Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/JwOvG8naD4CxLSKikp2rMX1bUTQ.roa
File: JwOvG8naD4CxLSKikp2rMX1bUTQ.roa (raw, json)
Hash identifier: 64k3Lnu5TpcAaBjRdMsi0uiEq3lh1O/GfO0PbEMwFjc=
Subject key identifier: 27:03:AF:1B:C9:DA:0F:80:B1:2D:22:A2:92:9D:AB:31:7D:5B:51:34
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 0184CE6699F081BF9A880FDD3F8134283E4D
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/JwOvG8naD4CxLSKikp2rMX1bUTQ.roa
Signing time: Thu 01 Dec 2022 15:55:41 +0000
ROA not before: Thu 01 Dec 2022 15:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 141.11.104.0/24 maxlen: 24
141.11.0.0/24 maxlen: 24
141.11.28.0/24 maxlen: 24
141.11.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:66:99:f0:81:bf:9a:88:0f:dd:3f:81:34:28:3e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Dec 1 15:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2703af1bc9da0f80b12d22a2929dab317d5b5134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:51:26:4e:bb:90:c7:ca:d2:e8:05:72:e7:
20:f3:eb:c8:8a:f2:ba:5d:ea:05:e6:64:ac:f1:75:
9f:e8:83:10:d4:5c:c7:56:e3:80:45:98:36:c7:b9:
73:25:00:0b:73:63:87:e0:71:38:7b:ec:ec:be:8e:
51:47:9a:d1:f6:9b:e3:90:c5:9b:95:5f:f0:fd:37:
a5:69:65:d0:cd:0f:53:cf:67:0b:7c:56:65:80:ba:
65:46:c2:97:c3:23:34:35:91:d1:ef:94:6d:2e:9a:
e0:d4:71:a5:64:10:b5:2b:d8:47:22:31:d6:c1:1c:
4f:34:5f:8a:04:b5:9e:e9:11:3a:51:f6:7e:1e:29:
99:22:d3:d2:0c:40:f4:0a:d1:be:a5:da:1a:87:e3:
c4:fa:6b:26:51:84:ac:c3:9f:5e:d9:03:33:ba:0a:
15:1f:3e:ee:a4:87:89:6c:3e:3f:0b:ac:04:a5:e3:
09:9c:f8:94:d8:1d:a9:0c:24:a6:1b:cd:aa:eb:cb:
61:cb:f0:b5:6b:31:0b:7c:fc:39:07:b8:20:2f:34:
52:63:2f:b4:3c:d0:47:4b:5a:d4:43:3e:f5:85:c8:
b8:0d:bc:71:5c:b8:75:63:9b:be:4e:c4:46:50:04:
1b:c7:97:00:54:ea:70:38:ab:33:36:53:2e:06:1d:
d7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:03:AF:1B:C9:DA:0F:80:B1:2D:22:A2:92:9D:AB:31:7D:5B:51:34
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/JwOvG8naD4CxLSKikp2rMX1bUTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.0.0/24
141.11.28.0/24
141.11.104.0/24
141.11.242.0/24
Signature Algorithm: sha256WithRSAEncryption
48:6d:bb:04:9f:86:b3:b9:bb:d5:8f:6b:4a:87:0b:34:0d:23:
13:50:59:ce:29:e1:b2:8a:d4:eb:2f:6e:4b:d0:2d:ac:ae:b9:
ce:57:6e:80:82:1e:6f:ba:ac:a6:0e:ac:5b:59:54:04:b1:91:
04:a8:00:d2:07:89:74:36:42:8c:8d:c8:bd:25:ac:ba:49:c6:
24:ac:b3:27:fc:a5:fc:b2:9a:a9:a0:44:34:06:2b:78:bb:94:
cc:c1:e7:d7:8e:89:4e:71:16:c8:7e:4a:e3:48:70:e3:0c:d9:
c1:e5:19:d0:63:88:cb:4d:15:11:18:5f:18:1d:53:7a:9a:e0:
a4:81:51:af:37:da:76:af:56:b6:ea:b2:61:28:fc:45:64:53:
3e:70:c8:ab:e0:67:cb:4d:9d:01:27:d7:37:54:45:f0:00:b7:
32:23:2b:10:3f:e4:c4:f6:d8:df:7c:95:44:62:ae:fb:c3:91:
f8:bc:90:df:fc:09:a2:40:e5:ae:24:ab:fa:c3:4e:dc:f3:7c:
e7:2e:c5:7f:48:e9:b9:da:78:0c:e8:aa:fa:54:9d:51:be:f5:
8a:c2:f2:ef:49:52:51:5b:24:46:2b:72:33:03:1b:ff:38:26:
f6:00:41:ed:ee:de:72:38:18:ff:7c:94:a3:21:17:9d:97:2b:
9b:11:d3:af
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTOZpnwgb+aiA/dP4E0KD5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMjAxMTU1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzAzYWYxYmM5ZGEwZjgwYjEyZDIyYTI5MjlkYWIzMTdkNWI1MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusZRJk67kMfK0ugFcucg8+vIivK6
XeoF5mSs8XWf6IMQ1FzHVuOARZg2x7lzJQALc2OH4HE4e+zsvo5RR5rR9pvjkMWb
lV/w/TelaWXQzQ9Tz2cLfFZlgLplRsKXwyM0NZHR75RtLprg1HGlZBC1K9hHIjHW
wRxPNF+KBLWe6RE6UfZ+HimZItPSDED0CtG+pdoah+PE+msmUYSsw59e2QMzugoV
Hz7upIeJbD4/C6wEpeMJnPiU2B2pDCSmG82q68thy/C1azELfPw5B7ggLzRSYy+0
PNBHS1rUQz71hci4DbxxXLh1Y5u+TsRGUAQbx5cAVOpwOKszNlMuBh3XiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCcDrxvJ2g+AsS0iopKdqzF9W1E0MB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvSndPdkc4bmFENEN4TFNLaWtwMnJNWDFiVVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjQsAAwQA
jQscAwQAjQtoAwQAjQvyMA0GCSqGSIb3DQEBCwUAA4IBAQBIbbsEn4azubvVj2tK
hws0DSMTUFnOKeGyitTrL25L0C2srrnOV26Agh5vuqymDqxbWVQEsZEEqADSB4l0
NkKMjci9Jay6ScYkrLMn/KX8spqpoEQ0Bit4u5TMwefXjolOcRbIfkrjSHDjDNnB
5RnQY4jLTRURGF8YHVN6muCkgVGvN9p2r1a26rJhKPxFZFM+cMir4GfLTZ0BJ9c3
VEXwALcyIysQP+TE9tjffJVEYq77w5H4vJDf/AmiQOWuJKv6w07c83znLsV/SOm5
2ngM6Kr6VJ1RvvWKwvLvSVJRWyRGK3IzAxv/OCb2AEHt7t5yOBj/fJSjIRedlyub
EdOv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:10 2023 by rpki-client on console-ams.rpki-client.org