Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/XWGXGXuMWVnguZ4uorvKUBnQ-GQ.roa
File: XWGXGXuMWVnguZ4uorvKUBnQ-GQ.roa (raw, json)
Hash identifier: ml8c7Pcoy8j2vpGZEcPFYRxb6623fDLEOmPx2fBFt8U=
Subject key identifier: 5D:61:97:19:7B:8C:59:59:E0:B9:9E:2E:A2:BB:CA:50:19:D0:F8:64
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 05366D73
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/XWGXGXuMWVnguZ4uorvKUBnQ-GQ.roa
Signing time: Thu 23 Jun 2022 12:12:03 +0000
ROA not before: Thu 23 Jun 2022 12:12:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 141.11.68.0/24 maxlen: 24
141.11.69.0/24 maxlen: 24
141.11.109.0/24 maxlen: 24
141.11.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87453043 (0x5366d73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Jun 23 12:12:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d6197197b8c5959e0b99e2ea2bbca5019d0f864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:b1:2c:f1:ca:7a:7f:e9:05:6a:e5:b3:76:
1c:d2:da:47:e5:da:30:fa:2d:ae:43:11:46:3d:c9:
6a:59:59:09:01:17:55:b9:e8:4a:c0:c7:9a:90:3d:
11:02:de:32:e2:03:f8:1c:d2:56:53:0e:89:92:b6:
cd:9c:1d:aa:14:c5:27:06:99:d3:63:01:ac:e5:95:
8c:09:8f:79:55:c4:5e:a7:d1:c9:f4:56:a9:de:ba:
d6:98:18:a4:e8:36:60:a1:70:07:fa:60:4d:72:19:
99:80:69:55:e6:d5:96:b1:df:4c:91:47:9d:75:e7:
fa:01:08:73:aa:4d:9f:2c:99:c5:a1:74:46:fe:ce:
b9:08:78:00:1a:31:fc:86:49:b1:0c:fa:3d:4e:96:
91:1c:44:00:8b:2c:95:fe:b5:7a:50:41:8c:64:a5:
93:29:92:43:53:0c:2a:57:91:3b:bc:5a:d4:d9:ce:
1e:2a:a0:bd:af:eb:55:87:66:36:1e:e7:97:24:16:
97:9f:28:72:8d:f7:c9:77:df:11:10:7c:40:65:7a:
59:1e:1b:7a:44:22:22:92:c0:c3:a1:97:7e:31:cc:
32:40:69:25:7a:86:8a:3d:ce:bc:b5:2a:ff:f7:18:
87:37:72:12:c0:86:de:35:fc:1d:30:94:18:c7:9a:
80:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:61:97:19:7B:8C:59:59:E0:B9:9E:2E:A2:BB:CA:50:19:D0:F8:64
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/XWGXGXuMWVnguZ4uorvKUBnQ-GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.20.0/24
141.11.68.0/23
141.11.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:14:63:51:71:8f:28:e1:14:d3:cf:43:e6:5e:54:9d:3f:83:
22:7f:e7:2e:6d:48:d6:a8:45:a5:74:0b:0f:15:18:b6:1c:ba:
75:c8:32:21:cb:97:c8:25:da:a7:f4:1b:2e:e0:a1:08:be:b9:
1c:5e:f6:5d:3c:2d:78:23:f6:59:f8:e7:52:2a:85:f5:15:84:
42:da:6a:eb:eb:8d:c2:b9:ca:31:bc:d5:28:31:94:a1:07:b9:
96:af:52:2b:19:69:fb:27:59:9f:cb:0a:1c:a6:41:ce:6a:57:
1c:aa:ca:22:68:86:99:a7:0b:32:11:a7:2f:7f:2a:90:a8:6c:
fb:ff:f3:c3:76:52:b6:34:bc:ff:45:aa:98:8a:a7:60:ae:d3:
2d:84:e1:6e:7a:0f:39:f1:e4:a9:35:36:53:bb:57:7d:df:d4:
d3:fe:e3:ef:3f:0f:65:5b:68:29:67:c2:67:08:39:c5:f4:34:
e3:cb:a7:1d:44:f5:50:57:ec:3a:e5:23:a2:a4:60:a8:d1:ab:
7f:68:a3:86:4e:45:eb:27:84:e7:97:be:3b:32:b4:2b:a5:2c:
ad:05:46:1b:98:79:a8:fa:06:52:56:07:78:42:1f:38:cd:e9:
f5:a0:6f:90:d5:d9:00:de:56:03:8c:29:46:b0:bb:86:3c:ee:
f9:d1:d9:ef
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBTZtczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDYy
MzEyMTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ2MTk3MTk3Yjhj
NTk1OWUwYjk5ZTJlYTJiYmNhNTAxOWQwZjg2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1KsSzxynp/6QVq5bN2HNLaR+XaMPotrkMRRj3JallZCQEX
VbnoSsDHmpA9EQLeMuID+BzSVlMOiZK2zZwdqhTFJwaZ02MBrOWVjAmPeVXEXqfR
yfRWqd661pgYpOg2YKFwB/pgTXIZmYBpVebVlrHfTJFHnXXn+gEIc6pNnyyZxaF0
Rv7OuQh4ABox/IZJsQz6PU6WkRxEAIsslf61elBBjGSlkymSQ1MMKleRO7xa1NnO
Hiqgva/rVYdmNh7nlyQWl58oco33yXffERB8QGV6WR4bekQiIpLAw6GXfjHMMkBp
JXqGij3OvLUq//cYhzdyEsCG3jX8HTCUGMeagCcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRdYZcZe4xZWeC5ni6iu8pQGdD4ZDAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
L1hXR1hHWHVNV1ZuZ3VaNHVvcnZLVUJuUS1HUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAI0LFAMEAY0LRAMEAI0LbTANBgkq
hkiG9w0BAQsFAAOCAQEAHhRjUXGPKOEU089D5l5UnT+DIn/nLm1I1qhFpXQLDxUY
thy6dcgyIcuXyCXap/QbLuChCL65HF72XTwteCP2WfjnUiqF9RWEQtpq6+uNwrnK
MbzVKDGUoQe5lq9SKxlp+ydZn8sKHKZBzmpXHKrKImiGmacLMhGnL38qkKhs+//z
w3ZStjS8/0WqmIqnYK7TLYThbnoPOfHkqTU2U7tXfd/U0/7j7z8PZVtoKWfCZwg5
xfQ048unHUT1UFfsOuUjoqRgqNGrf2ijhk5F6yeE55e+OzK0K6UsrQVGG5h5qPoG
UlYHeEIfOM3p9aBvkNXZAN5WA4wpRrC7hjzu+dHZ7w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:42 2025 by rpki-client