Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/taY-9tcjjBXY02Ml8TrH4e696pc.roa
File: taY-9tcjjBXY02Ml8TrH4e696pc.roa (raw, json)
Hash identifier: kPIpIKca2uxEa2M0HbDBrDUocPqC2Vs4Q9pN3dQ3vX4=
Subject key identifier: B5:A6:3E:F6:D7:23:8C:15:D8:D3:63:25:F1:3A:C7:E1:EE:BD:EA:97
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01952AF34EB8A79C5C787B4E3E6F2682DF75
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/taY-9tcjjBXY02Ml8TrH4e696pc.roa
Signing time: Fri 21 Feb 2025 23:59:03 +0000
ROA not before: Fri 21 Feb 2025 23:59:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.49.0/24 maxlen: 24
147.45.50.0/24 maxlen: 24
147.45.51.0/24 maxlen: 24
147.45.60.0/24 maxlen: 24
147.45.84.0/24 maxlen: 24
147.45.85.0/24 maxlen: 24
147.45.86.0/24 maxlen: 24
147.45.87.0/24 maxlen: 24
147.45.116.0/24 maxlen: 24
147.45.126.0/24 maxlen: 24
147.45.177.0/24 maxlen: 24
147.45.178.0/24 maxlen: 24
147.45.179.0/24 maxlen: 24
147.45.200.0/23 maxlen: 23
147.45.202.0/23 maxlen: 23
147.45.204.0/24 maxlen: 24
147.45.217.0/24 maxlen: 24
147.45.220.0/24 maxlen: 24
147.45.221.0/24 maxlen: 24
193.233.126.0/24 maxlen: 24
193.233.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2a:f3:4e:b8:a7:9c:5c:78:7b:4e:3e:6f:26:82:df:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 21 23:59:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5a63ef6d7238c15d8d36325f13ac7e1eebdea97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:3c:4e:42:54:1d:d7:e0:ab:97:4c:be:ac:
90:b2:95:3a:99:35:e4:88:de:9b:17:89:35:7e:b7:
06:c3:56:ee:bf:55:41:2a:35:c5:08:77:d7:82:96:
ea:d4:0d:1c:1b:00:fa:27:1f:0d:81:3e:ba:b2:13:
b6:fe:f9:18:02:6d:41:fc:b2:fe:8e:c8:60:7a:77:
96:ed:5d:91:bf:39:64:08:5b:e7:dd:5b:1b:d2:d8:
bc:ea:0b:34:04:54:e8:21:56:f5:65:ac:b5:ee:46:
59:bc:d6:61:91:3b:f2:3a:1f:34:e4:d7:f1:34:01:
34:9e:ba:b7:f8:90:f9:1c:7f:fa:7f:9a:8d:7e:15:
af:1e:c9:6c:95:f4:e1:6a:24:aa:ea:38:21:a9:e4:
b4:9d:eb:96:f9:5e:a7:7a:2d:9c:af:8a:ea:a7:be:
59:83:6d:fb:95:c4:e7:dc:8f:8d:86:cd:32:50:8b:
3f:2d:fb:11:79:72:95:10:e3:c6:bf:51:a1:b4:18:
f8:d7:53:8b:9c:05:81:31:db:69:a7:80:9a:d7:53:
fa:23:f7:e7:a2:2a:30:f1:40:9c:64:c6:a6:cb:92:
0f:37:74:76:1b:9e:d8:2a:84:23:07:95:b1:f5:c6:
fc:dc:52:d6:1f:a8:82:02:95:a8:74:1b:05:59:86:
9f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A6:3E:F6:D7:23:8C:15:D8:D3:63:25:F1:3A:C7:E1:EE:BD:EA:97
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/taY-9tcjjBXY02Ml8TrH4e696pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.49.0-147.45.51.255
