Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/POpdhuL0e2wvAK6NrNrz1nf0jrw.roa
File: POpdhuL0e2wvAK6NrNrz1nf0jrw.roa (raw, json)
Hash identifier: 156mgY4gHNd9pgKRStG5TNL+gGtE8yCE2RPdW9t/D6c=
Subject key identifier: 3C:EA:5D:86:E2:F4:7B:6C:2F:00:AE:8D:AC:DA:F3:D6:77:F4:8E:BC
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 018475C82E9F922ABE48EE650081E3A224A9
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/POpdhuL0e2wvAK6NrNrz1nf0jrw.roa
Signing time: Mon 14 Nov 2022 10:56:04 +0000
ROA not before: Mon 14 Nov 2022 10:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 141.11.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:c8:2e:9f:92:2a:be:48:ee:65:00:81:e3:a2:24:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Nov 14 10:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3cea5d86e2f47b6c2f00ae8dacdaf3d677f48ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:64:58:67:2b:45:97:32:29:a1:2d:5a:9c:
33:0c:c8:57:9b:54:e4:60:d3:96:4a:de:7a:b5:bc:
ae:d8:8f:59:05:24:43:93:76:bd:a1:95:bb:b0:2f:
df:4c:37:ae:94:f0:35:1b:ca:c1:cb:22:40:47:c9:
3e:14:47:7e:17:3c:7c:0a:08:26:52:fc:7c:78:f7:
39:3c:d8:30:36:1e:05:b3:d5:31:b8:fa:e3:f6:67:
b0:7b:91:a4:29:0a:f3:11:45:8b:ce:32:2b:ed:57:
d8:28:3d:ba:f6:0c:ab:87:37:23:8b:a4:b0:12:a6:
2d:95:be:66:41:c9:ff:5e:54:d3:22:af:dd:02:80:
ab:65:49:2d:42:7c:80:cc:39:f4:68:d8:ec:7e:6c:
30:23:de:f9:f2:be:88:f4:87:29:72:55:74:b9:de:
38:d7:3e:1c:68:01:f5:06:b0:06:75:42:ac:e8:51:
c0:a5:0b:0d:bd:4a:c8:98:04:04:9b:f7:58:19:27:
c1:e9:c8:9f:7c:23:d0:e1:24:ac:17:e9:e0:9d:dc:
39:8f:f6:bb:be:60:de:48:c9:08:e5:fa:a4:4b:f5:
8e:99:b2:a5:33:6b:73:ba:39:8e:bc:2f:58:7b:c2:
68:f9:7e:18:6d:e2:29:9f:d0:26:d0:e1:bc:46:0e:
d2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EA:5D:86:E2:F4:7B:6C:2F:00:AE:8D:AC:DA:F3:D6:77:F4:8E:BC
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/POpdhuL0e2wvAK6NrNrz1nf0jrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.88.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:a2:d2:25:13:41:19:7b:c5:86:19:85:7b:c1:54:b9:5a:f6:
15:5a:f6:46:ec:44:d7:f3:6e:b1:37:d3:18:14:53:ac:c1:de:
ec:01:fd:20:76:0d:9d:08:63:ce:43:ec:05:4e:1c:75:11:c3:
b5:a5:7f:27:44:d3:80:1e:c4:35:c2:6e:a2:b3:a3:4f:17:e7:
89:d4:a1:7c:0a:4f:39:d8:70:34:2c:c7:fb:ea:be:f7:55:c7:
c8:97:32:9c:98:b4:84:c6:e8:af:d6:1c:c2:36:bb:70:89:ff:
32:a7:61:87:3a:db:4b:98:3e:ad:71:0a:41:e9:11:47:65:a4:
3c:34:05:87:c2:e8:3b:60:82:e9:e4:b9:84:da:53:96:94:ce:
52:a1:29:ce:a3:3a:84:69:c8:63:c5:5d:01:59:7b:21:97:1f:
f1:7c:04:b2:ab:0f:27:03:44:d7:6d:e5:53:42:4d:1c:1f:5a:
a1:3a:29:74:50:a4:eb:c2:a7:5e:f0:36:8b:3a:b0:cf:b1:55:
f0:f9:2c:2d:49:a3:48:ba:c1:6a:d5:a7:38:67:6e:90:49:2d:
bd:ab:91:a4:a7:09:32:44:af:76:36:61:6a:a3:ea:bb:2d:47:
21:11:6a:92:0a:0e:ab:e6:66:bd:1b:86:f2:a8:21:24:66:0f:
a2:8e:cc:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1yC6fkiq+SO5lAIHjoiSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMTE0MTA1NjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2VhNWQ4NmUyZjQ3YjZjMmYwMGFlOGRhY2RhZjNkNjc3ZjQ4ZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszFkWGcrRZcyKaEtWpwzDMhXm1Tk
YNOWSt56tbyu2I9ZBSRDk3a9oZW7sC/fTDeulPA1G8rByyJAR8k+FEd+Fzx8Cggm
Uvx8ePc5PNgwNh4Fs9UxuPrj9mewe5GkKQrzEUWLzjIr7VfYKD269gyrhzcji6Sw
EqYtlb5mQcn/XlTTIq/dAoCrZUktQnyAzDn0aNjsfmwwI9758r6I9IcpclV0ud44
1z4caAH1BrAGdUKs6FHApQsNvUrImAQEm/dYGSfB6ciffCPQ4SSsF+ngndw5j/a7
vmDeSMkI5fqkS/WOmbKlM2tzujmOvC9Ye8Jo+X4YbeIpn9Am0OG8Rg7SOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzqXYbi9HtsLwCujaza89Z39I68MB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvUE9wZGh1TDBlMnd2QUs2TnJOcnoxbmYwanJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjQtYMA0G
CSqGSIb3DQEBCwUAA4IBAQBNotIlE0EZe8WGGYV7wVS5WvYVWvZG7ETX826xN9MY
FFOswd7sAf0gdg2dCGPOQ+wFThx1EcO1pX8nRNOAHsQ1wm6is6NPF+eJ1KF8Ck85
2HA0LMf76r73VcfIlzKcmLSExuiv1hzCNrtwif8yp2GHOttLmD6tcQpB6RFHZaQ8
NAWHwug7YILp5LmE2lOWlM5SoSnOozqEachjxV0BWXshlx/xfASyqw8nA0TXbeVT
Qk0cH1qhOil0UKTrwqde8DaLOrDPsVXw+SwtSaNIusFq1ac4Z26QSS29q5Gkpwky
RK92NmFqo+q7LUchEWqSCg6r5ma9G4byqCEkZg+ijsz5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:35 2025 by rpki-client