Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ofOJU5JL8VB4iC30Gn1WYt2abVE.roa
File: ofOJU5JL8VB4iC30Gn1WYt2abVE.roa (raw, json)
Hash identifier: 0bdm6qtSalARRlVF5dcyB9oY3Bkjv07PKVaRVUfrIyI=
Subject key identifier: A1:F3:89:53:92:4B:F1:50:78:88:2D:F4:1A:7D:56:62:DD:9A:6D:51
Certificate issuer: /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial: 0182C6496C504884D64B12D743F54874BB97
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ofOJU5JL8VB4iC30Gn1WYt2abVE.roa
Signing time: Mon 22 Aug 2022 16:01:16 +0000
ROA not before: Mon 22 Aug 2022 16:01:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 141.11.168.0/23 maxlen: 24
141.11.88.0/23 maxlen: 24
141.11.96.0/24 maxlen: 24
141.11.102.0/24 maxlen: 24
141.11.5.0/24 maxlen: 24
141.11.121.0/24 maxlen: 24
141.11.26.0/24 maxlen: 24
141.11.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:49:6c:50:48:84:d6:4b:12:d7:43:f5:48:74:bb:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Validity
Not Before: Aug 22 16:01:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1f38953924bf15078882df41a7d5662dd9a6d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e5:5c:17:a6:44:95:f1:04:7a:dc:85:e5:ab:
98:cc:6e:9d:36:c9:09:b9:c3:f8:b9:03:8c:3b:69:
51:a5:4e:59:4f:5f:d1:e4:d2:0d:60:6d:68:d9:26:
22:d3:e7:b5:e1:00:a0:7f:df:e6:0e:5e:65:8b:ed:
d9:22:c9:37:8e:2d:4e:2f:70:df:20:44:fe:3e:dd:
59:48:e9:f2:2c:eb:65:4b:06:69:55:c3:e6:f0:ae:
0d:d9:56:68:eb:3b:58:08:0e:24:aa:99:4e:16:db:
88:4f:59:12:77:c2:1a:bd:08:a6:11:ab:4d:d8:f8:
be:b3:6f:20:ab:1d:f6:e9:a3:25:6e:80:0f:82:9b:
79:f1:9b:4a:e0:07:dd:cb:26:48:b5:47:10:e3:f4:
e0:a7:4e:59:88:5a:d7:a5:6a:f5:2c:e8:4b:b3:65:
16:be:ad:b0:fd:f7:57:6e:13:fa:9e:51:6f:24:51:
26:0d:8b:ff:82:e9:46:48:17:dd:01:60:94:a6:c4:
73:8c:1e:f4:94:aa:45:b3:5c:dc:88:ad:e2:ce:ac:
4d:ba:1e:5a:89:7e:00:a5:16:cd:1b:72:d3:21:14:
14:a4:a6:d8:e1:df:a3:a3:31:d7:ef:03:36:e2:79:
9c:89:35:41:70:85:db:3e:4a:23:fc:b4:a7:51:b7:
69:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F3:89:53:92:4B:F1:50:78:88:2D:F4:1A:7D:56:62:DD:9A:6D:51
X509v3 Authority Key Identifier:
keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ofOJU5JL8VB4iC30Gn1WYt2abVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.5.0/24
141.11.26.0/23
141.11.88.0/23
141.11.96.0/24
141.11.102.0/24
141.11.121.0/24
141.11.168.0/23
Signature Algorithm: sha256WithRSAEncryption
08:4d:3d:3a:d4:ee:7b:ad:ba:fb:16:a7:28:4e:a1:1a:28:c3:
