Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/CuuL4MS-STXU8Rb_UJQ2E6DX5q0.roa
File: CuuL4MS-STXU8Rb_UJQ2E6DX5q0.roa (raw, json)
Hash identifier: rtdqhxF/nXJdJhy625Xof50nXd/KeQhTydGfApqJwPg=
Subject key identifier: 0A:EB:8B:E0:C4:BE:49:35:D4:F1:16:FF:50:94:36:13:A0:D7:E6:AD
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194D229900F9860B35B62BA463445C104BE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/CuuL4MS-STXU8Rb_UJQ2E6DX5q0.roa
Signing time: Tue 04 Feb 2025 18:12:06 +0000
ROA not before: Tue 04 Feb 2025 18:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5431
IP address blocks: 147.45.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d2:29:90:0f:98:60:b3:5b:62:ba:46:34:45:c1:04:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 4 18:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aeb8be0c4be4935d4f116ff50943613a0d7e6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:6d:44:d2:73:89:76:58:55:97:48:f6:5f:
62:9d:f0:0f:a8:d6:b4:16:82:33:80:5a:a1:98:c9:
6c:78:6f:b6:0d:84:15:6b:69:d5:ad:f1:b4:94:64:
ae:9a:81:e6:ad:8e:c2:e0:b0:3a:5d:4e:b5:e0:af:
31:bf:13:ea:ae:3b:53:80:bd:11:b7:ca:56:69:2b:
81:25:3d:cb:d3:ca:2d:8d:54:e1:5e:7d:9a:b3:60:
70:a7:5f:fd:ba:f0:d2:bd:82:31:db:80:d6:38:65:
58:1a:25:c2:c4:c0:34:b9:0a:b3:12:ec:e4:6e:08:
d7:79:c1:fc:e0:c6:d4:14:58:f4:b9:5a:16:0f:83:
b3:0b:d3:66:1a:da:b5:60:68:90:da:9a:66:13:7a:
4a:9f:2e:5f:34:5d:46:e1:d3:f6:75:a7:cf:a0:66:
0c:1b:a5:43:8d:9b:ed:9e:ef:de:a5:0d:ba:32:72:
d6:91:32:53:af:b3:c3:83:47:e5:64:c3:f5:ef:73:
3a:ef:f8:cf:55:bf:42:d4:b2:8c:37:12:d6:66:e7:
1e:81:2a:33:fa:3c:f8:f3:8f:ef:c6:67:55:c3:24:
98:dc:fc:55:d1:bd:9f:36:c3:5a:ad:6b:02:97:23:
63:fe:07:b7:cb:2c:ac:e9:be:22:22:f7:53:80:54:
d3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EB:8B:E0:C4:BE:49:35:D4:F1:16:FF:50:94:36:13:A0:D7:E6:AD
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/CuuL4MS-STXU8Rb_UJQ2E6DX5q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:d9:1a:83:b2:5a:47:cd:1d:b5:ca:a6:ad:7d:d8:38:f8:10:
ac:00:e9:0d:a6:7c:eb:fb:d9:4d:77:47:40:df:78:48:3d:a4:
25:25:0b:b1:9f:cd:8c:da:5b:5b:7e:3e:63:c4:b6:74:ce:d8:
93:f6:78:4c:e8:c0:ab:bf:9b:ed:8a:0e:89:8a:f6:ad:c1:95:
8b:54:fa:2f:44:cd:7a:62:b3:9f:b6:6a:18:3e:34:02:8a:04:
52:f4:76:f4:63:ab:dd:64:22:fb:08:f0:86:45:5f:75:03:ce:
1e:ad:c9:f8:1a:78:16:09:99:65:2a:bf:2d:33:25:f0:c1:83:
32:9d:77:45:c9:ac:a3:0a:21:0e:61:c5:92:2c:36:70:17:0e:
64:62:5e:c1:72:ff:12:a8:7d:b2:3a:44:4f:1b:68:3b:b5:b1:
e7:60:b4:56:98:65:2c:0e:38:cc:aa:d6:82:2d:e7:c1:3f:e4:
c6:4d:68:4e:58:8a:90:8b:7c:d0:3e:27:6b:56:4f:6a:ba:a3:
bd:b0:5f:d4:e7:e3:12:02:ad:e2:99:4b:73:f2:3f:f7:61:1c:
06:b9:7e:71:e2:f5:e6:fe:84:f4:0d:eb:54:94:40:a1:11:d2:
4c:ba:0a:37:7d:ef:9e:43:d1:19:db:1a:4a:15:a7:35:83:61:
fd:da:4e:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTSKZAPmGCzW2K6RjRFwQS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMjA0MTgxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWViOGJlMGM0YmU0OTM1ZDRmMTE2ZmY1MDk0MzYxM2EwZDdlNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCNtRNJziXZYVZdI9l9infAPqNa0
FoIzgFqhmMlseG+2DYQVa2nVrfG0lGSumoHmrY7C4LA6XU614K8xvxPqrjtTgL0R
t8pWaSuBJT3L08otjVThXn2as2Bwp1/9uvDSvYIx24DWOGVYGiXCxMA0uQqzEuzk
bgjXecH84MbUFFj0uVoWD4OzC9NmGtq1YGiQ2ppmE3pKny5fNF1G4dP2dafPoGYM
G6VDjZvtnu/epQ26MnLWkTJTr7PDg0flZMP173M67/jPVb9C1LKMNxLWZucegSoz
+jz484/vxmdVwySY3PxV0b2fNsNarWsClyNj/ge3yyys6b4iIvdTgFTTDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArri+DEvkk11PEW/1CUNhOg1+atMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQ3V1TDRNUy1TVFhVOFJiX1VKUTJFNkRYNXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAky0vMA0G
CSqGSIb3DQEBCwUAA4IBAQAO2RqDslpHzR21yqatfdg4+BCsAOkNpnzr+9lNd0dA
33hIPaQlJQuxn82M2ltbfj5jxLZ0ztiT9nhM6MCrv5vtig6JivatwZWLVPovRM16
YrOftmoYPjQCigRS9Hb0Y6vdZCL7CPCGRV91A84ercn4GngWCZllKr8tMyXwwYMy
nXdFyayjCiEOYcWSLDZwFw5kYl7Bcv8SqH2yOkRPG2g7tbHnYLRWmGUsDjjMqtaC
LefBP+TGTWhOWIqQi3zQPidrVk9quqO9sF/U5+MSAq3imUtz8j/3YRwGuX5x4vXm
/oT0DetUlEChEdJMugo3fe+eQ9EZ2xpKFac1g2H92k4r
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:02 2025 by rpki-client