Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/8f2f65-7ac9-400a-b64c-e2f22d91624f/1/T-IL-wNy4NZ_R0VTpJJL9nGYLD0.roa
File: T-IL-wNy4NZ_R0VTpJJL9nGYLD0.roa (raw, json)
Hash identifier: fWox49Y88ZadN8s51odZ85jgWeg+D7Ya/YscLQDt47g=
Subject key identifier: 4F:E2:0B:FB:03:72:E0:D6:7F:47:45:53:A4:92:4B:F6:71:98:2C:3D
Certificate issuer: /CN=3875dfb25624df2bcefd7b2e3e1217a05ad26405
Certificate serial: 01856D53CFBA2170075D25F737C60FE36479
Authority key identifier: 38:75:DF:B2:56:24:DF:2B:CE:FD:7B:2E:3E:12:17:A0:5A:D2:64:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHXfslYk3yvO_XsuPhIXoFrSZAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/8f2f65-7ac9-400a-b64c-e2f22d91624f/1/T-IL-wNy4NZ_R0VTpJJL9nGYLD0.roa
Signing time: Sun 01 Jan 2023 12:34:47 +0000
ROA not before: Sun 01 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 141.98.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:cf:ba:21:70:07:5d:25:f7:37:c6:0f:e3:64:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3875dfb25624df2bcefd7b2e3e1217a05ad26405
Validity
Not Before: Jan 1 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fe20bfb0372e0d67f474553a4924bf671982c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c7:d4:4f:df:a9:22:ca:b9:06:9c:e3:dc:ff:
74:86:f0:99:3a:a1:61:e7:41:f0:a2:10:4c:eb:c2:
27:a7:22:bb:04:a4:83:f5:42:11:4d:57:d4:7f:18:
cf:71:b4:32:5e:93:c6:24:fb:b3:dd:02:50:6c:80:
a5:b1:22:15:5c:3e:37:44:ed:44:f0:b0:04:35:40:
8d:a2:ce:fe:b8:44:f0:46:06:17:b0:b9:8e:85:5e:
2d:68:bc:68:83:c3:35:b9:dc:a1:05:c2:68:a4:1f:
14:a0:d3:b1:ff:36:50:76:6a:b3:20:8f:a6:cf:f5:
46:f8:25:03:ae:9f:77:33:33:00:aa:86:02:f2:6f:
fa:c7:1d:45:5a:fb:76:ad:82:44:17:61:25:50:51:
b8:99:00:af:a9:d7:ee:15:66:b7:47:60:20:c1:a7:
c9:27:5c:22:b6:87:5e:3a:a9:d7:63:01:92:ec:e4:
13:e7:f2:4c:0e:50:df:90:66:58:25:c3:14:a5:94:
9e:9d:70:fd:38:fc:53:cd:ae:cb:8e:b6:fd:9f:80:
19:95:c3:82:99:8a:cc:06:f5:b4:82:89:67:55:f5:
44:2b:6d:46:22:94:3a:db:9e:76:ea:37:55:2c:41:
dc:99:28:0b:40:0d:67:c9:99:88:b4:df:56:be:f6:
13:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E2:0B:FB:03:72:E0:D6:7F:47:45:53:A4:92:4B:F6:71:98:2C:3D
X509v3 Authority Key Identifier:
keyid:38:75:DF:B2:56:24:DF:2B:CE:FD:7B:2E:3E:12:17:A0:5A:D2:64:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHXfslYk3yvO_XsuPhIXoFrSZAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/8f2f65-7ac9-400a-b64c-e2f22d91624f/1/T-IL-wNy4NZ_R0VTpJJL9nGYLD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/8f2f65-7ac9-400a-b64c-e2f22d91624f/1/OHXfslYk3yvO_XsuPhIXoFrSZAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.36.0/22