147.45.60.0/24
147.45.84.0/22
147.45.116.0/24
147.45.126.0/24
147.45.177.0-147.45.179.255
147.45.200.0-147.45.204.255
147.45.217.0/24
147.45.220.0/23
193.233.126.0/23
Signature Algorithm: sha256WithRSAEncryption
86:cd:2b:36:ae:27:0b:40:32:3a:c0:b7:60:45:c4:4e:53:29:
5b:c5:72:6c:c4:92:8d:94:86:5e:3f:6a:b9:7a:6c:d0:e5:93:
6c:7d:83:36:a3:87:40:f1:b2:74:85:f1:c8:85:41:59:5e:05:
6d:0e:51:dd:c8:e0:8a:46:0e:8f:0b:62:b8:06:5a:49:d5:43:
61:55:84:75:df:8a:c4:2c:3c:32:9a:2c:89:bd:77:a1:fd:27:
af:53:e2:dc:e7:ef:c6:9b:33:98:ab:ad:c5:da:08:cd:53:96:
92:5d:7b:9f:ad:f8:cd:a3:fb:2b:70:a9:85:58:29:26:2c:33:
9c:80:2d:36:d1:dc:0f:b0:14:77:5c:e1:5e:f1:e6:ff:d5:26:
2a:51:e6:0c:bd:d2:52:b6:36:bb:40:5a:d3:8e:46:86:24:d0:
8c:32:5b:d5:6a:f9:90:b6:ca:cc:5a:81:d5:81:2e:26:5d:ef:
6f:4e:e5:a6:6d:66:3a:22:c5:e1:13:45:4d:af:20:85:b7:24:
c6:cd:0a:f8:e8:0e:c8:1e:33:dc:8f:cd:c9:08:e0:ee:25:5e:
d3:2c:f2:ce:38:47:88:fd:a4:fc:11:74:3a:0b:e4:52:24:0f:
89:00:10:83:ab:39:5b:a2:93:4f:68:50:a2:74:bd:73:62:52:
a2:42:5b:51
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZUq8064p5xceHtOPm8mgt91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMjIxMjM1OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE2M2VmNmQ3MjM4YzE1ZDhkMzYzMjVmMTNhYzdlMWVlYmRlYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0888TkJUHdfgq5dMvqyQspU6mTXk
iN6bF4k1frcGw1buv1VBKjXFCHfXgpbq1A0cGwD6Jx8NgT66shO2/vkYAm1B/LL+
jshgeneW7V2RvzlkCFvn3Vsb0ti86gs0BFToIVb1Zay17kZZvNZhkTvyOh805Nfx
NAE0nrq3+JD5HH/6f5qNfhWvHslslfThaiSq6jghqeS0neuW+V6nei2cr4rqp75Z
g237lcTn3I+Nhs0yUIs/LfsReXKVEOPGv1GhtBj411OLnAWBMdtpp4Ca11P6I/fn
oiow8UCcZMamy5IPN3R2G57YKoQjB5Wx9cb83FLWH6iCApWodBsFWYafKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLWmPvbXI4wV2NNjJfE6x+HuveqXMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdGFZLTl0Y2pqQlhZMDJNbDhUckg0ZTY5NnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBACTLTED
BAKTLTADBACTLTwDBAKTLVQDBACTLXQDBACTLX4wDAMEAJMtsQMEApMtsDAMAwQD
ky3IAwQAky3MAwQAky3ZAwQBky3cAwQBwel+MA0GCSqGSIb3DQEBCwUAA4IBAQCG
zSs2ricLQDI6wLdgRcROUylbxXJsxJKNlIZeP2q5emzQ5ZNsfYM2o4dA8bJ0hfHI
hUFZXgVtDlHdyOCKRg6PC2K4BlpJ1UNhVYR134rELDwymiyJvXeh/SevU+Lc5+/G
mzOYq63F2gjNU5aSXXufrfjNo/srcKmFWCkmLDOcgC020dwPsBR3XOFe8eb/1SYq
UeYMvdJStja7QFrTjkaGJNCMMlvVavmQtsrMWoHVgS4mXe9vTuWmbWY6IsXhE0VN
ryCFtyTGzQr46A7IHjPcj83JCODuJV7TLPLOOEeI/aT8EXQ6C+RSJA+JABCDqzlb
opNPaFCidL1zYlKiQltR
-----END CERTIFICATE-----
Generated at Thu Apr 10 08:22:47 2025 by rpki-client