Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/T5l-_mSHlR0pQXdQu_3jlPq8wgU.roa
File: T5l-_mSHlR0pQXdQu_3jlPq8wgU.roa (raw, json)
Hash identifier: P1j/7GEWwV9ogoyEq7DquD0FpIohz9+lI+dvKXveHGo=
Subject key identifier: 4F:99:7E:FE:64:87:95:1D:29:41:77:50:BB:FD:E3:94:FA:BC:C2:05
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 0193C208949AD6D20043EC057B5CC990784E
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/T5l-_mSHlR0pQXdQu_3jlPq8wgU.roa
Signing time: Fri 13 Dec 2024 21:59:22 +0000
ROA not before: Fri 13 Dec 2024 21:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.88.0/24 maxlen: 24
141.101.89.0/24 maxlen: 24
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:360f::/48 maxlen: 48
2a06:98c0:3610::/48 maxlen: 48
2a06:98c0:3611::/48 maxlen: 48
2a06:98c0:3613::/48 maxlen: 48
2a06:98c0:3614::/48 maxlen: 48
2a06:98c0:3615::/48 maxlen: 48
2a06:98c0:361c::/48 maxlen: 48
2a06:98c0:361d::/48 maxlen: 48
2a06:98c0:361f::/48 maxlen: 48
2a06:98c0:3621::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c2:08:94:9a:d6:d2:00:43:ec:05:7b:5c:c9:90:78:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Dec 13 21:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f997efe6487951d29417750bbfde394fabcc205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:d9:5c:7a:2c:96:81:84:a1:20:53:71:aa:
65:84:47:5d:08:14:4f:86:2a:51:04:fe:3c:cf:66:
d5:d2:b2:0a:9f:82:e6:0e:c6:71:b5:19:da:17:f4:
50:45:7a:39:91:f3:52:26:62:01:44:21:ea:c8:4d:
ea:21:ba:4f:2f:fb:0e:c3:94:ed:51:31:4f:33:04:
92:12:cc:8b:74:37:61:4c:c8:0a:91:7f:a2:3f:b8:
55:bb:50:30:4b:a4:10:f0:30:10:4e:6a:0e:51:76:
b9:af:53:96:ae:40:77:1b:3b:db:e5:aa:58:c9:1c:
77:a4:ff:dd:66:a1:27:78:24:19:73:e3:bf:8e:8a:
68:dc:0a:6a:c7:01:d3:2a:47:48:09:48:ec:9e:00:
80:df:11:ff:9f:3b:28:ab:e0:b2:56:93:36:56:8a:
1e:a0:a5:cf:aa:f7:15:a2:ee:f4:86:93:35:1d:61:
00:dd:e3:aa:0e:5c:c6:81:ce:98:c4:82:2a:3c:2f:
cc:42:06:96:20:fa:72:0b:ec:c8:c6:7f:fe:e1:79:
8c:f8:1a:21:92:ca:b9:bd:47:ca:6b:58:9b:34:c4:
2c:30:ff:70:80:80:1c:ec:f6:91:24:d6:d4:2a:ab:
36:f5:43:b7:05:24:64:45:35:20:c9:7a:1b:81:ba:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:99:7E:FE:64:87:95:1D:29:41:77:50:BB:FD:E3:94:FA:BC:C2:05
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/T5l-_mSHlR0pQXdQu_3jlPq8wgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360f::-2a06:98c0:3611:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3613::-2a06:98c0:3615:ffff:ffff:ffff:ffff:ffff
