Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
File: AS22168.roa (raw, json)
Hash identifier: CkWiJP3Zh7zGx3vrR7d3HNqDzvV1jLtNNSsXIiPqmqg=
Subject key identifier: 79:CB:BE:62:AA:73:38:B3:BF:F9:9E:77:CF:0C:E4:12:37:7F:56:91
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 40D273D3720AA9EC011C32965245D0DFEDDDAFF6
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
Signing time: Thu 27 Mar 2025 12:53:59 +0000
ROA not before: Thu 27 Mar 2025 12:48:59 +0000
ROA not after: Thu 26 Mar 2026 12:53:59 +0000
asID: 22168
IP address blocks: 179.61.168.0/24 maxlen: 24
181.41.192.0/24 maxlen: 24
181.214.62.0/24 maxlen: 24
181.214.90.0/24 maxlen: 24
181.214.234.0/24 maxlen: 24
181.214.245.0/24 maxlen: 24
181.215.138.0/24 maxlen: 24
181.215.145.0/24 maxlen: 24
181.215.208.0/24 maxlen: 24
191.96.20.0/24 maxlen: 24
191.96.22.0/24 maxlen: 24
191.96.127.0/24 maxlen: 24
191.101.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d2:73:d3:72:0a:a9:ec:01:1c:32:96:52:45:d0:df:ed:dd:af:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 27 12:48:59 2025 GMT
Not After : Mar 26 12:53:59 2026 GMT
Subject: CN=79CBBE62AA7338B3BFF99E77CF0CE412377F5691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2a:de:2f:a7:85:84:c3:6b:9a:16:d9:22:07:
dd:70:c2:5d:85:7b:b5:b7:7a:90:44:55:69:21:f6:
c5:fa:c4:c5:05:c1:bd:e8:78:87:de:4a:b2:ad:fc:
ae:f0:e5:6d:8a:c6:24:7f:be:52:21:f1:08:1c:72:
4d:67:1c:f2:ab:92:0a:42:66:b9:82:2e:a5:cc:91:
d9:0e:a0:21:79:37:ef:16:0f:44:80:c7:48:d8:19:
66:1e:4f:b1:e8:02:f9:90:67:57:51:18:78:e0:ba:
96:83:da:64:9a:1f:49:f2:ca:25:14:26:95:4e:bb:
99:be:ea:74:91:92:3e:40:10:8b:82:21:cf:49:fc:
6d:8e:67:3f:ca:3b:4d:a5:3b:3b:df:7d:87:1b:79:
82:e3:82:97:0b:3f:2b:51:20:cd:cd:c2:0b:53:1c:
3b:7b:34:78:56:69:70:53:93:36:8c:94:1c:d6:a7:
aa:eb:54:ea:a8:4f:f9:8d:78:8e:e6:a8:4c:90:37:
02:6e:b9:d5:c4:ef:ab:2d:2b:d5:3d:29:ba:fa:90:
20:4c:88:29:75:28:87:40:8a:9f:44:17:31:13:af:
d0:ac:01:65:6d:94:85:cb:4c:4d:b0:e3:58:f6:4b:
6a:cd:59:e7:59:e2:7c:09:e4:eb:99:4b:6c:7f:57:
a4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CB:BE:62:AA:73:38:B3:BF:F9:9E:77:CF:0C:E4:12:37:7F:56:91
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS22168.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.168.0/24
181.41.192.0/24
181.214.62.0/24
181.214.90.0/24
181.214.234.0/24
181.214.245.0/24
181.215.138.0/24