Signature Algorithm: sha256WithRSAEncryption
71:0e:32:25:63:d4:e8:b7:93:2b:dd:19:c7:39:bd:b4:e4:59:
07:ba:9f:3b:d3:5a:c1:45:c2:20:04:52:c1:3e:3f:3a:22:43:
45:0a:9f:75:ba:bf:e5:18:7b:f6:bc:ab:10:c3:18:38:bf:4b:
03:08:4b:a9:65:65:e7:37:39:50:ec:2a:70:14:34:f7:43:37:
ff:18:c3:3c:d2:e8:87:3e:ac:d2:66:df:cd:dc:89:da:6f:dd:
b5:ca:36:d2:92:25:72:f6:c4:8f:2c:e9:c4:8e:5e:2e:9b:a7:
e3:d1:98:7d:01:09:75:a9:f6:90:b5:e4:f4:e5:d5:13:db:dc:
a0:80:e4:ef:de:9d:14:62:4e:0f:16:5b:77:b5:ed:80:ec:90:
7d:f7:f0:10:bf:16:92:2c:34:64:b8:56:2d:03:11:92:6e:06:
d4:24:9e:4d:e9:45:8c:84:ff:b2:72:a0:85:f6:8e:21:b1:23:
5c:ca:e0:ca:a2:11:5d:e5:04:f6:05:04:f2:0e:18:0f:ae:37:
bc:7b:34:b9:0c:70:8b:95:39:06:5a:a8:fc:0c:b6:81:1e:ed:
63:bc:e3:b2:2d:73:64:92:09:12:e5:f6:d3:59:d2:7d:8f:26:
36:8b:4a:1e:36:0f:c2:28:ee:c4:de:9f:4a:d5:6c:64:e3:ca:
17:80:47:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU8+6IXAHXSX3N8YP42R5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NzVkZmIyNTYyNGRmMmJjZWZkN2IyZTNlMTIxN2EwNWFk
MjY0MDUwHhcNMjMwMTAxMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUyMGJmYjAzNzJlMGQ2N2Y0NzQ1NTNhNDkyNGJmNjcxOTgyYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcfUT9+pIsq5Bpzj3P90hvCZOqFh
50HwohBM68InpyK7BKSD9UIRTVfUfxjPcbQyXpPGJPuz3QJQbIClsSIVXD43RO1E
8LAENUCNos7+uETwRgYXsLmOhV4taLxog8M1udyhBcJopB8UoNOx/zZQdmqzII+m
z/VG+CUDrp93MzMAqoYC8m/6xx1FWvt2rYJEF2ElUFG4mQCvqdfuFWa3R2AgwafJ
J1witodeOqnXYwGS7OQT5/JMDlDfkGZYJcMUpZSenXD9OPxTza7Ljrb9n4AZlcOC
mYrMBvW0golnVfVEK21GIpQ625526jdVLEHcmSgLQA1nyZmItN9WvvYTZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/iC/sDcuDWf0dFU6SSS/ZxmCw9MB8GA1UdIwQY
MBaAFDh137JWJN8rzv17Lj4SF6Ba0mQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0hYZnNsWWszeXZPX1hzdVBoSVhvRnJTWkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84ZjJmNjUtN2FjOS00MDBhLWI2NGMt
ZTJmMjJkOTE2MjRmLzEvVC1JTC13Tnk0TlpfUjBWVHBKSkw5bkdZTEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84ZjJmNjUtN2FjOS00MDBhLWI2NGMtZTJmMjJkOTE2MjRm
LzEvT0hYZnNsWWszeXZPX1hzdVBoSVhvRnJTWkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjWIkMA0G
CSqGSIb3DQEBCwUAA4IBAQBxDjIlY9Tot5Mr3RnHOb205FkHup8701rBRcIgBFLB
Pj86IkNFCp91ur/lGHv2vKsQwxg4v0sDCEupZWXnNzlQ7CpwFDT3Qzf/GMM80uiH
PqzSZt/N3Inab921yjbSkiVy9sSPLOnEjl4um6fj0Zh9AQl1qfaQteT05dUT29yg
gOTv3p0UYk4PFlt3te2A7JB99/AQvxaSLDRkuFYtAxGSbgbUJJ5N6UWMhP+ycqCF
9o4hsSNcyuDKohFd5QT2BQTyDhgPrje8ezS5DHCLlTkGWqj8DLaBHu1jvOOyLXNk
kgkS5fbTWdJ9jyY2i0oeNg/CKO7E3p9K1Wxk48oXgEdt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:52 2025 by rpki-client