Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/iPF7E-iGi0ARE4gGxJtei8hB6QM.roa
File: iPF7E-iGi0ARE4gGxJtei8hB6QM.roa (raw, json)
Hash identifier: 0sUU1n8xiYO9qFUyIwdi7nPV3KPYZn79M3Q97cXSEjs=
Subject key identifier: 88:F1:7B:13:E8:86:8B:40:11:13:88:06:C4:9B:5E:8B:C8:41:E9:03
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 01852715C1FCB37224986EF6CA1FDDE58C22
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/iPF7E-iGi0ARE4gGxJtei8hB6QM.roa
Signing time: Sun 18 Dec 2022 21:13:35 +0000
ROA not before: Sun 18 Dec 2022 21:13:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39655
IP address blocks: 141.11.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:27:15:c1:fc:b3:72:24:98:6e:f6:ca:1f:dd:e5:8c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Dec 18 21:13:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88f17b13e8868b4011138806c49b5e8bc841e903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:03:34:2e:4d:6f:9d:47:f8:6f:17:a8:54:43:
79:74:a0:28:f9:89:e0:df:28:d8:62:03:43:b3:ec:
ac:55:11:94:a0:db:02:14:89:f4:c1:25:74:37:df:
46:1c:ee:21:34:27:76:89:ce:9d:f2:11:47:a6:c2:
12:92:03:fd:71:a5:89:ab:d0:00:bd:6c:ed:a6:3e:
67:11:54:01:6a:ea:be:45:9a:95:13:6f:85:ad:74:
ff:e3:22:d8:df:64:ea:e9:0c:3d:3f:b5:3a:98:eb:
5d:ca:52:1d:fc:1c:20:14:19:d5:84:79:20:37:81:
31:a0:c9:6a:cf:73:f0:67:c4:c5:bf:a9:38:d0:0b:
03:50:4b:99:9d:05:70:28:9a:fa:51:85:08:61:6b:
4a:9d:98:0b:9a:91:ed:16:16:e2:42:07:aa:32:11:
84:68:65:5a:50:1e:85:08:30:58:10:29:ee:75:fc:
6d:31:49:d9:03:6b:aa:49:82:82:56:f2:60:a0:4b:
fb:4d:1d:37:00:6e:22:fa:c9:7a:ce:7f:44:b4:95:
aa:d4:4b:3c:8d:f3:da:c8:75:c7:cf:02:fa:47:87:
76:60:ef:d7:95:24:01:5d:9f:e1:f0:bd:59:98:b5:
48:d9:f7:e0:b8:bf:31:19:3a:79:64:ca:b5:42:c8:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F1:7B:13:E8:86:8B:40:11:13:88:06:C4:9B:5E:8B:C8:41:E9:03
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/iPF7E-iGi0ARE4gGxJtei8hB6QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.100.0/24
Signature Algorithm: sha256WithRSAEncryption
00:61:38:bf:f8:70:f5:8e:c8:8c:2b:ea:95:ab:7a:f4:38:2d:
f2:b2:ec:bd:6e:07:48:5d:90:4b:7e:76:1b:73:19:f3:dd:1c:
6b:1d:bb:8e:1d:cc:9a:49:f8:7e:b1:6a:aa:7f:55:63:e8:ad:
65:ee:63:21:9a:1a:d6:08:87:fd:3b:1f:70:ab:b2:14:2a:90:
17:2e:5c:90:fd:ca:8c:d4:09:56:bc:2a:fa:0d:86:48:d4:dc:
19:a2:c2:db:8b:46:01:3e:81:66:fb:5d:6e:47:27:f0:ed:3b:
a5:0a:34:67:58:b0:b6:78:1a:e5:7b:71:de:a8:5f:4e:51:56:
01:4b:b3:75:17:54:13:78:e5:e2:1f:84:a3:6f:e9:2b:dd:50:
56:16:b9:b8:68:68:b0:d2:34:39:ee:1d:d7:13:5d:10:ff:aa:
23:ee:30:d5:2b:60:fd:c0:ad:f7:7c:14:25:ad:e9:9e:fa:6f:
fc:87:9b:24:79:27:32:32:9b:00:96:de:7c:04:db:70:86:9c:
e1:21:43:33:3a:2f:3c:8c:86:07:28:70:e3:2c:4b:82:5b:ff:
89:c0:f8:3c:67:b6:53:ab:72:4a:6b:8f:2e:c6:2b:11:b6:d1:
fd:a0:cf:61:c8:f7:ad:d9:ba:71:d6:54:56:ca:25:fa:8a:be:
de:da:16:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUnFcH8s3IkmG72yh/d5YwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIxMjE4MjExMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYxN2IxM2U4ODY4YjQwMTExMzg4MDZjNDliNWU4YmM4NDFlOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QM0Lk1vnUf4bxeoVEN5dKAo+Yng
3yjYYgNDs+ysVRGUoNsCFIn0wSV0N99GHO4hNCd2ic6d8hFHpsISkgP9caWJq9AA
vWztpj5nEVQBauq+RZqVE2+FrXT/4yLY32Tq6Qw9P7U6mOtdylId/BwgFBnVhHkg
N4ExoMlqz3PwZ8TFv6k40AsDUEuZnQVwKJr6UYUIYWtKnZgLmpHtFhbiQgeqMhGE
aGVaUB6FCDBYECnudfxtMUnZA2uqSYKCVvJgoEv7TR03AG4i+sl6zn9EtJWq1Es8
jfPayHXHzwL6R4d2YO/XlSQBXZ/h8L1ZmLVI2ffguL8xGTp5ZMq1QshAdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjxexPohotAEROIBsSbXovIQekDMB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvaVBGN0UtaUdpMEFSRTRnR3hKdGVpOGhCNlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQtkMA0G
CSqGSIb3DQEBCwUAA4IBAQAAYTi/+HD1jsiMK+qVq3r0OC3ysuy9bgdIXZBLfnYb
cxnz3RxrHbuOHcyaSfh+sWqqf1Vj6K1l7mMhmhrWCIf9Ox9wq7IUKpAXLlyQ/cqM
1AlWvCr6DYZI1NwZosLbi0YBPoFm+11uRyfw7TulCjRnWLC2eBrle3HeqF9OUVYB
S7N1F1QTeOXiH4Sjb+kr3VBWFrm4aGiw0jQ57h3XE10Q/6oj7jDVK2D9wK33fBQl
reme+m/8h5skeScyMpsAlt58BNtwhpzhIUMzOi88jIYHKHDjLEuCW/+JwPg8Z7ZT
q3JKa48uxisRttH9oM9hyPet2bpx1lRWyiX6ir7e2hap
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:14 2025 by rpki-client