Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/CI_OXLkifBVTMKQhPJK2xgGtKbI.roa
File: CI_OXLkifBVTMKQhPJK2xgGtKbI.roa (raw, json)
Hash identifier: uwsT46M8cHhlCCtm5zD4g+NhGpeoaOaVyLn0bIRonbU=
Subject key identifier: 08:8F:CE:5C:B9:22:7C:15:53:30:A4:21:3C:92:B6:C6:01:AD:29:B2
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 01850B5451AB72CA720C21426F3C827305AF
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/CI_OXLkifBVTMKQhPJK2xgGtKbI.roa
Signing time: Tue 13 Dec 2022 11:52:33 +0000
ROA not before: Tue 13 Dec 2022 11:52:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 141.11.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:54:51:ab:72:ca:72:0c:21:42:6f:3c:82:73:05:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Dec 13 11:52:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=088fce5cb9227c155330a4213c92b6c601ad29b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:13:69:21:c7:d5:e9:9d:da:f4:22:d1:90:23:
28:5d:2e:7f:b0:bc:8c:37:75:8a:b4:e6:c6:a2:f1:
11:de:6d:3a:46:fb:72:c7:55:a1:1a:09:d2:09:d3:
e7:19:10:70:21:34:d9:bb:77:7d:76:0b:b7:89:b9:
0f:ca:38:b4:c9:a1:16:e3:76:90:ce:ef:7c:a4:55:
ac:1e:43:57:49:fe:da:7d:22:00:00:1a:21:e9:4a:
df:6c:7e:e1:ec:d4:07:7f:f5:90:a4:a9:37:aa:6c:
7e:4d:29:a7:a7:03:c6:aa:27:fe:77:a9:ab:ec:78:
0c:43:5c:63:c0:83:2d:e7:30:8e:3c:58:b1:5f:cc:
d7:46:43:64:6f:be:65:31:b2:55:a5:3d:88:7c:03:
da:6c:8f:3b:70:17:b0:b5:dd:4e:51:2d:37:8a:14:
62:a2:0c:2d:f5:18:10:0a:b0:e4:69:56:f9:76:40:
a5:53:3d:a3:ee:ad:a9:69:57:53:2c:7c:d5:43:f5:
db:f5:9c:71:61:72:b5:92:7f:db:a5:67:0c:f5:be:
25:2c:58:12:bc:9f:0e:72:a5:6e:97:17:d8:7a:e7:
e9:95:61:02:d5:f8:23:41:be:a6:d0:12:89:9a:62:
cd:58:0c:78:6b:46:92:f5:2d:db:ad:62:a7:db:9a:
54:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8F:CE:5C:B9:22:7C:15:53:30:A4:21:3C:92:B6:C6:01:AD:29:B2
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/CI_OXLkifBVTMKQhPJK2xgGtKbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.107.0/24
Signature Algorithm: sha256WithRSAEncryption
92:67:aa:fa:32:3f:09:e9:58:e4:63:f8:34:5a:52:04:b0:f8:
ec:d8:c9:e8:53:a6:a6:aa:a9:1a:9a:9b:b3:86:5a:57:1c:11:
a9:c6:d5:e5:9e:b4:1f:73:97:2c:97:b5:d6:db:47:33:03:57:
39:8e:f2:5a:e1:ec:81:b9:df:0c:f9:df:d2:3e:5c:b8:48:be:
88:c2:f9:a2:53:18:77:7e:70:cb:45:6c:64:9c:f7:2d:29:8c:
2f:35:a1:d5:e1:63:43:5e:9b:d1:a9:b5:d3:15:6a:ef:9b:d6:
bc:41:09:37:aa:62:6b:87:45:90:d8:9b:19:85:46:02:dd:0b:
f1:ef:7d:1c:ec:e6:3e:6a:7b:44:17:96:22:8c:bd:52:1e:23:
d0:48:60:11:3a:4b:bb:fc:c6:11:5f:3d:9f:01:0b:4d:bc:c5:
cc:94:3f:e4:6c:c4:55:9c:d5:a5:e9:5d:ce:19:14:69:dc:f8:
ef:f9:5b:0c:e8:e3:10:12:b1:9b:c0:49:b2:9b:85:15:8f:7c:
00:91:88:c1:83:07:d5:e7:7d:83:1c:82:72:6c:22:20:cc:6e:
9f:78:f0:18:9e:56:a6:fc:aa:68:95:df:50:9a:e6:b3:66:e2:
e9:73:a7:98:e9:9c:c4:38:d9:22:bd:56:08:84:b0:28:ce:1f:
d8:0d:19:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYULVFGrcspyDCFCbzyCcwWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMjEzMTE1MjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhmY2U1Y2I5MjI3YzE1NTMzMGE0MjEzYzkyYjZjNjAxYWQyOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxNpIcfV6Z3a9CLRkCMoXS5/sLyM
N3WKtObGovER3m06Rvtyx1WhGgnSCdPnGRBwITTZu3d9dgu3ibkPyji0yaEW43aQ
zu98pFWsHkNXSf7afSIAABoh6UrfbH7h7NQHf/WQpKk3qmx+TSmnpwPGqif+d6mr
7HgMQ1xjwIMt5zCOPFixX8zXRkNkb75lMbJVpT2IfAPabI87cBewtd1OUS03ihRi
ogwt9RgQCrDkaVb5dkClUz2j7q2paVdTLHzVQ/Xb9ZxxYXK1kn/bpWcM9b4lLFgS
vJ8OcqVulxfYeufplWEC1fgjQb6m0BKJmmLNWAx4a0aS9S3brWKn25pUNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiPzly5InwVUzCkITyStsYBrSmyMB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvQ0lfT1hMa2lmQlZUTUtRaFBKSzJ4Z0d0S2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQtrMA0G
CSqGSIb3DQEBCwUAA4IBAQCSZ6r6Mj8J6VjkY/g0WlIEsPjs2MnoU6amqqkampuz
hlpXHBGpxtXlnrQfc5csl7XW20czA1c5jvJa4eyBud8M+d/SPly4SL6IwvmiUxh3
fnDLRWxknPctKYwvNaHV4WNDXpvRqbXTFWrvm9a8QQk3qmJrh0WQ2JsZhUYC3Qvx
730c7OY+antEF5YijL1SHiPQSGAROku7/MYRXz2fAQtNvMXMlD/kbMRVnNWl6V3O
GRRp3Pjv+VsM6OMQErGbwEmym4UVj3wAkYjBgwfV532DHIJybCIgzG6fePAYnlam
/Kpold9QmuazZuLpc6eY6ZzEONkivVYIhLAozh/YDRmn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:20 2025 by rpki-client