Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/i5g3ZjmuED6n8O1vgYfd5TdsX3g.roa
File: i5g3ZjmuED6n8O1vgYfd5TdsX3g.roa (raw, json)
Hash identifier: Hey5HivxLRwu+uDMAoc3nO94zR1WfElCsO9qTlja3Ug=
Subject key identifier: 8B:98:37:66:39:AE:10:3E:A7:F0:ED:6F:81:87:DD:E5:37:6C:5F:78
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 0183C25906B77BAE80074120EA4818B3B957
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/i5g3ZjmuED6n8O1vgYfd5TdsX3g.roa
Signing time: Mon 10 Oct 2022 14:42:37 +0000
ROA not before: Mon 10 Oct 2022 14:42:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 141.11.4.0/24 maxlen: 24
141.11.144.0/21 maxlen: 24
141.11.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:59:06:b7:7b:ae:80:07:41:20:ea:48:18:b3:b9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Oct 10 14:42:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b98376639ae103ea7f0ed6f8187dde5376c5f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:2a:62:f4:a3:85:88:66:09:7a:1c:ec:29:
b3:d7:b7:89:be:19:2f:4f:b6:94:7d:4b:14:1a:0c:
1c:8e:86:26:14:d0:b1:91:ea:41:1b:5a:57:a4:69:
a7:8d:8d:2a:24:3f:7c:b2:57:49:07:03:6f:8f:f6:
55:1f:1e:f9:58:43:b2:c6:e1:3d:e6:f2:b1:8f:27:
16:27:8e:a5:b1:fe:29:0b:19:09:c7:05:d5:e8:44:
04:28:c0:59:ac:9e:cf:c8:16:c1:b2:6f:74:dc:85:
f2:dc:97:78:63:15:ea:ca:e9:9f:70:a4:1b:f8:61:
ec:f1:df:cc:c0:72:ce:ae:90:de:18:cd:2f:99:43:
41:e4:59:a1:f6:5c:f7:01:6a:a0:ca:83:22:40:ec:
a5:8a:c3:e1:9c:45:dd:73:fa:01:60:5f:4b:f7:d2:
3c:52:ac:4b:e8:e2:49:aa:f0:60:a6:01:b0:0c:57:
a5:0b:31:4e:bd:a3:b6:92:c8:49:df:27:fc:2d:54:
44:a9:fe:62:9b:f3:a7:0e:80:f7:ca:16:28:a9:62:
c1:c4:a1:6e:01:c3:d7:c5:d7:97:f3:72:97:c3:ef:
f6:0e:39:54:4c:8e:81:7f:80:ab:7f:ab:41:0b:a5:
54:94:86:50:1e:5b:de:0f:99:e4:c0:a2:b0:79:b7:
3b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:98:37:66:39:AE:10:3E:A7:F0:ED:6F:81:87:DD:E5:37:6C:5F:78
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/i5g3ZjmuED6n8O1vgYfd5TdsX3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.4.0/24
141.11.34.0/24
141.11.144.0/21
Signature Algorithm: sha256WithRSAEncryption
86:3e:fb:16:19:39:8e:8e:39:c6:ce:fd:aa:ca:ae:61:b4:98:
82:03:70:24:f9:0f:7d:e3:e4:c7:f8:ba:19:f4:cb:bd:08:cc:
8e:1e:cc:a2:aa:e3:d6:03:2b:fc:cf:d1:7a:70:df:87:59:29:
56:99:1f:f5:1d:4e:d8:f9:72:30:67:ec:6c:b6:2a:7b:49:7b:
66:f3:f0:ee:36:8a:04:7f:c7:f7:d4:25:e7:a9:bd:2b:cd:27:
6e:6d:97:f7:3e:9d:b7:d9:bd:7d:77:ad:92:57:49:6b:d2:20:
d3:d8:d8:44:e1:d4:99:4c:0c:68:ce:b9:29:94:38:9e:08:73:
f0:f9:af:7f:9d:92:28:41:18:16:5e:22:e3:6a:6d:ef:c5:61:
19:09:03:5c:cd:02:bc:5b:be:34:71:7f:9c:8e:1c:92:66:29:
4f:2b:2e:cd:d0:c4:de:05:64:68:1f:f5:5f:6f:ac:af:6b:67:
c8:60:cd:3e:f9:e3:51:f8:58:b5:7f:14:35:d9:d6:c0:85:74:
77:a9:44:84:43:e2:34:80:b5:b6:cb:6d:33:2f:c8:4a:be:ca:
a3:2d:52:5b:e0:58:54:93:4a:44:06:74:e5:fb:68:e4:eb:52:
81:52:4b:39:89:d4:25:b0:73:85:92:02:8a:f0:a7:98:9d:c8:
0f:3d:12:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPCWQa3e66AB0Eg6kgYs7lXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMDEwMTQ0MjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk4Mzc2NjM5YWUxMDNlYTdmMGVkNmY4MTg3ZGRlNTM3NmM1Zjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgYqYvSjhYhmCXoc7Cmz17eJvhkv
T7aUfUsUGgwcjoYmFNCxkepBG1pXpGmnjY0qJD98sldJBwNvj/ZVHx75WEOyxuE9
5vKxjycWJ46lsf4pCxkJxwXV6EQEKMBZrJ7PyBbBsm903IXy3Jd4YxXqyumfcKQb
+GHs8d/MwHLOrpDeGM0vmUNB5Fmh9lz3AWqgyoMiQOylisPhnEXdc/oBYF9L99I8
UqxL6OJJqvBgpgGwDFelCzFOvaO2kshJ3yf8LVREqf5im/OnDoD3yhYoqWLBxKFu
AcPXxdeX83KXw+/2DjlUTI6Bf4Crf6tBC6VUlIZQHlveD5nkwKKwebc7OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIuYN2Y5rhA+p/Dtb4GH3eU3bF94MB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvaTVnM1pqbXVFRDZuOE8xdmdZZmQ1VGRzWDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjQsEAwQA
jQsiAwQDjQuQMA0GCSqGSIb3DQEBCwUAA4IBAQCGPvsWGTmOjjnGzv2qyq5htJiC
A3Ak+Q994+TH+LoZ9Mu9CMyOHsyiquPWAyv8z9F6cN+HWSlWmR/1HU7Y+XIwZ+xs
tip7SXtm8/DuNooEf8f31CXnqb0rzSdubZf3Pp232b19d62SV0lr0iDT2NhE4dSZ
TAxozrkplDieCHPw+a9/nZIoQRgWXiLjam3vxWEZCQNczQK8W740cX+cjhySZilP
Ky7N0MTeBWRoH/Vfb6yva2fIYM0++eNR+Fi1fxQ12dbAhXR3qUSEQ+I0gLW2y20z
L8hKvsqjLVJb4FhUk0pEBnTl+2jk61KBUks5idQlsHOFkgKK8KeYncgPPRIG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:32 2025 by rpki-client