Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/plsFV0uab3jAsbLLJDqgN2KJOV0.roa
File: plsFV0uab3jAsbLLJDqgN2KJOV0.roa (raw, json)
Hash identifier: qbzSPDwHMMRf/3UlUz+r/JVbUhlw71+I70XZF3eS+IQ=
Subject key identifier: A6:5B:05:57:4B:9A:6F:78:C0:B1:B2:CB:24:3A:A0:37:62:89:39:5D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0195861AEE2E5F4D2F65783AABBE7FAA04C7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/plsFV0uab3jAsbLLJDqgN2KJOV0.roa
Signing time: Tue 11 Mar 2025 16:47:46 +0000
ROA not before: Tue 11 Mar 2025 16:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214209
IP address blocks: 147.45.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:1a:ee:2e:5f:4d:2f:65:78:3a:ab:be:7f:aa:04:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 11 16:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a65b05574b9a6f78c0b1b2cb243aa0376289395d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:19:5d:6b:fa:d4:3b:89:a1:f6:a0:5f:11:
99:5e:de:9e:83:18:07:d2:ab:d3:01:b6:0f:9b:47:
b1:3d:4f:86:5f:00:bc:4c:4e:9c:02:b1:ef:6a:5e:
59:ce:74:ff:6e:f2:0c:a8:f8:c2:31:a1:01:d3:d2:
9e:79:f1:93:4b:06:4d:d7:70:59:e7:55:09:bc:46:
8b:62:45:4e:af:30:05:29:36:97:b9:29:9d:ce:44:
c3:81:3c:1a:11:c6:a3:09:15:20:8a:1f:1a:d6:20:
9f:b4:f7:68:f3:1f:6d:22:c2:7c:bc:94:2c:61:3c:
11:54:d7:ea:c2:f9:01:86:5b:20:8a:0e:49:a3:0f:
41:10:11:16:df:b3:56:ee:e0:a5:45:4d:be:73:86:
d5:41:af:62:07:90:91:d5:8c:ab:24:69:e0:ac:9b:
ad:5d:19:c3:73:89:f6:7b:b4:be:24:2d:3b:f0:ba:
91:ca:6d:a6:11:19:fa:51:7a:be:5a:6b:00:08:9a:
0b:7c:a0:9b:5f:c7:87:87:c1:ea:eb:aa:0c:26:08:
7a:57:34:07:a8:59:7c:82:6f:60:2e:0e:f4:ce:89:
cb:2c:34:54:e4:8e:8d:89:c4:f4:5a:6f:90:02:1e:
21:b2:80:77:3d:41:fd:d8:98:67:ee:54:01:c7:59:
2b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5B:05:57:4B:9A:6F:78:C0:B1:B2:CB:24:3A:A0:37:62:89:39:5D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/plsFV0uab3jAsbLLJDqgN2KJOV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.47.0/24
Signature Algorithm: sha256WithRSAEncryption
30:b1:35:e4:bd:50:bd:f3:95:a5:f7:8e:ab:2c:eb:0b:a7:01:
2a:30:19:16:f9:2f:8a:d6:3e:d6:5c:24:11:34:74:4a:fc:0c:
a7:b4:26:4f:e3:54:e5:7d:f1:94:52:91:9c:03:7a:d8:59:d0:
42:17:a8:91:64:46:e5:39:bf:09:3c:c4:87:ed:11:aa:06:f2:
3e:71:cf:61:b3:f4:6f:ba:c3:de:9d:5b:27:b0:84:95:31:43:
c4:74:44:59:c1:08:ae:07:d5:2c:d0:25:39:76:f3:b9:70:d9:
a1:5c:2c:a9:b8:41:df:17:6e:58:34:3a:d0:b9:3b:9a:74:f8:
50:7f:a2:e5:d1:4d:71:00:cd:db:2e:53:08:1e:8d:26:dc:4a:
11:da:38:51:a0:d1:79:1c:20:73:54:1d:db:a8:81:be:c9:36:
78:ad:22:3d:f2:7a:70:4b:05:48:e7:90:a3:bc:84:51:a6:b7:
13:df:ff:80:4a:4b:2f:e0:1d:ef:81:13:23:51:51:67:77:cb:
f3:ae:b6:74:db:c9:f9:69:ee:99:ea:da:f6:2b:8d:7d:57:69:
a5:91:1a:eb:9b:ad:28:58:bb:7f:e3:92:d1:8e:1e:de:d3:b3:
0e:00:67:82:7e:88:89:79:ad:7a:4b:9a:f9:cb:8c:1a:f7:85:
8a:e0:d1:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWGGu4uX00vZXg6q75/qgTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMzExMTY0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjViMDU1NzRiOWE2Zjc4YzBiMWIyY2IyNDNhYTAzNzYyODkzOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSQZXWv61DuJofagXxGZXt6egxgH
0qvTAbYPm0exPU+GXwC8TE6cArHval5ZznT/bvIMqPjCMaEB09KeefGTSwZN13BZ
51UJvEaLYkVOrzAFKTaXuSmdzkTDgTwaEcajCRUgih8a1iCftPdo8x9tIsJ8vJQs
YTwRVNfqwvkBhlsgig5Jow9BEBEW37NW7uClRU2+c4bVQa9iB5CR1YyrJGngrJut
XRnDc4n2e7S+JC078LqRym2mERn6UXq+WmsACJoLfKCbX8eHh8Hq66oMJgh6VzQH
qFl8gm9gLg70zonLLDRU5I6NicT0Wm+QAh4hsoB3PUH92Jhn7lQBx1kr5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZbBVdLmm94wLGyyyQ6oDdiiTldMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcGxzRlYwdWFiM2pBc2JMTEpEcWdOMktKT1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAky0vMA0G
CSqGSIb3DQEBCwUAA4IBAQAwsTXkvVC985Wl946rLOsLpwEqMBkW+S+K1j7WXCQR
NHRK/AyntCZP41TlffGUUpGcA3rYWdBCF6iRZEblOb8JPMSH7RGqBvI+cc9hs/Rv
usPenVsnsISVMUPEdERZwQiuB9Us0CU5dvO5cNmhXCypuEHfF25YNDrQuTuadPhQ
f6Ll0U1xAM3bLlMIHo0m3EoR2jhRoNF5HCBzVB3bqIG+yTZ4rSI98npwSwVI55Cj
vIRRprcT3/+ASksv4B3vgRMjUVFnd8vzrrZ028n5ae6Z6tr2K419V2mlkRrrm60o
WLt/45LRjh7e07MOAGeCfoiJea16S5r5y4wa94WK4NGO
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:26 2025 by rpki-client