e:66:a7:0f:a7:3d:fc:36:79:a2:84:
8e:09:df:4e:9f:0e:20:f7:c7:52:a4:85:a6:61:1e:
31:1f:54:97:c7:76:8f:93:61:04:a0:d6:f7:d1:9b:
a7:c2:f1:d6:bc:f9:83:02:94:8b:11:fe:c2:f7:6e:
51:40:e5:fb:7b:e5:3e:da:3f:bf:12:e2:2b:03:79:
61:01:d3:d7:77:29:59:ae:98:00:16:92:fe:7a:79:
5c:02:1d:cc:66:e1:e2:1d:43:cd:f4:af:44:8f:df:
d6:e4:e5:1f:01:25:b4:d1:4e:9e:da:2b:0a:00:8b:
58:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:60:E5:20:AB:85:28:17:99:20:41:49:70:61:DC:B5:9C:09:06:63
X509v3 Authority Key Identifier:
keyid:B3:13:AE:6F:32:25:5D:0C:6C:A4:3A:34:EC:6E:14:9C:0E:F5:8C:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/50/B313AE6F32255D0C6CA43A34EC6E149C0EF58C60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxOubzIlXQxspDo07G4UnA71jGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/50/3138352e3232322e34332e302f32342d3234203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.43.0/24
Signature Algorithm: sha256WithRSAEncryption
90:3e:9e:33:ef:94:7f:8b:2f:eb:71:3e:c5:1c:bb:74:a4:dc:
92:aa:5f:f8:7d:5d:b9:96:89:f1:32:a5:bd:5b:88:a6:ef:29:
02:31:03:f7:ed:e3:2a:98:fc:fc:ac:2a:53:be:d6:75:8e:25:
2b:66:6f:81:ba:29:0a:e8:6d:4d:a8:a5:d9:c0:12:01:2c:80:
bb:58:e7:96:93:45:bc:14:28:ef:7e:75:39:3d:b2:f2:87:8f:
8a:13:c9:20:64:54:7b:35:cf:b7:0c:51:d8:05:1c:5c:2e:89:
0c:34:e1:e5:e5:91:02:b7:fd:2a:45:4c:44:87:ec:6e:ec:cd:
c5:5c:0a:5b:78:c9:46:95:86:86:48:01:c6:30:8a:6e:ca:08:
e9:6b:a1:74:61:06:2c:e0:54:14:2b:9c:8f:13:13:0d:8d:87:
39:d0:2d:6d:b4:c5:18:4e:c0:d2:b0:c7:f7:3f:2f:85:e3:eb:
b9:05:c4:23:c1:34:60:9f:d7:c3:2a:cd:2d:01:e5:3b:0e:e8:
8f:21:a8:61:1f:cd:08:3d:c2:b9:cc:b4:1b:1f:2b:07:b9:ba:
c9:1a:73:2f:ba:0e:3c:42:78:2f:9c:3f:3b:36:97:9a:7b:06:
2d:c0:94:d2:fc:57:36:5e:6b:22:25:40:ad:c5:92:7e:93:2b:
25:1c:c6:07
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIUBaOrvoJngjnD6oHAP6vbrT5g47cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjMxM2FlNmYzMjI1NWQwYzZjYTQzYTM0ZWM2ZTE0OWMw
ZWY1OGM2MDAeFw0yMzAzMDEwMDI4MThaFw0yNDAyMjgwMDMzMThaMDMxMTAvBgNV
BAMTKEZBNjBFNTIwQUI4NTI4MTc5OTIwNDE0OTcwNjFEQ0I1OUMwOTA2NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxzo7Nxis+wz4yn6fFDN10IGUh
qVDzwP/MpSZLePlSv4/cc/jmwomAGmWX4beCnxAFyz/FgY0NBodTsZB8Mr8sa56d
vDcn7JYuELDnyWWAQrqpZFelP3zWSmZYrNZjB55mTAMbnSudZlCGPZnivGFeoNgJ
C7BTwp2kj2CpuNo0AoL0c02DHSZHeEleZqcPpz38NnmihI4J306fDiD3x1KkhaZh
HjEfVJfHdo+TYQSg1vfRm6fC8da8+YMClIsR/sL3blFA5ft75T7aP78S4isDeWEB
09d3KVmumAAWkv56eVwCHcxm4eIdQ830r0SP39bk5R8BJbTRTp7aKwoAi1gxAgMB
AAGjggHOMIIByjAdBgNVHQ4EFgQU+mDlIKuFKBeZIEFJcGHctZwJBmMwHwYDVR0j
BBgwFoAUsxOubzIlXQxspDo07G4UnA71jGAwDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS81MC9C
MzEzQUU2RjMyMjU1RDBDNkNBNDNBMzRFQzZFMTQ5QzBFRjU4QzYwLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvc3hPdWJ6SWxYUXhzcERvMDdHNFVuQTcxakdBLmNl
cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS81MC8zMTM4MzUyZTMyMzIzMjJlMzQzMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4rMA0GCSqGSIb3DQEB
CwUAA4IBAQCQPp4z75R/iy/rcT7FHLt0pNySql/4fV25lonxMqW9W4im7ykCMQP3
7eMqmPz8rCpTvtZ1jiUrZm+BuikK6G1NqKXZwBIBLIC7WOeWk0W8FCjvfnU5PbLy
h4+KE8kgZFR7Nc+3DFHYBRxcLokMNOHl5ZECt/0qRUxEh+xu7M3FXApbeMlGlYaG
SAHGMIpuygjpa6F0YQYs4FQUK5yPExMNjYc50C1ttMUYTsDSsMf3Py+F4+u5BcQj
wTRgn9fDKs0tAeU7DuiPIahhH80IPcK5zLQbHysHubrJGnMvug48QngvnD87Npea
ewYtwJTS/Fc2XmsiJUCtxZJ+kyslHMYH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:49 2024 by rpki-client on console-ams.rpki-client.org