Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/alhk8l995-HYwG_bQkrybk2uc4o.roa
File: alhk8l995-HYwG_bQkrybk2uc4o.roa (raw, json)
Hash identifier: yBy2S4unBpHbTxqaq0DNNmpYPqHopG0OCpwuhkX/gY4=
Subject key identifier: 6A:58:64:F2:5F:7D:E7:E1:D8:C0:6F:DB:42:4A:F2:6E:4D:AE:73:8A
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 03301794
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/alhk8l995-HYwG_bQkrybk2uc4o.roa
Signing time: Wed 23 Feb 2022 14:05:43 +0000
ROA not before: Wed 23 Feb 2022 14:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 141.11.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53483412 (0x3301794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Feb 23 14:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a5864f25f7de7e1d8c06fdb424af26e4dae738a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cc:92:0d:93:fc:2f:23:52:e0:be:17:64:f4:
7c:51:f9:50:50:c7:92:99:63:9e:b2:91:8e:fc:79:
1d:6f:ce:50:a4:1c:ba:07:16:00:d0:ff:41:f5:0c:
f0:0e:7f:de:7b:26:ab:81:f6:7a:49:fb:6b:37:1a:
4b:1f:9e:d0:ce:9b:fc:8e:9e:6f:ea:f7:d4:76:a1:
3a:76:04:0a:38:ac:2f:18:2e:ac:d1:b5:5c:c5:5d:
ec:a7:a7:c5:4d:d3:b6:ad:16:d5:54:09:80:3f:aa:
e5:6f:71:7b:1d:49:d4:48:02:b5:9c:86:c5:1e:81:
29:23:7c:9c:6c:04:81:72:8d:cd:20:65:f2:76:02:
fc:b0:f9:23:80:08:10:57:70:ba:5d:65:32:f1:dd:
36:98:a9:ac:12:57:ca:13:5e:d9:da:ac:ee:ca:41:
d4:5a:0e:4e:30:01:f0:4c:26:c4:ad:74:b7:df:28:
25:ea:c2:73:80:34:cf:fe:c3:87:6f:f1:6b:c6:ec:
90:27:64:ee:b6:43:c2:0e:15:ea:8e:b9:63:85:8a:
eb:92:0f:5a:60:15:fd:c4:8f:c5:37:77:cb:3d:93:
13:f6:31:d3:b0:ee:e9:26:a9:56:4b:ea:fb:87:a8:
92:f6:0f:ce:6e:53:86:48:ab:31:d5:02:7c:fb:a4:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:58:64:F2:5F:7D:E7:E1:D8:C0:6F:DB:42:4A:F2:6E:4D:AE:73:8A
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/alhk8l995-HYwG_bQkrybk2uc4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.160.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b2:a6:de:c6:40:69:5c:44:2f:66:17:ed:bf:82:18:ec:2d:
b3:68:34:3e:26:69:28:11:f1:8e:6c:8f:b5:49:de:d5:24:93:
2c:aa:28:77:4c:c6:f9:7f:6a:7d:14:90:13:66:00:c6:c5:44:
fa:99:f4:52:a1:8f:9c:7d:a6:73:06:86:4b:2d:92:8b:00:f4:
c3:2e:81:a9:0f:dd:1e:28:e7:c3:0c:6e:42:06:b9:63:68:3c:
24:69:ea:55:2c:5f:2d:34:b8:76:1c:6a:4e:1d:60:3e:57:23:
86:d6:76:55:d1:a8:41:7e:f6:71:55:fb:d2:4b:77:a2:c9:35:
c9:5e:5c:75:11:9d:0a:54:26:6f:fd:bc:f3:9d:cf:2e:c0:6b:
7c:af:c9:54:30:2f:cb:3d:23:6a:cf:d3:02:ea:f1:5b:ee:67:
7e:88:df:bd:e0:3f:ad:3b:25:d8:58:eb:92:0f:d5:e5:aa:9a:
af:b6:34:6d:a0:e1:42:15:fd:1c:29:ad:66:92:ed:5a:09:81:
26:3a:e7:32:c9:fe:59:d9:19:8f:96:04:4e:dd:50:e6:66:25:
71:a3:5a:8d:28:15:e3:a9:10:04:21:cd:8e:68:e4:9b:de:8b:
9a:13:e7:55:b0:a5:96:41:a7:e7:b3:30:d8:14:72:ce:69:8a:
a8:5e:e9:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzAXlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDIy
MzE0MDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE1ODY0ZjI1Zjdk
ZTdlMWQ4YzA2ZmRiNDI0YWYyNmU0ZGFlNzM4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7Mkg2T/C8jUuC+F2T0fFH5UFDHkpljnrKRjvx5HW/OUKQc
ugcWAND/QfUM8A5/3nsmq4H2ekn7azcaSx+e0M6b/I6eb+r31HahOnYECjisLxgu
rNG1XMVd7KenxU3Ttq0W1VQJgD+q5W9xex1J1EgCtZyGxR6BKSN8nGwEgXKNzSBl
8nYC/LD5I4AIEFdwul1lMvHdNpiprBJXyhNe2dqs7spB1FoOTjAB8EwmxK10t98o
JerCc4A0z/7Dh2/xa8bskCdk7rZDwg4V6o65Y4WK65IPWmAV/cSPxTd3yz2TE/Yx
07Du6SapVkvq+4eokvYPzm5ThkirMdUCfPukkLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqWGTyX33n4djAb9tCSvJuTa5zijAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
L2FsaGs4bDk5NS1IWXdHX2JRa3J5YmsydWM0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI0LoDANBgkqhkiG9w0BAQsFAAOC
AQEAArKm3sZAaVxEL2YX7b+CGOwts2g0PiZpKBHxjmyPtUne1SSTLKood0zG+X9q
fRSQE2YAxsVE+pn0UqGPnH2mcwaGSy2SiwD0wy6BqQ/dHijnwwxuQga5Y2g8JGnq
VSxfLTS4dhxqTh1gPlcjhtZ2VdGoQX72cVX70kt3osk1yV5cdRGdClQmb/28853P
LsBrfK/JVDAvyz0jas/TAurxW+5nfojfveA/rTsl2Fjrkg/V5aqar7Y0baDhQhX9
HCmtZpLtWgmBJjrnMsn+WdkZj5YETt1Q5mYlcaNajSgV46kQBCHNjmjkm96LmhPn
VbCllkGn57Mw2BRyzmmKqF7pqw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:45 2025 by rpki-client