181.215.145.0/24
181.215.208.0/24
191.96.20.0/24
191.96.22.0/24
191.96.127.0/24
191.101.103.0/24
Signature Algorithm: sha256WithRSAEncryption
81:dd:8f:0f:a0:7d:09:28:e3:c0:66:ed:dc:4c:2f:07:9a:fa:
7f:28:93:3e:61:6a:44:53:43:7e:7d:69:d1:e3:53:37:5c:70:
af:5b:fe:1b:4a:88:23:ca:62:98:56:32:7e:b6:21:4e:60:67:
ef:cc:9d:38:28:36:27:69:bc:6c:35:91:4d:10:e5:58:c7:de:
ff:27:48:13:f5:57:97:de:2b:3d:c3:57:f2:80:bd:ef:37:ff:
c4:36:c4:84:48:08:41:db:4c:cf:14:6e:10:86:48:0e:26:d3:
1e:cc:65:0a:49:88:af:21:a2:75:99:7e:e8:57:76:9e:c6:b9:
a9:e6:95:8b:12:c0:99:9e:65:c1:a9:9a:bb:b2:25:c2:44:46:
21:20:3b:e0:27:15:a1:85:07:ae:5e:4e:77:07:d7:9c:ff:38:
7a:40:75:21:40:1c:15:b8:41:b5:e2:12:20:b2:16:bc:fe:4c:
c9:77:17:b0:63:6a:f0:46:c2:cb:43:29:c5:40:09:d2:ae:e0:
36:c2:7e:2b:47:2f:a4:84:6f:70:f0:c1:07:b2:8a:87:32:45:
09:5e:08:ae:8f:c4:86:1b:2e:de:19:73:4d:cb:b6:86:ff:17:
70:02:4e:73:d8:40:4a:4c:11:73:76:9d:44:f5:a8:b9:61:99:
c6:6b:74:d6
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUQNJz03IKqewBHDKWUkXQ3+3dr/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMjcxMjQ4NTlaFw0yNjAzMjYxMjUzNTlaMDMxMTAvBgNV
BAMTKDc5Q0JCRTYyQUE3MzM4QjNCRkY5OUU3N0NGMENFNDEyMzc3RjU2OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiKt4vp4WEw2uaFtkiB91wwl2F
e7W3epBEVWkh9sX6xMUFwb3oeIfeSrKt/K7w5W2KxiR/vlIh8Qgcck1nHPKrkgpC
ZrmCLqXMkdkOoCF5N+8WD0SAx0jYGWYeT7HoAvmQZ1dRGHjgupaD2mSaH0nyyiUU
JpVOu5m+6nSRkj5AEIuCIc9J/G2OZz/KO02lOzvffYcbeYLjgpcLPytRIM3NwgtT
HDt7NHhWaXBTkzaMlBzWp6rrVOqoT/mNeI7mqEyQNwJuudXE76stK9U9Kbr6kCBM
iCl1KIdAip9EFzETr9CsAWVtlIXLTE2w41j2S2rNWedZ4nwJ5OuZS2x/V6RbAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUecu+YqpzOLO/+Z53zwzkEjd/VpEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjIxNjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACzPagD
BAC1KcADBAC11j4DBAC11loDBAC11uoDBAC11vUDBAC114oDBAC115EDBAC119AD
BAC/YBQDBAC/YBYDBAC/YH8DBAC/ZWcwDQYJKoZIhvcNAQELBQADggEBAIHdjw+g
fQko48Bm7dxMLwea+n8okz5hakRTQ359adHjUzdccK9b/htKiCPKYphWMn62IU5g
Z+/MnTgoNidpvGw1kU0Q5VjH3v8nSBP1V5feKz3DV/KAve83/8Q2xIRICEHbTM8U
bhCGSA4m0x7MZQpJiK8honWZfuhXdp7GuanmlYsSwJmeZcGpmruyJcJERiEgO+An
FaGFB65eTncH15z/OHpAdSFAHBW4QbXiEiCyFrz+TMl3F7BjavBGwstDKcVACdKu
4DbCfitHL6SEb3DwwQeyiocyRQleCK6PxIYbLt4Zc03Ltob/F3ACTnPYQEpMEXN2
nUT1qLlhmcZrdNY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:50 2025 by rpki-client