Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Skj3cBwXCcklBR6NqbcDRg-rPN0.roa
File: Skj3cBwXCcklBR6NqbcDRg-rPN0.roa (raw, json)
Hash identifier: d4rjnP/QoamSAio+mX3fFaTziVty1MaSlm26unkCewQ=
Subject key identifier: 4A:48:F7:70:1C:17:09:C9:25:05:1E:8D:A9:B7:03:46:0F:AB:3C:DD
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685BFC13A900FDDA98150423B4486E
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Skj3cBwXCcklBR6NqbcDRg-rPN0.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215796
IP address blocks: 147.45.96.0/24 maxlen: 24
147.45.97.0/24 maxlen: 24
147.45.98.0/24 maxlen: 24
147.45.99.0/24 maxlen: 24
147.45.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:fc:13:a9:00:fd:da:98:15:04:23:b4:48:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a48f7701c1709c925051e8da9b703460fab3cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d7:42:d9:30:57:75:3e:ec:ae:a8:89:43:16:
a8:12:03:52:99:04:c8:d1:77:53:ee:ca:df:be:8b:
39:c5:ee:97:6d:50:57:c3:aa:99:6c:08:79:11:b6:
92:43:ea:60:fa:9b:07:51:02:97:1a:05:76:12:d1:
9c:7c:53:52:bb:94:90:87:70:96:a8:30:9c:4e:4b:
59:11:76:53:5f:e3:e2:82:f7:9a:3f:7b:6c:dc:05:
4a:18:fb:47:2b:76:39:9b:d3:bb:e6:61:2f:43:60:
39:75:16:9b:6c:68:0d:14:70:7b:e9:53:d8:6f:a3:
4e:77:fd:2b:7d:8b:93:32:f4:4a:a0:a6:73:d8:34:
9b:03:47:ea:ef:ff:9b:2f:c2:15:35:b7:28:98:3d:
35:53:96:71:82:3b:69:1d:ea:19:70:c9:de:cb:b7:
0e:99:fa:d8:29:9d:38:af:7d:64:35:37:2c:2a:be:
b0:7c:f7:ff:13:27:65:3b:e9:81:01:df:43:c2:95:
ff:80:7c:74:44:8c:12:17:a9:8d:08:0a:bd:f8:af:
f5:2f:c7:0d:da:85:f5:44:2e:cf:61:b8:65:e3:0f:
5d:e1:7f:1e:4d:df:89:c0:6d:17:ac:49:1c:10:c2:
87:be:04:f1:50:a4:dd:bd:ce:20:92:b7:d0:39:3e:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:48:F7:70:1C:17:09:C9:25:05:1E:8D:A9:B7:03:46:0F:AB:3C:DD
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Skj3cBwXCcklBR6NqbcDRg-rPN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.96.0-147.45.100.255
Signature Algorithm: sha256WithRSAEncryption
2f:0f:78:6a:8a:21:fe:62:b9:36:42:0f:85:4b:8d:e9:d9:1f:
72:0e:d4:7a:a2:38:fb:25:72:5a:ea:a3:d1:03:f4:7e:5f:68:
6f:78:24:90:3f:d4:e6:2e:eb:a4:2d:d1:9c:87:01:35:55:0e:
7d:a3:08:cb:88:ba:f2:28:02:0a:5d:d6:48:34:69:1b:86:ab:
97:6d:ca:8a:ef:38:18:01:4b:a6:d3:dd:eb:24:b8:f9:89:9c:
7c:17:dc:dc:a2:1a:85:f9:7f:ec:9f:ff:55:39:50:4f:d1:f7:
9c:06:39:cc:20:36:dd:a6:69:fc:cd:f0:4f:cc:f7:2d:a0:4b:
19:8e:c8:e8:7f:5f:6c:36:6c:e7:77:c8:58:c1:3d:ab:09:2f:
d4:ad:48:a1:be:15:2f:66:49:9f:7c:dd:34:0c:59:af:7a:76:
0f:b6:1f:c5:15:a4:4e:86:bf:1b:07:de:e7:d7:07:83:f4:6a:
1d:ad:68:93:5d:ec:cd:89:5b:20:39:76:73:5f:0a:f7:f2:22:
db:ac:8a:56:64:b1:59:54:71:aa:c2:d6:45:25:6c:8d:3c:ea:
20:55:13:0a:24:33:a1:82:57:a5:af:de:5b:65:e0:16:c9:67:
14:44:50:3e:0f:c8:61:50:3a:93:60:76:44:86:64:57:73:52:
b6:8f:57:b0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQgaFv8E6kA/dqYFQQjtEhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQ4Zjc3MDFjMTcwOWM5MjUwNTFlOGRhOWI3MDM0NjBmYWIzY2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NdC2TBXdT7srqiJQxaoEgNSmQTI
0XdT7srfvos5xe6XbVBXw6qZbAh5EbaSQ+pg+psHUQKXGgV2EtGcfFNSu5SQh3CW
qDCcTktZEXZTX+PigveaP3ts3AVKGPtHK3Y5m9O75mEvQ2A5dRabbGgNFHB76VPY
b6NOd/0rfYuTMvRKoKZz2DSbA0fq7/+bL8IVNbcomD01U5ZxgjtpHeoZcMney7cO
mfrYKZ04r31kNTcsKr6wfPf/EydlO+mBAd9DwpX/gHx0RIwSF6mNCAq9+K/1L8cN
2oX1RC7PYbhl4w9d4X8eTd+JwG0XrEkcEMKHvgTxUKTdvc4gkrfQOT4k5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEpI93AcFwnJJQUejam3A0YPqzzdMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvU2tqM2NCd1hDY2tsQlI2TnFiY0RSZy1yUE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWTLWAD
BACTLWQwDQYJKoZIhvcNAQELBQADggEBAC8PeGqKIf5iuTZCD4VLjenZH3IO1Hqi
OPslclrqo9ED9H5faG94JJA/1OYu66Qt0ZyHATVVDn2jCMuIuvIoAgpd1kg0aRuG
q5dtyorvOBgBS6bT3eskuPmJnHwX3NyiGoX5f+yf/1U5UE/R95wGOcwgNt2mafzN
8E/M9y2gSxmOyOh/X2w2bOd3yFjBPasJL9StSKG+FS9mSZ983TQMWa96dg+2H8UV
pE6GvxsH3ufXB4P0ah2taJNd7M2JWyA5dnNfCvfyItusilZksVlUcarC1kUlbI08
6iBVEwokM6GCV6Wv3ltl4BbJZxREUD4PyGFQOpNgdkSGZFdzUraPV7A=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:11:48 2025 by rpki-client