Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/2NAYe_yq1nF5R5RH1oSd22cbso0.roa
File: 2NAYe_yq1nF5R5RH1oSd22cbso0.roa (raw, json)
Hash identifier: 5XhgMm+/3Vci9Xto3UJ9q7Zh471Lf5lGq0WpXUTJKoU=
Subject key identifier: D8:D0:18:7B:FC:AA:D6:71:79:47:94:47:D6:84:9D:DB:67:1B:B2:8D
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 033532E0
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/2NAYe_yq1nF5R5RH1oSd22cbso0.roa
Signing time: Wed 23 Feb 2022 14:46:49 +0000
ROA not before: Wed 23 Feb 2022 14:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57416
IP address blocks: 141.11.161.0/24 maxlen: 24
141.11.178.0/24 maxlen: 24
141.11.177.0/24 maxlen: 24
141.11.109.0/24 maxlen: 24
141.11.4.0/24 maxlen: 24
141.11.5.0/24 maxlen: 24
141.11.120.0/24 maxlen: 24
141.11.127.0/24 maxlen: 24
141.11.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53818080 (0x33532e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Feb 23 14:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8d0187bfcaad67179479447d6849ddb671bb28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:a6:9c:5c:64:3f:38:bc:a5:c6:73:a3:85:
8a:84:dc:74:10:79:b0:b6:0a:59:87:26:ac:32:5b:
91:a0:bf:a2:5c:eb:54:ca:64:a8:de:c4:ad:75:1d:
8b:3e:83:de:3d:ab:42:6b:95:0f:c0:29:e2:1f:dc:
ea:de:ad:d8:b1:fd:f7:ef:13:2d:5b:0d:97:75:e4:
ec:cd:d4:ec:c9:ec:be:dd:ad:db:e8:4e:e8:c1:c2:
14:a1:67:28:30:06:61:f0:f8:74:74:90:15:97:46:
ad:39:07:09:a9:70:4d:10:f4:70:6d:e2:7f:7a:61:
d9:4f:68:2a:c0:70:b4:ad:64:bb:54:ba:75:28:a4:
48:9b:1d:ef:16:2e:30:2b:23:47:98:a3:68:9e:1d:
5e:88:97:19:3f:c3:7f:a0:1d:0f:ca:f9:2d:a2:93:
00:8d:0b:64:bf:4a:33:9e:d4:de:7b:35:d0:b1:81:
0b:14:11:7e:75:80:4b:fe:20:e0:f3:39:13:92:18:
63:ac:21:75:fb:1d:7d:9a:bf:4e:65:08:7f:31:52:
03:67:a2:bd:37:ba:73:53:9b:55:f8:82:97:a3:6e:
a3:e0:11:94:86:f5:5f:79:47:a2:ea:03:d2:d0:d4:
70:65:a6:6b:7f:40:3f:63:eb:61:09:8e:f2:87:b2:
08:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D0:18:7B:FC:AA:D6:71:79:47:94:47:D6:84:9D:DB:67:1B:B2:8D
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/2NAYe_yq1nF5R5RH1oSd22cbso0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.4.0/23
141.11.30.0/24
141.11.109.0/24
141.11.120.0/24
141.11.127.0/24
141.11.161.0/24
141.11.177.0-141.11.178.255
Signature Algorithm: sha256WithRSAEncryption
16:4d:51:62:0f:4d:bc:1a:4f:cc:ef:7d:13:85:ba:c0:a2:e7:
b6:f0:9f:5d:04:5e:92:c3:fa:7d:bf:7f:d5:76:79:ae:c8:c7:
4c:8c:4d:e7:e7:77:69:ac:64:bd:6c:20:b1:c5:83:40:82:ae:
42:e5:d3:e5:be:0e:e5:d3:77:25:46:f9:6e:c1:96:77:69:0c:
13:01:aa:df:24:f0:07:e6:7f:2c:f4:6c:95:44:34:19:2b:c5:
b5:4a:27:02:22:1a:be:40:d0:14:9c:00:90:91:f6:b4:77:86:
71:36:b8:f4:28:e9:7c:25:2d:68:d8:06:b4:ef:e6:1b:40:40:
89:7c:37:87:dd:85:ed:79:8e:5e:5f:80:f2:53:28:aa:f0:16:
ad:1e:13:fd:a3:43:b0:84:f6:ed:c6:92:51:b8:89:f3:62:30:
19:ed:9b:22:67:9c:74:c0:d9:1c:d1:49:02:c2:a9:3f:78:87:
79:9e:18:0b:4e:71:55:03:6d:36:53:3b:0f:3d:07:f2:a2:c0:
80:e6:df:06:9b:6b:70:4f:3f:6d:a9:4f:67:f0:0e:e1:51:ae:
d5:9b:f3:94:9e:bd:79:56:07:60:2a:7c:83:e3:45:dc:68:84:
9e:6b:26:e0:cd:da:d8:5a:d6:f3:84:04:83:ef:1d:3c:7c:50:
5b:33:61:1d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEAzUy4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDIy
MzE0NDY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhkMDE4N2JmY2Fh
ZDY3MTc5NDc5NDQ3ZDY4NDlkZGI2NzFiYjI4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRmppxcZD84vKXGc6OFioTcdBB5sLYKWYcmrDJbkaC/olzr
VMpkqN7ErXUdiz6D3j2rQmuVD8Ap4h/c6t6t2LH99+8TLVsNl3Xk7M3U7Mnsvt2t
2+hO6MHCFKFnKDAGYfD4dHSQFZdGrTkHCalwTRD0cG3if3ph2U9oKsBwtK1ku1S6
dSikSJsd7xYuMCsjR5ijaJ4dXoiXGT/Df6AdD8r5LaKTAI0LZL9KM57U3ns10LGB
CxQRfnWAS/4g4PM5E5IYY6whdfsdfZq/TmUIfzFSA2eivTe6c1ObVfiCl6Nuo+AR
lIb1X3lHouoD0tDUcGWma39AP2PrYQmO8oeyCC8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTY0Bh7/KrWcXlHlEfWhJ3bZxuyjTAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
LzJOQVllX3lxMW5GNVI1Ukgxb1NkMjJjYnNvMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAY0LBAMEAI0LHgMEAI0LbQMEAI0L
eAMEAI0LfwMEAI0LoTAMAwQAjQuxAwQAjQuyMA0GCSqGSIb3DQEBCwUAA4IBAQAW
TVFiD028Gk/M730ThbrAoue28J9dBF6Sw/p9v3/VdnmuyMdMjE3n53dprGS9bCCx
xYNAgq5C5dPlvg7l03clRvluwZZ3aQwTAarfJPAH5n8s9GyVRDQZK8W1SicCIhq+
QNAUnACQkfa0d4ZxNrj0KOl8JS1o2Aa07+YbQECJfDeH3YXteY5eX4DyUyiq8Bat
HhP9o0OwhPbtxpJRuInzYjAZ7ZsiZ5x0wNkc0UkCwqk/eId5nhgLTnFVA202UzsP
PQfyosCA5t8Gm2twTz9tqU9n8A7hUa7Vm/OUnr15VgdgKnyD40XcaISeaybgzdrY
WtbzhASD7x08fFBbM2Ed
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-ams.rpki-client.org