e3:59:de:ca:19:90:b9:d1:29:76:4e:c9:76:a0:f7:d8:35:fb:
69:5a:bf:37:0f:7f:41:68:5b:8c:48:82:24:94:b8:52:a6:a2:
07:89:44:39:16:08:e1:53:bd:1d:0a:dc:b6:03:18:e3:40:d2:
54:57:33:41:65:83:ea:34:c8:a8:4d:48:80:56:64:d3:6a:8c:
1d:f3:98:a0:45:81:9e:67:4f:9d:b9:da:c8:08:2a:9b:f9:b7:
09:6e:c2:9b:be:79:ea:44:13:19:20:16:f3:5c:7e:5a:78:5e:
aa:0a:f5:a4:0d:2b:5b:25:79:5e:dc:41:bf:67:24:4b:46:c6:
c7:f9:b2:79:11:50:79:a6:bc:06:76:d8:de:75:fa:2f:dc:65:
28:b8:71:80:34:08:08:ad:e2:f2:83:37:29:22:da:fd:d1:86:
a0:cc:58:0b:77:80:70:16:e1:c1:fd:dc:d1:a6:c1:71:c7:ab:
c7:cf:f8:6a:8f:b5:a3:40:7c:07:84:19:9c:9c:94:6d:94:26:
24:09:84:dd:7b:22:58:a8:a6:b7:ba:51:80:6f:d8:04:d1:46:
0b:20:4d:99:7d:36:7a:c8:dd:1a:15:99:23:f9:2c:4d:23:5f:
64:e2:08:de
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYLGSWxQSITWSxLXQ/VIdLuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNGM3OTg2YjE4MmVjYzM2YWQ3NGM1MzViZWFlNzI5OWIz
NWNlOTIwHhcNMjIwODIyMTYwMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYzODk1MzkyNGJmMTUwNzg4ODJkZjQxYTdkNTY2MmRkOWE2ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uVcF6ZElfEEetyF5auYzG6dNskJ
ucP4uQOMO2lRpU5ZT1/R5NINYG1o2SYi0+e14QCgf9/mDl5li+3ZIsk3ji1OL3Df
IET+Pt1ZSOnyLOtlSwZpVcPm8K4N2VZo6ztYCA4kqplOFtuIT1kSd8IavQimEatN
2Pi+s28gqx326aMlboAPgpt58ZtK4AfdyyZItUcQ4/Tgp05ZiFrXpWr1LOhLs2UW
vq2w/fdXbhP6nlFvJFEmDYv/gulGSBfdAWCUpsRzjB70lKpFs1zciK3izqxNuh5a
iX4ApRbNG3LTIRQUpKbY4d+jozHX7wM24nmciTVBcIXbPkoj/LSnUbdprQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKHziVOSS/FQeIgt9Bp9VmLdmm1RMB8GA1UdIwQY
MBaAFGxMeYaxguzDatdMU1vq5ymbNc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjIt
MjZjYTE0OGQwN2FmLzEvb2ZPSlU1Skw4VkI0aUMzMEduMVdZdDJhYlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jNGU1Y2EtOGFhNS00ZTY0LWEwMjItMjZjYTE0OGQwN2Fm
LzEvYkV4NWhyR0M3TU5xMTB4VFctcm5LWnMxenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAjQsFAwQB
jQsaAwQBjQtYAwQAjQtgAwQAjQtmAwQAjQt5AwQBjQuoMA0GCSqGSIb3DQEBCwUA
A4IBAQAITT061O57rbr7FqcoTqEaKMPjWd7KGZC50Sl2Tsl2oPfYNftpWr83D39B
aFuMSIIklLhSpqIHiUQ5FgjhU70dCty2AxjjQNJUVzNBZYPqNMioTUiAVmTTaowd
85igRYGeZ0+dudrICCqb+bcJbsKbvnnqRBMZIBbzXH5aeF6qCvWkDStbJXle3EG/
ZyRLRsbH+bJ5EVB5prwGdtjedfov3GUouHGANAgIreLygzcpItr90YagzFgLd4Bw
FuHB/dzRpsFxx6vHz/hqj7WjQHwHhBmcnJRtlCYkCYTdeyJYqKa3ulGAb9gE0UYL
IE2ZfTZ6yN0aFZkj+SxNI19k4gje
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:02 2025 by rpki-client