Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GJcLi5jmXGHXVGZFBSmEFs5wxFo.roa
File: GJcLi5jmXGHXVGZFBSmEFs5wxFo.roa (raw, json)
Hash identifier: 9moUtdklXSpacz+nPGgm8seuY2iKgg5xasBuIIUDk4M=
Subject key identifier: 18:97:0B:8B:98:E6:5C:61:D7:54:66:45:05:29:84:16:CE:70:C4:5A
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206840B6500C8AD97032AD41F053EACE
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GJcLi5jmXGHXVGZFBSmEFs5wxFo.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49055
IP address blocks: 147.45.208.0/22 maxlen: 24
147.45.212.0/22 maxlen: 24
147.45.216.0/22 maxlen: 22
147.45.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:40:b6:50:0c:8a:d9:70:32:ad:41:f0:53:ea:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18970b8b98e65c61d754664505298416ce70c45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:fd:42:f4:d3:9c:98:cc:41:79:57:8b:f2:
3e:3b:7b:4e:f6:8b:44:a5:1d:2c:bd:eb:de:06:e9:
34:d9:75:cd:0a:8e:93:f3:98:9e:12:ce:9c:d2:57:
dc:4c:6f:e5:ed:55:50:e8:e7:69:71:76:0f:df:bc:
a8:11:2e:b8:cd:11:17:bf:bb:15:8c:fe:0c:5b:df:
54:ea:63:b1:60:b7:4a:4a:da:ba:09:7a:45:f9:d7:
a3:d2:d8:9f:83:6a:7c:22:e7:8d:c9:0b:48:ab:79:
63:5c:6c:b3:4f:15:5c:1f:06:1f:a8:eb:e2:bb:e4:
a8:c3:a0:d6:c3:10:44:91:9d:c9:d0:e8:d3:87:be:
90:a8:e1:9d:87:11:a4:d2:2c:38:a2:a6:30:a6:17:
71:74:8e:2e:4f:fb:23:82:a7:2c:16:3f:1f:b9:e2:
0c:86:ce:85:87:00:6e:7f:df:11:9f:b0:ca:27:0e:
af:29:3f:3d:ed:88:7c:2a:b5:18:65:b8:5d:1b:a4:
42:36:43:58:68:9d:eb:de:bb:a1:6f:c1:2c:d5:06:
38:0f:10:ab:7e:dc:3d:e0:d2:38:f2:dc:43:0b:fc:
cd:5b:9c:8a:0f:0f:c3:09:60:3d:4d:53:4e:49:25:
0e:a3:c1:38:f9:45:76:9a:0e:09:c9:35:31:ee:d7:
ad:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:97:0B:8B:98:E6:5C:61:D7:54:66:45:05:29:84:16:CE:70:C4:5A
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GJcLi5jmXGHXVGZFBSmEFs5wxFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.208.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:74:2d:29:c1:89:06:fc:87:80:de:ad:8f:99:fc:fc:81:84:
cf:57:d3:cd:4a:ee:d7:1e:dc:90:69:ee:3a:b4:7e:a5:a5:62:
bd:d0:62:92:fa:bb:53:8c:b0:3a:a9:53:00:04:6b:3f:62:24:
43:a7:a9:53:d2:7e:32:a8:60:f6:03:e7:eb:07:70:1f:a0:0b:
9a:1f:c7:91:5a:35:66:5c:dc:77:8e:ee:14:1e:fd:50:6a:d3:
31:f5:3b:c4:d3:81:33:6b:9e:e3:d7:85:c9:7c:1c:5e:e9:15:
fe:39:3c:af:1b:fc:ba:d0:7f:4b:9b:50:3f:1a:28:e3:da:8f:
15:b3:27:c6:8d:d4:cf:80:85:0e:0f:30:79:ab:e1:4b:55:79:
57:56:40:6d:66:d4:01:45:5c:1d:b7:57:02:8a:78:b6:03:10:
0b:9f:f8:40:d9:7b:29:2a:b8:ed:f6:45:ec:54:83:72:e6:31:
68:12:f6:42:17:b1:17:45:a3:52:ab:00:54:d2:e2:36:a4:53:
e8:93:09:e1:8b:b9:be:b2:b2:b5:80:2b:b1:45:c3:50:c0:1e:
32:ca:d5:bf:a2:93:04:4d:61:cb:c3:2b:91:d8:50:b5:1e:ff:
89:95:b0:9f:bc:4e:04:11:59:3a:c2:0b:09:3b:3a:af:69:66:
86:e4:87:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEC2UAyK2XAyrUHwU+rOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODk3MGI4Yjk4ZTY1YzYxZDc1NDY2NDUwNTI5ODQxNmNlNzBjNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFX9QvTTnJjMQXlXi/I+O3tO9otE
pR0sveveBuk02XXNCo6T85ieEs6c0lfcTG/l7VVQ6OdpcXYP37yoES64zREXv7sV
jP4MW99U6mOxYLdKStq6CXpF+dej0tifg2p8IueNyQtIq3ljXGyzTxVcHwYfqOvi
u+Sow6DWwxBEkZ3J0OjTh76QqOGdhxGk0iw4oqYwphdxdI4uT/sjgqcsFj8fueIM
hs6FhwBuf98Rn7DKJw6vKT897Yh8KrUYZbhdG6RCNkNYaJ3r3ruhb8Es1QY4DxCr
ftw94NI48txDC/zNW5yKDw/DCWA9TVNOSSUOo8E4+UV2mg4JyTUx7tetSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiXC4uY5lxh11RmRQUphBbOcMRaMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvR0pjTGk1am1YR0hYVkdaRkJTbUVGczV3eEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEky3QMA0G
CSqGSIb3DQEBCwUAA4IBAQCKdC0pwYkG/IeA3q2Pmfz8gYTPV9PNSu7XHtyQae46
tH6lpWK90GKS+rtTjLA6qVMABGs/YiRDp6lT0n4yqGD2A+frB3AfoAuaH8eRWjVm
XNx3ju4UHv1QatMx9TvE04Eza57j14XJfBxe6RX+OTyvG/y60H9Lm1A/Gijj2o8V
syfGjdTPgIUODzB5q+FLVXlXVkBtZtQBRVwdt1cCini2AxALn/hA2XspKrjt9kXs
VINy5jFoEvZCF7EXRaNSqwBU0uI2pFPokwnhi7m+srK1gCuxRcNQwB4yytW/opME
TWHLwyuR2FC1Hv+JlbCfvE4EEVk6wgsJOzqvaWaG5IeK
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:27 2025 by rpki-client