Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pzQLc5V47N4F8nfLdQxzhP9W3dE.roa
File: pzQLc5V47N4F8nfLdQxzhP9W3dE.roa (raw, json)
Hash identifier: XQ2hFdYa9rIO3EexfTpgWSHwR4KEdbZo6KKStUP29jk=
Subject key identifier: A7:34:0B:73:95:78:EC:DE:05:F2:77:CB:75:0C:73:84:FF:56:DD:D1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019469A0B30B59AF2B2BB293AA88C106BD9A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pzQLc5V47N4F8nfLdQxzhP9W3dE.roa
Signing time: Wed 15 Jan 2025 11:02:06 +0000
ROA not before: Wed 15 Jan 2025 11:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211373
IP address blocks: 45.147.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:a0:b3:0b:59:af:2b:2b:b2:93:aa:88:c1:06:bd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 15 11:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7340b739578ecde05f277cb750c7384ff56ddd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:45:65:fc:df:b7:c0:61:8b:fe:80:bc:88:b2:
78:ad:9b:5c:50:67:b7:ed:78:a4:7d:53:30:59:cd:
f3:bd:ab:53:5e:13:bf:e4:42:5b:05:d2:3a:23:b3:
18:a9:22:50:b6:d3:c3:0b:51:57:ef:28:64:fe:a1:
d4:a8:cd:a7:4a:75:29:26:77:f5:c2:1f:f2:1f:e6:
40:65:f1:7f:9b:a6:92:f3:7e:ba:49:24:06:ac:d7:
27:2a:98:6b:22:34:e7:88:6f:22:9f:79:87:a1:82:
db:8a:7a:83:5b:95:08:7e:21:50:c1:68:f5:e9:7e:
32:d6:33:6f:50:9f:bc:d2:fe:7c:f9:4f:6e:e4:30:
39:2d:cb:fd:dd:e0:87:93:32:d5:f4:a7:d3:e9:cd:
fe:89:93:a9:dc:88:1f:6b:fa:8e:ba:02:ec:1c:b9:
af:a5:d4:63:eb:dd:89:60:b4:a7:02:67:cc:72:15:
66:da:0c:15:04:d3:83:25:c6:e3:ee:3f:93:6b:98:
f3:c2:20:29:60:9c:49:dd:6d:fe:87:20:d1:cd:78:
83:6c:ba:ca:15:9a:6d:70:78:e0:26:0b:4e:bd:cd:
3f:72:83:d0:1b:08:1e:d7:2c:5c:0b:f5:f9:f8:1d:
51:34:62:ba:5e:52:b3:ce:4e:ba:e0:bc:1a:67:6e:
24:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:34:0B:73:95:78:EC:DE:05:F2:77:CB:75:0C:73:84:FF:56:DD:D1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pzQLc5V47N4F8nfLdQxzhP9W3dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:fb:90:d0:ae:7b:c7:46:88:07:48:c4:47:6b:47:ef:99:36:
35:1c:ac:7a:95:ea:aa:28:32:4e:18:70:6a:85:96:f4:24:92:
df:9a:bf:63:69:a3:a8:f9:dc:f6:0f:05:07:8a:cf:53:d7:24:
a5:f2:2b:ae:a3:18:5a:d6:cc:35:8e:1f:f5:ef:a9:f5:54:70:
ce:40:87:7c:01:89:92:03:c0:fa:9c:ee:94:7a:a2:19:c6:8f:
0a:9b:dd:7a:20:84:f1:c6:38:8a:99:e3:89:3f:39:a0:6b:57:
6b:a4:dc:fb:a3:25:f9:53:28:9a:c7:12:13:20:ef:d5:5d:2e:
16:99:f5:4c:b4:20:7a:c5:95:99:a7:b5:e9:43:cc:48:15:1f:
a5:4f:f3:4f:c7:f7:3a:b5:11:95:9a:25:e3:90:bf:47:d9:40:
29:9e:e3:b2:a2:82:c4:11:66:6f:4c:ab:e6:23:3f:95:5a:89:
27:7b:2c:24:49:e7:cc:b9:9c:c9:b2:2a:ed:12:a7:e8:48:9d:
7a:46:7c:eb:da:4c:50:9c:ba:22:06:c9:e7:0b:d9:60:07:6e:
38:0a:33:46:13:aa:f0:a5:40:b4:b4:58:ab:74:7d:e4:93:c3:
99:75:c0:72:1d:39:3a:bb:79:be:a8:f8:bc:12:31:10:55:b5:
ed:bd:f9:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRpoLMLWa8rK7KTqojBBr2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTE1MTEwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM0MGI3Mzk1NzhlY2RlMDVmMjc3Y2I3NTBjNzM4NGZmNTZkZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEVl/N+3wGGL/oC8iLJ4rZtcUGe3
7XikfVMwWc3zvatTXhO/5EJbBdI6I7MYqSJQttPDC1FX7yhk/qHUqM2nSnUpJnf1
wh/yH+ZAZfF/m6aS8366SSQGrNcnKphrIjTniG8in3mHoYLbinqDW5UIfiFQwWj1
6X4y1jNvUJ+80v58+U9u5DA5Lcv93eCHkzLV9KfT6c3+iZOp3Igfa/qOugLsHLmv
pdRj692JYLSnAmfMchVm2gwVBNODJcbj7j+Ta5jzwiApYJxJ3W3+hyDRzXiDbLrK
FZptcHjgJgtOvc0/coPQGwge1yxcC/X5+B1RNGK6XlKzzk664LwaZ24klwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKc0C3OVeOzeBfJ3y3UMc4T/Vt3RMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcHpRTGM1VjQ3TjRGOG5mTGRReHpoUDlXM2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZPgMA0G
CSqGSIb3DQEBCwUAA4IBAQAO+5DQrnvHRogHSMRHa0fvmTY1HKx6leqqKDJOGHBq
hZb0JJLfmr9jaaOo+dz2DwUHis9T1ySl8iuuoxha1sw1jh/176n1VHDOQId8AYmS
A8D6nO6UeqIZxo8Km916IITxxjiKmeOJPzmga1drpNz7oyX5UyiaxxITIO/VXS4W
mfVMtCB6xZWZp7XpQ8xIFR+lT/NPx/c6tRGVmiXjkL9H2UApnuOyooLEEWZvTKvm
Iz+VWokneywkSefMuZzJsirtEqfoSJ16Rnzr2kxQnLoiBsnnC9lgB244CjNGE6rw
pUC0tFirdH3kk8OZdcByHTk6u3m+qPi8EjEQVbXtvfkc
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:12:23 2025 by rpki-client