Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/Y2kPikfC55MpdMqEu3dJ_O98Qfg.roa
File: Y2kPikfC55MpdMqEu3dJ_O98Qfg.roa (raw, json)
Hash identifier: YP8yS8H2Pl5862/0rlhamji6HF32rV36JOzK0YEEhng=
Subject key identifier: 63:69:0F:8A:47:C2:E7:93:29:74:CA:84:BB:77:49:FC:EF:7C:41:F8
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 01835B205C9B2BA85C2B6F5C25E0E8209671
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/Y2kPikfC55MpdMqEu3dJ_O98Qfg.roa
Signing time: Tue 20 Sep 2022 13:39:50 +0000
ROA not before: Tue 20 Sep 2022 13:39:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 141.11.168.0/23 maxlen: 24
141.11.88.0/23 maxlen: 24
141.11.90.0/23 maxlen: 24
141.11.96.0/24 maxlen: 24
141.11.102.0/24 maxlen: 24
141.11.5.0/24 maxlen: 24
141.11.228.0/23 maxlen: 24
141.11.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5b:20:5c:9b:2b:a8:5c:2b:6f:5c:25:e0:e8:20:96:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Sep 20 13:39:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63690f8a47c2e7932974ca84bb7749fcef7c41f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:95:6d:6d:94:0a:04:0a:e5:9d:dd:71:6f:
1d:44:85:73:fb:6b:22:0f:5e:d0:d5:dc:b3:c4:e5:
b8:11:af:b3:cd:23:19:be:b8:35:ba:32:68:9e:5f:
8f:b8:77:d2:b9:f6:10:66:f2:e4:9c:96:28:d7:bf:
32:11:fe:84:4f:99:32:d9:8f:c5:7e:28:ba:80:c4:
04:f7:ef:75:ea:90:98:72:15:85:dd:c8:f5:64:c5:
e7:c3:1b:d4:a7:9e:b0:d8:60:8f:dc:89:7e:39:20:
08:7e:63:cc:ac:d5:3b:4f:4e:16:9f:ca:5c:3c:d2:
c7:29:6c:f5:b7:dd:0f:4a:de:dc:ad:ab:c0:1f:79:
04:f7:fb:41:83:1c:f9:f3:05:eb:47:21:49:e4:fa:
5d:39:3e:20:e3:8f:43:d0:b2:1b:af:31:20:0e:20:
16:10:3a:8b:6b:bb:09:76:80:a8:31:1b:6b:69:1e:
b7:22:2f:52:b5:54:53:10:59:de:2f:be:99:c0:6e:
eb:bc:0e:a7:24:eb:1a:4e:07:69:8a:b2:e8:d6:51:
67:21:9a:aa:a5:b6:f2:bf:56:b2:da:b1:52:71:d0:
ab:15:2d:9d:5f:52:09:32:e1:6c:fb:0b:52:65:06:
1b:86:1e:f0:2c:42:ca:0e:84:a2:9c:31:b0:1d:23:
b3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:69:0F:8A:47:C2:E7:93:29:74:CA:84:BB:77:49:FC:EF:7C:41:F8
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/Y2kPikfC55MpdMqEu3dJ_O98Qfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.5.0/24
141.11.26.0/24
141.11.88.0/22
141.11.96.0/24
141.11.102.0/24
141.11.168.0/23
141.11.228.0/23
Signature Algorithm: sha256WithRSAEncryption
05:a7:9a:8e:a1:b0:9d:d5:a9:7b:59:5d:36:02:f4:ad:ff:44:
a7:86:b1:53:ff:19:56:bc:ea:ff:0a:b2:c5:02:b1:17:20:15:
66:c6:a2:21:a6:ce:fc:cc:f6:c6:f2:a6:62:c1:02:e3:f0:4e:
19:12:7d:dd:3b:fa:72:bc:9f:d2:d0:43:52:7c:3a:10:1f:bd:
e0:fb:b2:a9:0b:e0:b7:3a:6c:a3:63:aa:b2:be:b9:11:18:d8:
17:0f:43:c3:39:57:20:36:83:2e:20:35:dd:d8:4e:4b:ee:06:
62:f5:10:13:f1:57:1e:ad:ec:2b:5b:78:a2:21:a0:38:e5:d3:
00:2b:1e:00:11:ee:ff:37:e0:09:b1:f0:f0:5a:b6:90:2f:64:
ba:6c:8f:1a:49:50:05:7a:2d:27:74:de:3f:d7:25:9a:55:14:
7e:79:f7:6c:46:a9:da:a2:a1:2a:f1:fa:4b:ea:be:46:62:de:
07:33:43:7a:f5:7a:25:d7:a9:78:45:fc:0f:ac:e7:4b:12:a2:
28:57:e5:43:01:e3:1d:27:67:90:20:5b:1f:aa:74:67:77:9d:
ba:f9:c3:ae:5d:52:aa:ba:8e:ad:45:54:fe:1e:9c:1e:d9:3c:
65:12:8b:18:0e:d9:97:53:1d:55:d0:68:d3:f8:19:f8:c3:ae:
83:f5:f0:a6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYNbIFybK6hcK29cJeDoIJZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIwOTIwMTMzOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY5MGY4YTQ3YzJlNzkzMjk3NGNhODRiYjc3NDlmY2VmN2M0MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIKVbW2UCgQK5Z3dcW8dRIVz+2si
D17Q1dyzxOW4Ea+zzSMZvrg1ujJonl+PuHfSufYQZvLknJYo178yEf6ET5ky2Y/F
fii6gMQE9+916pCYchWF3cj1ZMXnwxvUp56w2GCP3Il+OSAIfmPMrNU7T04Wn8pc
PNLHKWz1t90PSt7cravAH3kE9/tBgxz58wXrRyFJ5PpdOT4g449D0LIbrzEgDiAW
EDqLa7sJdoCoMRtraR63Ii9StVRTEFneL76ZwG7rvA6nJOsaTgdpirLo1lFnIZqq
pbbyv1ay2rFScdCrFS2dX1IJMuFs+wtSZQYbhh7wLELKDoSinDGwHSOzaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGNpD4pHwueTKXTKhLt3SfzvfEH4MB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvWTJrUGlrZkM1NU1wZE1xRXUzZEpfTzk4UWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAjQsFAwQA
jQsaAwQCjQtYAwQAjQtgAwQAjQtmAwQBjQuoAwQBjQvkMA0GCSqGSIb3DQEBCwUA
A4IBAQAFp5qOobCd1al7WV02AvSt/0SnhrFT/xlWvOr/CrLFArEXIBVmxqIhps78
zPbG8qZiwQLj8E4ZEn3dO/pyvJ/S0ENSfDoQH73g+7KpC+C3OmyjY6qyvrkRGNgX
D0PDOVcgNoMuIDXd2E5L7gZi9RAT8VcerewrW3iiIaA45dMAKx4AEe7/N+AJsfDw
WraQL2S6bI8aSVAFei0ndN4/1yWaVRR+efdsRqnaoqEq8fpL6r5GYt4HM0N69Xol
16l4RfwPrOdLEqIoV+VDAeMdJ2eQIFsfqnRnd526+cOuXVKquo6tRVT+Hpwe2Txl
EosYDtmXUx1V0GjT+Bn4w66D9fCm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:53 2024 by rpki-client on console-fra.rpki-client.org