Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/dOhRYwBNqm1IXJYDJiSEvCDXJ98.roa
File: dOhRYwBNqm1IXJYDJiSEvCDXJ98.roa (raw, json)
Hash identifier: 39CaqZUmQ38k4pYRaDAuu/xONGKHZXINLKOMkT3axgM=
Subject key identifier: 74:E8:51:63:00:4D:AA:6D:48:5C:96:03:26:24:84:BC:20:D7:27:DF
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 031888FD
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/dOhRYwBNqm1IXJYDJiSEvCDXJ98.roa
Signing time: Thu 17 Feb 2022 13:25:49 +0000
ROA not before: Thu 17 Feb 2022 13:25:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 141.11.40.0/24 maxlen: 24
141.11.43.0/24 maxlen: 24
141.11.68.0/24 maxlen: 24
141.11.69.0/24 maxlen: 24
141.11.188.0/24 maxlen: 24
141.11.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51939581 (0x31888fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Feb 17 13:25:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74e85163004daa6d485c9603262484bc20d727df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:10:3b:f0:e4:11:16:ca:a5:1c:8d:bb:9c:f9:
b7:70:64:38:e8:1e:c7:d1:4c:65:0b:3f:30:aa:7b:
80:1a:6b:da:6c:51:e8:5e:32:37:31:c3:14:37:15:
9f:95:d8:f0:39:18:09:7f:86:c5:3d:fd:3b:f8:d3:
5c:ac:80:6b:bd:f7:ad:7f:6e:1f:fd:1f:24:52:64:
64:8f:4d:fa:71:f4:fa:e5:d1:7f:d8:b7:f4:c2:7e:
03:3e:cb:af:bf:bd:e0:74:66:f2:4c:40:af:33:d3:
5e:b8:91:5b:8e:ec:86:ee:30:f1:22:d7:f5:48:a2:
49:a1:ec:b3:1f:d2:ad:ec:34:dd:8c:44:d0:95:cf:
d9:f3:ea:c3:52:97:fe:60:e8:19:d0:95:ca:aa:4b:
d6:02:d0:1a:78:5a:e4:82:64:79:22:2d:5f:2d:ab:
79:ac:ef:11:a0:39:9b:39:82:ee:69:98:d1:54:7c:
d1:1a:98:7e:ba:f5:7c:69:39:6b:56:ef:19:7b:ab:
fc:02:0e:f5:46:ec:f7:7c:ea:2d:4d:4b:fc:99:4b:
7d:86:30:3b:79:b5:1a:83:4a:e3:2b:55:0a:68:42:
99:92:93:7e:3e:0c:6b:75:4d:a8:8b:88:ea:67:26:
32:f4:89:7f:82:12:7d:19:7b:00:39:1d:6d:ce:88:
c2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E8:51:63:00:4D:AA:6D:48:5C:96:03:26:24:84:BC:20:D7:27:DF
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/dOhRYwBNqm1IXJYDJiSEvCDXJ98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.40.0/24
141.11.43.0/24
141.11.68.0/23
141.11.188.0/23
Signature Algorithm: sha256WithRSAEncryption
18:ce:17:de:a0:26:ad:e6:ad:20:11:b4:d9:8c:14:25:5e:d5:
ad:ae:b4:03:3c:52:6e:4d:c1:dc:6f:8a:a5:6e:c3:dc:6e:62:
4b:7e:7a:c5:e1:16:61:8d:dc:f0:fa:22:88:8a:24:32:01:91:
63:a7:d3:76:db:6a:35:ba:f4:bb:5d:d3:52:65:fa:2f:c6:c6:
b6:a1:67:95:55:9a:6d:87:d6:c5:bf:09:ed:5a:22:54:8e:5d:
03:76:30:64:7d:0b:96:89:51:e6:3b:ca:d1:8f:87:bc:6f:85:
c0:84:23:50:81:de:62:a6:c6:7a:dd:da:90:e0:7a:bc:0b:17:
aa:52:f6:1f:0e:fe:92:7f:b5:27:ac:a6:d9:d8:a2:18:08:64:
63:36:27:33:b4:7c:70:b8:d5:5c:d6:eb:5f:b0:94:10:c6:b8:
7b:89:a3:ca:5e:ac:0d:26:fd:cd:ef:f8:0c:0f:59:ff:71:02:
67:7c:e1:fb:e3:88:73:88:f1:a2:1d:74:04:c8:d9:81:d6:7f:
b9:0d:ed:98:2e:f2:33:b1:75:1b:64:14:6b:87:68:fd:07:77:
a3:1c:a4:71:52:41:24:ff:cc:d9:db:e2:c4:15:2e:e5:97:f6:
56:c5:50:73:1e:41:08:1a:dc:95:b2:f2:b7:b3:34:f0:05:71:
24:50:0b:8c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAxiI/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDIx
NzEzMjU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRlODUxNjMwMDRk
YWE2ZDQ4NWM5NjAzMjYyNDg0YmMyMGQ3MjdkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMQO/DkERbKpRyNu5z5t3BkOOgex9FMZQs/MKp7gBpr2mxR
6F4yNzHDFDcVn5XY8DkYCX+GxT39O/jTXKyAa733rX9uH/0fJFJkZI9N+nH0+uXR
f9i39MJ+Az7Lr7+94HRm8kxArzPTXriRW47shu4w8SLX9UiiSaHssx/Srew03YxE
0JXP2fPqw1KX/mDoGdCVyqpL1gLQGnha5IJkeSItXy2reazvEaA5mzmC7mmY0VR8
0RqYfrr1fGk5a1bvGXur/AIO9Ubs93zqLU1L/JlLfYYwO3m1GoNK4ytVCmhCmZKT
fj4Ma3VNqIuI6mcmMvSJf4ISfRl7ADkdbc6IwvMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR06FFjAE2qbUhclgMmJIS8INcn3zAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
L2RPaFJZd0JOcW0xSVhKWURKaVNFdkNEWEo5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI0LKAMEAI0LKwMEAY0LRAMEAY0L
vDANBgkqhkiG9w0BAQsFAAOCAQEAGM4X3qAmreatIBG02YwUJV7Vra60AzxSbk3B
3G+KpW7D3G5iS356xeEWYY3c8PoiiIokMgGRY6fTdttqNbr0u13TUmX6L8bGtqFn
lVWabYfWxb8J7VoiVI5dA3YwZH0LlolR5jvK0Y+HvG+FwIQjUIHeYqbGet3akOB6
vAsXqlL2Hw7+kn+1J6ym2diiGAhkYzYnM7R8cLjVXNbrX7CUEMa4e4mjyl6sDSb9
ze/4DA9Z/3ECZ3zh++OIc4jxoh10BMjZgdZ/uQ3tmC7yM7F1G2QUa4do/Qd3oxyk
cVJBJP/M2dvixBUu5Zf2VsVQcx5BCBrclbLyt7M08AVxJFALjA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:46 2025 by rpki-client