Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/AoUiSfo5Ezl_YNTkm08ED9poVMQ.roa
File: AoUiSfo5Ezl_YNTkm08ED9poVMQ.roa (raw, json)
Hash identifier: SkcRl0HRFgaA1aHwsRco8RSNfBfLrDBwQEcZjyVxSO8=
Subject key identifier: 02:85:22:49:FA:39:13:39:7F:60:D4:E4:9B:4F:04:0F:DA:68:54:C4
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206835CBD32C3335868EE436C7873A51
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/AoUiSfo5Ezl_YNTkm08ED9poVMQ.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2895
IP address blocks: 147.45.0.0/19 maxlen: 19
147.45.32.0/23 maxlen: 23
147.45.64.0/24 maxlen: 24
147.45.194.0/23 maxlen: 23
193.233.0.0/22 maxlen: 22
193.233.4.0/24 maxlen: 24
193.233.10.0/23 maxlen: 23
2001:640::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:35:cb:d3:2c:33:35:86:8e:e4:36:c7:87:3a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02852249fa3913397f60d4e49b4f040fda6854c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:c4:45:db:8d:14:28:22:91:f1:80:73:5a:
54:3a:27:1e:36:89:43:6a:1f:6a:fd:3b:ea:b6:5e:
18:b1:9e:db:b2:bb:27:f8:8b:a1:39:39:70:22:83:
aa:35:1a:7b:7c:d6:de:e4:08:73:9f:aa:77:3f:30:
29:68:82:7c:5b:03:63:9c:de:61:ec:f0:d4:af:b5:
a3:d2:76:0f:dd:73:e8:4e:16:6f:c2:d8:b3:f4:0d:
44:6e:f7:0d:2e:36:18:33:c2:ee:5b:6e:87:49:6c:
f3:c5:a2:10:6b:9d:e5:67:26:40:46:97:f7:77:39:
98:51:6e:a9:08:0e:ad:7c:07:19:fa:db:0f:77:4a:
f7:3d:79:88:59:e4:42:fa:af:4c:90:a4:2c:88:44:
ce:82:cd:2a:4a:f9:41:93:53:9f:bc:83:28:87:ff:
d7:6c:cb:1a:88:cf:42:8d:40:b0:c7:83:ac:9e:21:
5f:cc:c0:17:98:fd:b9:a7:6b:14:6e:5a:a3:1b:30:
f5:c3:dc:c5:9d:fc:5b:2a:98:c3:1c:3f:83:e3:c5:
65:6c:d5:4d:14:55:20:48:3e:21:e9:12:bb:dc:c7:
e9:d6:c3:91:24:72:8b:ab:72:8a:4f:a1:1e:21:8d:
50:25:4d:28:12:fd:40:64:c3:41:af:1c:9a:48:45:
42:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:85:22:49:FA:39:13:39:7F:60:D4:E4:9B:4F:04:0F:DA:68:54:C4
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/AoUiSfo5Ezl_YNTkm08ED9poVMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0-147.45.33.255
147.45.64.0/24
147.45.194.0/23
193.233.0.0-193.233.4.255
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
5a:96:a6:53:dc:e1:ec:e3:39:05:27:94:cd:7c:f7:f9:9f:59:
64:46:52:77:81:0f:5a:56:f1:0f:80:b9:ef:19:14:fd:79:db:
7f:d2:e8:0b:b9:dd:d8:db:5a:38:b3:36:05:09:2c:1c:5f:c6:
40:bc:b6:55:0b:13:79:2c:db:74:9f:e9:3a:38:30:eb:a6:12:
c1:e9:89:9b:b6:15:db:ad:86:0e:2b:83:2f:4f:10:2c:f1:57:
da:f0:34:28:8a:a0:95:2a:ed:ed:ad:bc:6c:56:b0:b9:7e:00:
16:f1:d0:7b:3e:db:a9:61:07:cc:ef:3a:97:b2:fb:40:02:a5:
25:71:89:44:6b:33:3c:0c:e8:48:8a:35:59:87:f1:3c:4b:af:
fd:68:42:78:e8:e9:ac:e3:a5:ae:e7:77:b1:17:fe:fe:34:e8:
c6:8e:7e:26:24:36:e7:c9:10:96:ac:c9:9b:5e:3a:92:3c:77:
dc:c9:3d:dc:7d:95:cb:22:f9:bc:24:70:d1:1a:32:7e:42:0c:
fd:46:ab:a3:58:40:4a:70:ad:83:f8:6b:67:04:aa:48:59:2a:
8e:8f:05:44:3a:41:f5:a0:7b:c4:8f:0f:3b:d1:46:2f:cf:c9:
71:41:d0:7c:80:22:d9:8c:c5:0e:56:e3:1a:9c:e6:b8:73:df:
fb:13:0d:d6
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQgaDXL0ywzNYaO5DbHhzpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg1MjI0OWZhMzkxMzM5N2Y2MGQ0ZTQ5YjRmMDQwZmRhNjg1NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtanERduNFCgikfGAc1pUOiceNolD
ah9q/Tvqtl4YsZ7bsrsn+IuhOTlwIoOqNRp7fNbe5Ahzn6p3PzApaIJ8WwNjnN5h
7PDUr7Wj0nYP3XPoThZvwtiz9A1EbvcNLjYYM8LuW26HSWzzxaIQa53lZyZARpf3
dzmYUW6pCA6tfAcZ+tsPd0r3PXmIWeRC+q9MkKQsiETOgs0qSvlBk1OfvIMoh//X
bMsaiM9CjUCwx4OsniFfzMAXmP25p2sUblqjGzD1w9zFnfxbKpjDHD+D48VlbNVN
FFUgSD4h6RK73Mfp1sORJHKLq3KKT6EeIY1QJU0oEv1AZMNBrxyaSEVCfQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAKFIkn6ORM5f2DU5JtPBA/aaFTEMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQW9VaVNmbzVFemxfWU5Ua20wOEVEOXBvVk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAsDAwCTLQME
AZMtIAMEAJMtQAMEAZMtwjALAwMAwekDBADB6QQDBAHB6QowDQQCAAIwBwMFACAB
BkAwDQYJKoZIhvcNAQELBQADggEBAFqWplPc4ezjOQUnlM189/mfWWRGUneBD1pW
8Q+Aue8ZFP1523/S6Au53djbWjizNgUJLBxfxkC8tlULE3ks23Sf6To4MOumEsHp
iZu2Fduthg4rgy9PECzxV9rwNCiKoJUq7e2tvGxWsLl+ABbx0Hs+26lhB8zvOpey
+0ACpSVxiURrMzwM6EiKNVmH8TxLr/1oQnjo6azjpa7nd7EX/v406MaOfiYkNufJ
EJasyZteOpI8d9zJPdx9lcsi+bwkcNEaMn5CDP1Gq6NYQEpwrYP4a2cEqkhZKo6P
BUQ6QfWge8SPDzvRRi/PyXFB0HyAItmMxQ5W4xqc5rhz3/sTDdY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:17:48 2025 by rpki-client