Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/861c75-dd03-437b-9fc7-890522c6105b/1/1OkV1FOSt0CIRzcv_xhQZDIhaCY.roa
File: 1OkV1FOSt0CIRzcv_xhQZDIhaCY.roa (raw, json)
Hash identifier: 0nS1ugbBt4Oiv/4rCAPHlWm5w4EZo3UZ1Why6gpAxu4=
Subject key identifier: D4:E9:15:D4:53:92:B7:40:88:47:37:2F:FF:18:50:64:32:21:68:26
Certificate issuer: /CN=430a5648e1d46b662f4d1dcc066d39427c65f0d1
Certificate serial: 019425223B99DB4AE165A38FA190BBB823E1
Authority key identifier: 43:0A:56:48:E1:D4:6B:66:2F:4D:1D:CC:06:6D:39:42:7C:65:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwpWSOHUa2YvTR3MBm05Qnxl8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/861c75-dd03-437b-9fc7-890522c6105b/1/1OkV1FOSt0CIRzcv_xhQZDIhaCY.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2439
IP address blocks: 147.215.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:3b:99:db:4a:e1:65:a3:8f:a1:90:bb:b8:23:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=430a5648e1d46b662f4d1dcc066d39427c65f0d1
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4e915d45392b7408847372fff18506432216826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:48:91:12:12:cf:8a:74:c0:28:60:15:bd:
99:3a:ac:b2:f8:2f:d7:ad:81:2b:db:35:ad:60:3f:
70:25:c5:29:ce:70:d5:a7:2b:0f:ea:a8:11:69:aa:
c4:27:32:3e:ff:92:3f:47:d0:84:50:44:a8:63:74:
29:7c:f9:59:c8:a6:da:ba:8f:f0:c0:42:6f:3f:a5:
41:71:62:fe:79:14:fa:18:94:9c:7d:35:13:4f:27:
b9:5b:b3:db:28:47:41:9f:88:08:69:a7:54:9e:8c:
b7:00:25:79:5f:3e:df:e0:46:57:74:39:ce:9b:4c:
f1:6d:84:69:80:ee:7e:a9:d8:c8:75:1f:64:6f:40:
d0:d9:e3:60:b2:cf:21:09:6d:1e:ae:8b:db:79:1a:
d1:2c:19:08:00:e2:51:69:57:ad:26:19:8e:db:6c:
a8:8c:c9:b4:c5:35:3e:71:3d:1f:c8:37:db:61:54:
d2:d5:fb:6a:68:8a:91:22:54:28:72:dc:d1:0b:1d:
c3:74:71:26:f0:a5:70:6e:8c:84:fc:e7:8e:4c:c9:
51:7c:c2:06:d8:eb:91:e6:82:c6:75:9b:7b:fd:30:
37:c3:f8:46:4a:2b:ea:dd:07:07:cd:8b:9a:c4:9c:
21:57:95:03:02:8e:59:e9:a6:99:fe:46:9e:56:f8:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E9:15:D4:53:92:B7:40:88:47:37:2F:FF:18:50:64:32:21:68:26
X509v3 Authority Key Identifier:
keyid:43:0A:56:48:E1:D4:6B:66:2F:4D:1D:CC:06:6D:39:42:7C:65:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwpWSOHUa2YvTR3MBm05Qnxl8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/861c75-dd03-437b-9fc7-890522c6105b/1/1OkV1FOSt0CIRzcv_xhQZDIhaCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/861c75-dd03-437b-9fc7-890522c6105b/1/QwpWSOHUa2YvTR3MBm05Qnxl8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.215.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:cc:b6:2c:a9:b3:bd:b3:97:af:2e:e1:2e:e2:b1:a9:2f:a5:
