Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xkW2s6Uhzb4v0MxKOpkG35LgV44.roa
File: xkW2s6Uhzb4v0MxKOpkG35LgV44.roa (raw, json)
Hash identifier: xg8IpyqPUfi+dEWzvby4mk3aC6sPf+2ka+XsUbwBPyk=
Subject key identifier: C6:45:B6:B3:A5:21:CD:BE:2F:D0:CC:4A:3A:99:06:DF:92:E0:57:8E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206845353C9D3E5DFC4DFA8A17B92591
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xkW2s6Uhzb4v0MxKOpkG35LgV44.roa
Signing time: Wed 01 Jan 2025 05:48:11 +0000
ROA not before: Wed 01 Jan 2025 05:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 147.45.113.0/24 maxlen: 24
147.45.114.0/24 maxlen: 24
193.233.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:45:35:3c:9d:3e:5d:fc:4d:fa:8a:17:b9:25:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c645b6b3a521cdbe2fd0cc4a3a9906df92e0578e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:59:7b:0f:dd:19:68:24:98:7d:4f:6b:0b:2d:
44:89:35:52:99:72:c2:25:e8:ca:bb:6c:5c:6c:e2:
f8:25:11:6d:a6:fd:bb:73:da:b3:81:ca:c1:f7:f3:
9c:ee:87:72:c0:bf:4c:b2:9b:b7:8f:23:70:85:d9:
e7:3b:8e:8c:6a:27:59:53:ba:b0:b0:a7:ba:fe:14:
3d:09:00:d5:30:10:ff:f4:68:ce:e3:1a:aa:3c:68:
98:98:04:6f:11:eb:95:bd:48:29:1a:f6:1d:60:c9:
4d:a9:e5:8e:b5:de:6f:6b:07:2c:13:c0:be:0b:ac:
03:0a:4f:7f:8e:a4:01:d7:67:90:6b:20:78:81:86:
88:1c:73:fe:e3:f6:56:4e:47:f5:19:9e:aa:c9:67:
3c:a5:0a:49:bd:c3:1e:18:15:45:fa:30:1d:76:2e:
4d:39:c3:4a:38:cc:20:fc:05:3d:32:eb:dd:68:1d:
17:ed:01:0c:b4:77:09:7f:31:4c:3c:59:ab:06:3e:
43:39:07:95:95:b6:09:c4:28:b6:83:5f:45:dd:3d:
6c:88:58:8b:65:37:ad:8e:38:b7:61:b8:4b:1a:db:
28:f6:4c:68:c2:44:6d:63:cb:a9:67:29:75:98:df:
be:bf:db:1a:07:09:25:71:1a:f3:3a:ad:96:21:a1:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:45:B6:B3:A5:21:CD:BE:2F:D0:CC:4A:3A:99:06:DF:92:E0:57:8E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xkW2s6Uhzb4v0MxKOpkG35LgV44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.113.0-147.45.114.255
193.233.87.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:34:5d:b8:e4:43:e5:66:c2:de:3c:83:7f:78:e2:29:18:37:
c8:a3:dd:fb:c4:16:de:35:e6:e9:4a:38:41:3e:24:34:03:51:
af:2a:5d:80:fc:b9:43:06:07:d4:84:fe:25:e6:df:3b:63:a1:
39:91:ca:a2:f3:3e:65:57:6f:62:0f:b8:4d:83:8a:40:91:aa:
4c:5d:9f:dd:83:68:28:f3:e4:74:eb:56:fd:f8:ff:35:f5:1d:
f2:95:44:b0:67:88:58:d5:28:cc:c7:47:7c:bf:54:cd:1d:ff:
79:65:32:d6:b0:d4:9d:7a:1d:d2:2f:a9:33:9e:b8:6f:4d:f5:
73:56:bc:37:a7:4d:6e:58:e0:b7:5c:e8:11:80:eb:28:3d:22:
7a:0a:1b:84:45:1f:ce:fb:31:e0:5a:29:17:d5:cb:6e:f4:ee:
ce:a2:ec:c1:89:86:6f:cf:73:27:2e:9d:0c:cd:46:f9:d1:85:
aa:84:16:c8:ad:19:ee:e4:26:1e:02:4a:56:63:af:84:f9:ff:
b0:9b:dc:5a:60:c9:ab:0e:10:ce:ec:81:5f:a4:30:30:bd:d1:
44:08:4f:17:7a:e6:ca:28:fe:d7:c8:25:f5:90:13:08:e0:ab:
48:61:be:47:6f:71:f3:0d:2a:e4:fd:55:04:fa:93:5e:bd:81:
14:1c:f7:93
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQgaEU1PJ0+XfxN+ooXuSWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ1YjZiM2E1MjFjZGJlMmZkMGNjNGEzYTk5MDZkZjkyZTA1NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Fl7D90ZaCSYfU9rCy1EiTVSmXLC
JejKu2xcbOL4JRFtpv27c9qzgcrB9/Oc7odywL9Mspu3jyNwhdnnO46MaidZU7qw
sKe6/hQ9CQDVMBD/9GjO4xqqPGiYmARvEeuVvUgpGvYdYMlNqeWOtd5vawcsE8C+
C6wDCk9/jqQB12eQayB4gYaIHHP+4/ZWTkf1GZ6qyWc8pQpJvcMeGBVF+jAddi5N
OcNKOMwg/AU9MuvdaB0X7QEMtHcJfzFMPFmrBj5DOQeVlbYJxCi2g19F3T1siFiL
ZTetjji3YbhLGtso9kxowkRtY8upZyl1mN++v9saBwklcRrzOq2WIaEpXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMZFtrOlIc2+L9DMSjqZBt+S4FeOMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveGtXMnM2VWh6YjR2ME14S09wa0czNUxnVjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACTLXED
BACTLXIDBADB6VcwDQYJKoZIhvcNAQELBQADggEBABw0XbjkQ+Vmwt48g3944ikY
N8ij3fvEFt415ulKOEE+JDQDUa8qXYD8uUMGB9SE/iXm3ztjoTmRyqLzPmVXb2IP
uE2DikCRqkxdn92DaCjz5HTrVv34/zX1HfKVRLBniFjVKMzHR3y/VM0d/3llMtaw
1J16HdIvqTOeuG9N9XNWvDenTW5Y4Ldc6BGA6yg9InoKG4RFH877MeBaKRfVy270
7s6i7MGJhm/PcycunQzNRvnRhaqEFsitGe7kJh4CSlZjr4T5/7Cb3FpgyasOEM7s
gV+kMDC90UQITxd65soo/tfIJfWQEwjgq0hhvkdvcfMNKuT9VQT6k169gRQc95M=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:28 2025 by rpki-client