Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/S4DIFqMi2FbTwoUdnCcSvEOKPhE.roa
File: S4DIFqMi2FbTwoUdnCcSvEOKPhE.roa (raw, json)
Hash identifier: 5o2Ca59gIfJ1pzHHB2SoMxAJ/KXkLbYvRkjDQlVv9js=
Subject key identifier: 4B:80:C8:16:A3:22:D8:56:D3:C2:85:1D:9C:27:12:BC:43:8A:3E:11
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420684674E47D5B3A0375E8825D96D6FF
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/S4DIFqMi2FbTwoUdnCcSvEOKPhE.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 147.45.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:46:74:e4:7d:5b:3a:03:75:e8:82:5d:96:d6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b80c816a322d856d3c2851d9c2712bc438a3e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:ff:40:d8:9c:b5:15:89:42:df:10:87:4e:
d1:a6:d6:6a:74:09:8e:03:38:8b:31:64:16:50:0a:
9f:6e:bf:c3:25:f6:ad:fd:55:8d:d5:dc:11:90:69:
61:89:ec:72:09:17:77:e4:95:c7:39:18:25:02:e0:
a3:45:4a:59:14:af:24:ef:6b:79:97:08:0c:56:c4:
f5:79:c6:22:b2:c1:f6:0b:08:e6:b1:35:30:39:e6:
93:42:69:92:85:79:d4:30:53:99:c1:10:32:99:3c:
4d:03:38:ab:59:ff:a0:1b:07:53:c1:2a:83:33:75:
8d:26:44:6f:aa:5e:bf:0d:8d:71:cf:19:7f:0e:95:
74:82:8e:fe:05:5a:d3:52:e7:01:d0:38:39:d9:22:
ff:5c:98:2b:da:e5:23:29:b9:37:42:cb:48:f9:d3:
a3:1a:de:d8:da:f0:e4:61:ee:5e:27:d8:6d:a2:14:
82:9a:64:db:b1:71:73:fd:96:c1:68:60:d9:bf:f7:
ab:7f:c8:a9:fe:1d:14:f0:83:50:b2:b8:d2:a7:bd:
5f:17:0c:10:68:21:44:52:1d:4a:45:8c:cd:bb:f4:
75:c1:f9:b1:2c:21:c7:c5:4f:70:a5:2a:39:a4:d2:
73:2a:b6:ec:c6:13:c9:60:c3:5f:03:be:59:8a:4c:
8f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:C8:16:A3:22:D8:56:D3:C2:85:1D:9C:27:12:BC:43:8A:3E:11
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/S4DIFqMi2FbTwoUdnCcSvEOKPhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:81:11:6c:10:b0:fd:2c:9b:4a:bf:6a:c2:ec:91:03:e0:2f:
0d:96:f1:72:5b:ec:45:0a:ee:ef:c0:9c:1c:2d:ee:fc:be:69:
42:01:a5:a3:72:b0:10:63:e2:42:c7:75:19:1a:63:ed:d3:39:
93:d8:62:3b:11:78:cf:5b:63:57:b3:82:66:ba:98:6b:3b:df:
80:a9:32:4e:fc:6f:05:a3:c3:93:76:40:c2:93:3c:7f:b3:5e:
c3:d9:6e:a9:f6:62:5f:78:7b:fa:1b:e8:73:94:33:e9:ee:df:
df:29:75:13:7c:ed:05:e7:a1:b3:81:16:f2:27:bf:91:62:92:
60:28:35:c2:70:23:c5:df:ac:f8:49:70:95:70:b1:41:07:6c:
33:92:9b:ef:1b:d5:fb:1e:92:ad:f5:84:d4:cc:da:ce:bf:39:
d9:d8:b7:b7:33:1f:50:74:be:aa:eb:51:d1:0d:dd:69:58:dc:
21:80:84:31:0f:e9:c5:57:fe:79:77:7e:cf:c4:29:8f:19:69:
09:5b:90:e0:16:75:dd:b2:ba:71:64:33:e9:f9:39:9d:cb:14:
76:7d:f4:24:15:4f:0b:f5:84:db:bf:9c:4e:46:74:36:2f:ff:
75:97:e9:a6:3a:98:b2:9c:80:2a:b4:7f:fb:25:af:00:cf:89:
d5:64:28:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEZ05H1bOgN16IJdltb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgwYzgxNmEzMjJkODU2ZDNjMjg1MWQ5YzI3MTJiYzQzOGEzZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOz/QNictRWJQt8Qh07RptZqdAmO
AziLMWQWUAqfbr/DJfat/VWN1dwRkGlhiexyCRd35JXHORglAuCjRUpZFK8k72t5
lwgMVsT1ecYissH2CwjmsTUwOeaTQmmShXnUMFOZwRAymTxNAzirWf+gGwdTwSqD
M3WNJkRvql6/DY1xzxl/DpV0go7+BVrTUucB0Dg52SL/XJgr2uUjKbk3QstI+dOj
Gt7Y2vDkYe5eJ9htohSCmmTbsXFz/ZbBaGDZv/erf8ip/h0U8INQsrjSp71fFwwQ
aCFEUh1KRYzNu/R1wfmxLCHHxU9wpSo5pNJzKrbsxhPJYMNfA75ZikyPqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuAyBajIthW08KFHZwnErxDij4RMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUzRESUZxTWkyRmJUd29VZG5DY1N2RU9LUGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAky1yMA0G
CSqGSIb3DQEBCwUAA4IBAQB+gRFsELD9LJtKv2rC7JED4C8NlvFyW+xFCu7vwJwc
Le78vmlCAaWjcrAQY+JCx3UZGmPt0zmT2GI7EXjPW2NXs4JmuphrO9+AqTJO/G8F
o8OTdkDCkzx/s17D2W6p9mJfeHv6G+hzlDPp7t/fKXUTfO0F56GzgRbyJ7+RYpJg
KDXCcCPF36z4SXCVcLFBB2wzkpvvG9X7HpKt9YTUzNrOvznZ2Le3Mx9QdL6q61HR
Dd1pWNwhgIQxD+nFV/55d37PxCmPGWkJW5DgFnXdsrpxZDPp+TmdyxR2ffQkFU8L
9YTbv5xORnQ2L/91l+mmOpiynIAqtH/7Ja8Az4nVZCgF
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:56 2025 by rpki-client