a7:d6:7f:86:08:49:e8:6f:f2:f2:27:ac:83:15:80:03:56:52:
a8:94:0e:02:69:a0:89:a0:71:2d:ae:c4:ca:f3:10:8e:7a:34:
c2:25:a8:12:83:3f:91:10:45:f1:b2:de:86:5e:a6:ef:58:7c:
bf:0e:66:de:d4:a8:5f:17:72:a3:4b:c2:c7:c2:0e:32:2c:32:
30:66:8b:2b:8d:98:3a:10:b3:db:cf:8a:a8:76:bc:57:52:7e:
4d:d5:9e:c5:1e:35:74:f4:6f:4a:20:d6:60:9e:dc:09:2e:26:
27:9e:1c:22:58:4d:5a:1d:8c:65:5d:d8:3a:64:20:3e:4e:19:
37:6b:5e:41:1d:c1:e8:49:38:3c:7b:68:f6:cc:69:cd:75:71:
8c:67:b8:4b:98:c8:21:b3:11:3e:51:b2:41:2d:ed:39:7b:79:
e8:c9:d0:ae:e0:be:9c:e5:77:51:a0:52:68:2e:71:5d:dd:a7:
8f:71:6c:57:64:5b:8d:03:02:c1:e2:8d:11:6e:db:df:61:5a:
f8:5e:20:e8:e3:d0:3c:73:fb:6c:b4:86:e2:bc:03:90:36:03:
27:c7:32:0d:db:d8:a7:1d:82:cd:0d:1e:43:8e:74:42:92:b7:
78:17:f5:ae
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQlIjuZ20rhZaOPoZC7uCPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMGE1NjQ4ZTFkNDZiNjYyZjRkMWRjYzA2NmQzOTQyN2M2
NWYwZDEwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU5MTVkNDUzOTJiNzQwODg0NzM3MmZmZjE4NTA2NDMyMjE2ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIdIkRISz4p0wChgFb2ZOqyy+C/X
rYEr2zWtYD9wJcUpznDVpysP6qgRaarEJzI+/5I/R9CEUESoY3QpfPlZyKbauo/w
wEJvP6VBcWL+eRT6GJScfTUTTye5W7PbKEdBn4gIaadUnoy3ACV5Xz7f4EZXdDnO
m0zxbYRpgO5+qdjIdR9kb0DQ2eNgss8hCW0erovbeRrRLBkIAOJRaVetJhmO22yo
jMm0xTU+cT0fyDfbYVTS1ftqaIqRIlQoctzRCx3DdHEm8KVwboyE/OeOTMlRfMIG
2OuR5oLGdZt7/TA3w/hGSivq3QcHzYuaxJwhV5UDAo5Z6aaZ/kaeVvgOOwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNTpFdRTkrdAiEc3L/8YUGQyIWgmMB8GA1UdIwQY
MBaAFEMKVkjh1GtmL00dzAZtOUJ8ZfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdwV1NPSFVhMll2VFIzTUJtMDVRbnhsOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84NjFjNzUtZGQwMy00MzdiLTlmYzct
ODkwNTIyYzYxMDViLzEvMU9rVjFGT1N0MENJUnpjdl94aFFaREloYUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84NjFjNzUtZGQwMy00MzdiLTlmYzctODkwNTIyYzYxMDVi
LzEvUXdwV1NPSFVhMll2VFIzTUJtMDVRbnhsOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk9cwDQYJ
KoZIhvcNAQELBQADggEBAJ7Mtiyps72zl68u4S7isakvpafWf4YISehv8vInrIMV
gANWUqiUDgJpoImgcS2uxMrzEI56NMIlqBKDP5EQRfGy3oZepu9YfL8OZt7UqF8X
cqNLwsfCDjIsMjBmiyuNmDoQs9vPiqh2vFdSfk3VnsUeNXT0b0og1mCe3AkuJiee
HCJYTVodjGVd2DpkID5OGTdrXkEdwehJODx7aPbMac11cYxnuEuYyCGzET5RskEt
7Tl7eejJ0K7gvpzld1GgUmgucV3dp49xbFdkW40DAsHijRFu299hWvheIOjj0Dxz
+2y0huK8A5A2AyfHMg3b2Kcdgs0NHkOOdEKSt3gX9a4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:08:10 2025 by rpki-client