Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/tatUGTcfpoD18L6eQrqzA-6HSxk.roa
File: tatUGTcfpoD18L6eQrqzA-6HSxk.roa (raw, json)
Hash identifier: +tY3e03qCmcP8joUzmIiAS6x6uljD/pL2cz9/a2gmnY=
Subject key identifier: B5:AB:54:19:37:1F:A6:80:F5:F0:BE:9E:42:BA:B3:03:EE:87:4B:19
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 01848A49FF6D1C48FBA241CE9191AF3B739A
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/tatUGTcfpoD18L6eQrqzA-6HSxk.roa
Signing time: Fri 18 Nov 2022 10:30:16 +0000
ROA not before: Fri 18 Nov 2022 10:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 141.11.178.0/24 maxlen: 24
141.11.196.0/22 maxlen: 24
141.11.200.0/22 maxlen: 24
141.11.208.0/22 maxlen: 24
141.11.236.0/22 maxlen: 24
141.11.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:49:ff:6d:1c:48:fb:a2:41:ce:91:91:af:3b:73:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Nov 18 10:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5ab5419371fa680f5f0be9e42bab303ee874b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a9:7d:4c:32:7e:e9:3c:be:bc:f1:c2:09:cb:
c3:b8:6d:5f:26:ab:e1:9d:c1:0d:6b:9d:96:e0:73:
1a:16:39:8c:d9:9b:9f:41:09:c8:19:bf:4c:d1:18:
68:e6:24:e0:e7:19:20:5a:5f:6a:1d:d7:12:53:5d:
b4:7c:41:d4:c2:ab:2f:fd:46:45:c6:29:4e:e7:98:
0e:f5:91:e2:65:db:8e:c5:79:4c:7c:ad:08:5f:ce:
0e:47:d4:7b:ad:70:74:7d:7a:f7:2f:3b:8f:87:4b:
4c:4f:b4:e6:b8:97:83:70:61:b8:34:a5:f8:b9:ad:
f6:7d:ef:57:06:2e:f4:10:1b:52:c2:1e:32:d0:9b:
32:c4:93:90:8f:2e:77:26:fd:6e:42:6f:d0:6f:df:
38:4c:30:e9:88:f7:02:d7:dd:58:d4:f7:2c:23:f0:
ce:bf:bf:eb:b2:63:1e:59:55:a2:16:db:2c:88:7f:
d5:e8:4c:3f:0a:92:c4:44:ca:a9:66:65:b9:99:f9:
b3:11:0a:a2:f7:39:27:37:35:18:59:5d:45:99:47:
a0:fb:eb:ec:f1:d2:83:ba:92:dc:ea:3b:1d:ff:05:
50:b7:07:6a:0b:db:e7:d7:78:67:09:65:f7:17:5c:
9e:6c:1c:35:ee:8a:3d:d5:5c:e2:14:32:20:dc:87:
57:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AB:54:19:37:1F:A6:80:F5:F0:BE:9E:42:BA:B3:03:EE:87:4B:19
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/tatUGTcfpoD18L6eQrqzA-6HSxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.140.0/22
141.11.178.0/24
141.11.196.0-141.11.203.255
141.11.208.0/22
141.11.236.0/22
Signature Algorithm: sha256WithRSAEncryption
75:11:bc:8c:ad:41:40:7e:c2:bc:89:62:d4:5c:e3:2f:f4:10:
d6:b6:0a:21:ad:86:16:77:dd:66:07:d3:cf:5f:6f:20:d1:d5:
80:45:b7:bb:d5:04:ff:b2:2b:90:07:7a:aa:d1:2f:ce:9c:38:
24:6d:47:7f:4e:b5:de:c9:ea:f6:bb:ae:50:d3:b0:0d:06:71:
a5:7b:95:97:b0:55:51:b2:b9:d9:d3:78:9e:8b:4e:a7:2f:c6:
88:a0:7d:60:ce:aa:72:e2:14:18:e2:07:53:c6:34:78:86:fd:
4f:95:96:bd:d9:2e:5b:fc:b2:59:86:f6:54:af:f8:61:3c:3b:
7b:14:f9:32:16:c6:3e:a2:4d:25:2a:29:c1:71:4c:0e:03:34:
26:51:42:83:33:f7:37:94:d8:de:01:df:c5:bb:71:24:ee:c9:
57:4e:0b:f1:54:b3:05:e9:f3:f2:75:a7:ba:2e:38:65:71:82:
8e:37:cc:5f:a0:f0:64:02:06:38:15:ae:72:4c:be:d7:8f:c7:
02:a5:85:eb:33:39:8e:86:0f:e4:70:05:71:a2:7c:7f:e9:ce:
1d:42:9e:4a:a8:d8:76:f3:14:ce:35:6d:34:6e:9a:79:0c:eb:
14:74:27:01:9a:e4:21:a4:c7:4f:60:09:76:c0:b1:5c:d3:e5:
7b:72:a8:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSKSf9tHEj7okHOkZGvO3OaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMTE4MTAzMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFiNTQxOTM3MWZhNjgwZjVmMGJlOWU0MmJhYjMwM2VlODc0YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhal9TDJ+6Ty+vPHCCcvDuG1fJqvh
ncENa52W4HMaFjmM2ZufQQnIGb9M0Rho5iTg5xkgWl9qHdcSU120fEHUwqsv/UZF
xilO55gO9ZHiZduOxXlMfK0IX84OR9R7rXB0fXr3LzuPh0tMT7TmuJeDcGG4NKX4
ua32fe9XBi70EBtSwh4y0JsyxJOQjy53Jv1uQm/Qb984TDDpiPcC191Y1PcsI/DO
v7/rsmMeWVWiFtssiH/V6Ew/CpLERMqpZmW5mfmzEQqi9zknNzUYWV1FmUeg++vs
8dKDupLc6jsd/wVQtwdqC9vn13hnCWX3F1yebBw17oo91VziFDIg3IdX1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLWrVBk3H6aA9fC+nkK6swPuh0sZMB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvdGF0VUdUY2Zwb0QxOEw2ZVFycXpBLTZIU3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCjQuMAwQA
jQuyMAwDBAKNC8QDBAKNC8gDBAKNC9ADBAKNC+wwDQYJKoZIhvcNAQELBQADggEB
AHURvIytQUB+wryJYtRc4y/0ENa2CiGthhZ33WYH089fbyDR1YBFt7vVBP+yK5AH
eqrRL86cOCRtR39Otd7J6va7rlDTsA0GcaV7lZewVVGyudnTeJ6LTqcvxoigfWDO
qnLiFBjiB1PGNHiG/U+Vlr3ZLlv8slmG9lSv+GE8O3sU+TIWxj6iTSUqKcFxTA4D
NCZRQoMz9zeU2N4B38W7cSTuyVdOC/FUswXp8/J1p7ouOGVxgo43zF+g8GQCBjgV
rnJMvtePxwKlheszOY6GD+RwBXGifH/pzh1Cnkqo2HbzFM41bTRumnkM6xR0JwGa
5CGkx09gCXbAsVzT5XtyqE0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:17 2023 by rpki-client on console-fra.rpki-client.org