2a06:98c0:361c::/47
2a06:98c0:361f::/48
2a06:98c0:3621::/48
Signature Algorithm: sha256WithRSAEncryption
6a:79:b5:6f:39:c6:29:58:34:45:16:e4:f2:26:6a:59:72:4c:
eb:38:0c:d0:2f:93:62:b3:4e:f5:e9:7c:17:59:08:d1:fa:07:
ee:4b:30:41:73:1e:07:7d:ce:94:d4:94:19:80:b2:09:08:51:
f6:69:58:c9:a3:fd:c6:3e:ea:f2:37:4b:1e:24:22:e4:e7:29:
91:3d:a0:38:88:3e:4f:6e:0f:39:06:1b:0f:49:2b:85:52:32:
a3:c4:e8:ff:19:41:29:67:0a:f3:b8:6d:19:25:f0:6c:1c:14:
09:95:68:25:bb:4e:72:ea:8b:fc:e3:ff:a8:79:15:45:7e:40:
eb:ea:6d:0a:c1:7a:89:54:2e:e1:6d:ab:e1:1d:a2:14:8c:ea:
ae:36:f8:2d:e1:cb:1e:e6:f3:27:6d:ca:19:df:da:61:6b:a3:
57:c1:70:45:fb:a1:bd:7f:7d:cb:93:c5:9f:c1:f8:03:59:2f:
3d:7f:69:bf:58:49:2e:97:a4:6f:5d:4d:a8:a3:d3:96:72:98:
65:c8:67:57:f8:42:3c:97:e4:25:35:3e:7f:b5:73:2e:d0:09:
45:6c:40:c9:45:16:cb:6a:1c:3b:26:52:b2:7f:bf:c9:00:04:
54:12:2c:cc:3f:96:35:aa:07:4b:9b:d2:3c:23:5e:d2:81:4a:
0d:46:a4:d7
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZPCCJSa1tIAQ+wFe1zJkHhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjQxMjEzMjE1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjk5N2VmZTY0ODc5NTFkMjk0MTc3NTBiYmZkZTM5NGZhYmNjMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc/ZXHosloGEoSBTcaplhEddCBRP
hipRBP48z2bV0rIKn4LmDsZxtRnaF/RQRXo5kfNSJmIBRCHqyE3qIbpPL/sOw5Tt
UTFPMwSSEsyLdDdhTMgKkX+iP7hVu1AwS6QQ8DAQTmoOUXa5r1OWrkB3Gzvb5apY
yRx3pP/dZqEneCQZc+O/jopo3ApqxwHTKkdICUjsngCA3xH/nzsoq+CyVpM2Vooe
oKXPqvcVou70hpM1HWEA3eOqDlzGgc6YxIIqPC/MQgaWIPpyC+zIxn/+4XmM+Boh
ksq5vUfKa1ibNMQsMP9wgIAc7PaRJNbUKqs29UO3BSRkRTUgyXobgbpQmwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFE+Zfv5kh5UdKUF3ULv945T6vMIFMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvVDVsLV9tU0hsUjBwUVhkUXVfM2psUHE4d2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAMBAIAATAGAwQBjWVYMFwE
AgACMFYwEQMGASoGmMA2AwcBKgaYwDYMMBIDBwAqBpjANg8DBwEqBpjANhAwEgMH
ACoGmMA2EwMHASoGmMA2FAMHASoGmMA2HAMHACoGmMA2HwMHACoGmMA2ITANBgkq
hkiG9w0BAQsFAAOCAQEAanm1bznGKVg0RRbk8iZqWXJM6zgM0C+TYrNO9el8F1kI
0foH7kswQXMeB33OlNSUGYCyCQhR9mlYyaP9xj7q8jdLHiQi5OcpkT2gOIg+T24P
OQYbD0krhVIyo8To/xlBKWcK87htGSXwbBwUCZVoJbtOcuqL/OP/qHkVRX5A6+pt
CsF6iVQu4W2r4R2iFIzqrjb4LeHLHubzJ23KGd/aYWujV8FwRfuhvX99y5PFn8H4
A1kvPX9pv1hJLpekb11NqKPTlnKYZchnV/hCPJfkJTU+f7VzLtAJRWxAyUUWy2oc
OyZSsn+/yQAEVBIszD+WNaoHS5vSPCNe0oFKDUak1w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:21:03 2025 by rpki-client