Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/WqnAqAx8HgnoKLiv9jDSv9id-GQ.roa
File: WqnAqAx8HgnoKLiv9jDSv9id-GQ.roa (raw, json)
Hash identifier: P5fxI7pUjYYcR588CBrCsxBnSYwSaCPW8T1Ms/DWuM0=
Subject key identifier: 5A:A9:C0:A8:0C:7C:1E:09:E8:28:B8:AF:F6:30:D2:BF:D8:9D:F8:64
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 0184A433E8647E41734D044528229C7B087F
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/WqnAqAx8HgnoKLiv9jDSv9id-GQ.roa
Signing time: Wed 23 Nov 2022 11:16:16 +0000
ROA not before: Wed 23 Nov 2022 11:16:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 141.11.150.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:33:e8:64:7e:41:73:4d:04:45:28:22:9c:7b:08:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Nov 23 11:16:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5aa9c0a80c7c1e09e828b8aff630d2bfd89df864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:f0:70:28:2e:bb:fb:60:0b:98:38:53:1c:
e0:3e:34:85:21:bc:58:4e:01:8e:b3:52:c9:8a:6c:
4d:c2:df:56:65:dd:3a:2e:db:82:26:ce:c9:fd:56:
e2:e8:c9:28:43:3d:df:35:eb:e6:bd:b6:4d:e2:20:
bd:42:90:f7:05:12:8a:f0:0a:a1:84:fa:92:f3:e0:
0f:12:b3:0e:f9:ea:64:99:cb:8e:d7:01:f8:3e:d9:
f7:ec:7e:f8:ea:d7:ef:52:c3:2d:f7:f9:44:44:ff:
fe:d4:12:29:04:1e:01:e4:01:8a:f7:e8:2a:a7:c0:
b1:32:c0:43:5c:51:4d:fd:cc:16:88:f5:b9:d3:0b:
c0:ca:75:63:bc:c0:11:16:b5:36:65:4a:ae:8d:7f:
f8:10:fc:62:53:9a:bb:60:63:c7:74:da:6a:ea:f1:
cc:17:93:b5:a2:ac:1f:99:fc:3c:a8:6e:f7:74:cf:
49:c9:99:c5:00:16:89:11:87:85:75:b3:f4:37:96:
2f:3e:76:3a:f2:c8:cf:89:a0:d4:6c:66:f1:21:23:
29:80:e3:9c:af:ed:fa:51:2a:77:c1:0a:ee:dc:31:
bd:cf:7a:4d:f2:b9:9e:45:d5:35:0b:f0:8f:c1:34:
a0:ff:2b:68:7e:d9:6e:15:72:26:45:9b:89:cb:3e:
53:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A9:C0:A8:0C:7C:1E:09:E8:28:B8:AF:F6:30:D2:BF:D8:9D:F8:64
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/WqnAqAx8HgnoKLiv9jDSv9id-GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.150.0/23
Signature Algorithm: sha256WithRSAEncryption
11:80:f8:bb:d1:b5:d2:8c:cb:57:4c:84:89:37:61:66:c4:77:
1f:1b:0c:fd:75:fc:f4:22:3f:80:24:62:fb:cf:1f:d8:3f:89:
e2:ee:d7:51:30:da:bf:75:aa:05:f5:e4:81:ae:a0:15:49:72:
be:fd:12:16:f2:29:63:e7:45:57:0f:dd:45:25:24:cc:0d:8c:
a4:51:89:6c:cf:4e:9d:71:ba:20:d8:5f:93:b9:09:12:ed:29:
1d:aa:00:c8:86:66:aa:a2:37:dc:e8:65:5d:42:f4:c9:9b:f7:
ca:bc:28:89:8d:97:50:4f:64:d0:82:57:da:89:43:fa:1a:56:
89:7f:6b:ab:e5:05:ce:30:42:0a:41:c4:21:43:7e:e2:65:ff:
d6:25:27:10:35:55:78:fc:2c:1e:df:0b:72:b6:ce:98:dc:0f:
73:a9:ec:6b:d3:23:68:c7:c9:28:2d:8a:01:56:24:e1:31:c3:
4c:73:02:65:b3:7f:ef:ba:1e:7f:83:b1:4a:f9:1e:71:fc:12:
cf:83:04:44:26:ea:63:0b:5d:8c:6c:59:50:57:af:13:3b:50:
dd:99:28:44:15:2e:3e:4f:bf:6e:87:ef:17:aa:a6:6a:84:c9:
ac:0a:f2:54:91:a5:f6:14:a3:78:f3:13:20:7c:7a:56:6d:22:
12:f0:8a:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSkM+hkfkFzTQRFKCKcewh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMTIzMTExNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE5YzBhODBjN2MxZTA5ZTgyOGI4YWZmNjMwZDJiZmQ4OWRmODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhDwcCguu/tgC5g4UxzgPjSFIbxY
TgGOs1LJimxNwt9WZd06LtuCJs7J/Vbi6MkoQz3fNevmvbZN4iC9QpD3BRKK8Aqh
hPqS8+APErMO+epkmcuO1wH4Ptn37H746tfvUsMt9/lERP/+1BIpBB4B5AGK9+gq
p8CxMsBDXFFN/cwWiPW50wvAynVjvMARFrU2ZUqujX/4EPxiU5q7YGPHdNpq6vHM
F5O1oqwfmfw8qG73dM9JyZnFABaJEYeFdbP0N5YvPnY68sjPiaDUbGbxISMpgOOc
r+36USp3wQru3DG9z3pN8rmeRdU1C/CPwTSg/ytoftluFXImRZuJyz5ThwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqpwKgMfB4J6Ci4r/Yw0r/YnfhkMB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvV3FuQXFBeDhIZ25vS0xpdjlqRFN2OWlkLUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjQuWMA0G
CSqGSIb3DQEBCwUAA4IBAQARgPi70bXSjMtXTISJN2FmxHcfGwz9dfz0Ij+AJGL7
zx/YP4ni7tdRMNq/daoF9eSBrqAVSXK+/RIW8ilj50VXD91FJSTMDYykUYlsz06d
cbog2F+TuQkS7SkdqgDIhmaqojfc6GVdQvTJm/fKvCiJjZdQT2TQglfaiUP6GlaJ
f2ur5QXOMEIKQcQhQ37iZf/WJScQNVV4/Cwe3wtyts6Y3A9zqexr0yNox8koLYoB
ViThMcNMcwJls3/vuh5/g7FK+R5x/BLPgwREJupjC12MbFlQV68TO1DdmShEFS4+
T79uh+8XqqZqhMmsCvJUkaX2FKN48xMgfHpWbSIS8IpU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:53 2024 by rpki-client on console-fra.rpki-client.org