Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/okv-UBhsHNo5EEUuuK268gzst64.roa
File: okv-UBhsHNo5EEUuuK268gzst64.roa (raw, json)
Hash identifier: hEkeMxW6P8viVU/KclEmhBxUAwP9YItHwf8nIwswl1k=
Subject key identifier: A2:4B:FE:50:18:6C:1C:DA:39:10:45:2E:B8:AD:BA:F2:0C:EC:B7:AE
Certificate issuer: /CN=8261f97fd7857c102bc9657d7f3c2ad3eb865be4
Certificate serial: 01523AFC
Authority key identifier: 82:61:F9:7F:D7:85:7C:10:2B:C9:65:7D:7F:3C:2A:D3:EB:86:5B:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmH5f9eFfBAryWV9fzwq0-uGW-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/okv-UBhsHNo5EEUuuK268gzst64.roa
Signing time: Sat 01 Jan 2022 15:58:26 +0000
ROA not before: Sat 01 Jan 2022 15:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210512
IP address blocks: 185.202.0.0/24 maxlen: 24
185.202.0.0/22 maxlen: 22
185.202.3.0/24 maxlen: 24
185.202.2.0/24 maxlen: 24
185.202.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22166268 (0x1523afc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8261f97fd7857c102bc9657d7f3c2ad3eb865be4
Validity
Not Before: Jan 1 15:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a24bfe50186c1cda3910452eb8adbaf20cecb7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:09:9f:f8:ef:fd:a4:14:68:0f:1d:b8:10:10:
eb:9d:f7:dc:96:f2:82:41:60:03:23:41:c1:64:2f:
03:1a:9e:e9:4a:9e:72:05:a9:4c:d5:73:02:b0:8d:
79:e4:05:f1:88:5e:16:c7:c4:f3:9c:f6:ad:d5:04:
ef:d3:d1:6a:e5:bc:fb:5a:4c:4f:f7:63:ee:93:45:
1c:ab:0d:bd:d9:ec:5d:b4:2b:c0:ad:7c:f0:4c:03:
68:33:88:70:ae:ce:b3:d8:81:66:67:5e:c0:6f:60:
04:8e:59:79:88:9d:6c:2b:87:fc:2b:2f:24:e1:33:
e1:b6:56:f2:f7:e5:96:d0:65:e4:bf:c2:3a:71:30:
7f:58:52:67:66:54:fd:36:a8:99:97:35:ad:52:8c:
7f:85:e9:16:26:e7:09:2d:d6:97:64:7a:cf:9b:ee:
37:6a:45:fb:ab:b4:71:03:e7:29:ac:2f:9b:ba:ea:
b3:f4:49:dc:a0:c7:37:f7:c3:1f:b1:e9:ca:50:4d:
57:ed:2e:e2:0d:be:c6:48:38:90:62:63:0f:a8:a1:
77:4f:c6:5d:29:12:d4:c3:5d:a5:18:ac:0b:a0:da:
30:b1:db:95:05:63:00:65:0c:ee:e9:c6:1c:82:36:
b9:71:ac:c5:33:08:df:7f:3f:9c:06:15:66:07:d1:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4B:FE:50:18:6C:1C:DA:39:10:45:2E:B8:AD:BA:F2:0C:EC:B7:AE
X509v3 Authority Key Identifier:
keyid:82:61:F9:7F:D7:85:7C:10:2B:C9:65:7D:7F:3C:2A:D3:EB:86:5B:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmH5f9eFfBAryWV9fzwq0-uGW-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/okv-UBhsHNo5EEUuuK268gzst64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/4ccdd6-7ec4-4df3-bfb2-cab4d3f3fd45/1/gmH5f9eFfBAryWV9fzwq0-uGW-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:be:38:ce:bf:4a:f0:d0:7b:37:f5:18:83:f8:6c:22:6d:a5:
6c:be:10:71:37:f3:c0:a5:54:ad:2c:12:75:59:25:e3:75:ef:
62:4b:a0:c2:25:a9:2d:2a:95:c9:01:f7:3d:65:00:3e:2c:e8:
f4:92:09:53:98:da:60:ae:43:d5:7d:08:cd:26:c1:f9:c7:1c:
54:1a:c6:2f:95:1a:b0:4f:de:6b:e4:98:e8:7d:ee:51:26:09:
69:5b:e6:f8:7c:27:c0:04:bd:9c:9a:28:02:29:b2:f5:0e:a4:
27:12:d5:f5:b8:40:27:24:3a:6f:cf:48:f0:dd:7b:fb:6c:c4:
35:6f:5f:3f:d4:82:3a:f4:f1:4d:ad:30:1c:cc:2e:17:f6:08:
f2:df:22:3a:ba:6d:1b:73:97:ec:a5:f6:67:b2:41:59:f2:ab:
2e:be:28:d7:b7:b7:d3:55:b4:17:24:30:91:d6:8f:30:1f:6a:
d0:5a:99:76:1a:e8:e2:07:24:ec:d5:54:9c:08:8b:5a:90:4d:
1e:4a:f1:28:b2:ed:cc:ad:78:44:0a:96:a9:b2:21:ab:b5:ee:
42:95:61:7b:0e:3c:f5:ec:f4:f5:5b:57:4d:25:12:f5:33:bc:
cc:72:e9:66:bd:72:bd:7b:94:49:2c:15:2c:2f:aa:61:3d:c3:
32:2c:15:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVI6/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjYxZjk3ZmQ3ODU3YzEwMmJjOTY1N2Q3ZjNjMmFkM2ViODY1YmU0MB4XDTIyMDEw
MTE1NTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0YmZlNTAxODZj
MWNkYTM5MTA0NTJlYjhhZGJhZjIwY2VjYjdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoJn/jv/aQUaA8duBAQ65333JbygkFgAyNBwWQvAxqe6Uqe
cgWpTNVzArCNeeQF8YheFsfE85z2rdUE79PRauW8+1pMT/dj7pNFHKsNvdnsXbQr
wK188EwDaDOIcK7Os9iBZmdewG9gBI5ZeYidbCuH/CsvJOEz4bZW8vflltBl5L/C
OnEwf1hSZ2ZU/TaomZc1rVKMf4XpFibnCS3Wl2R6z5vuN2pF+6u0cQPnKawvm7rq
s/RJ3KDHN/fDH7HpylBNV+0u4g2+xkg4kGJjD6ihd0/GXSkS1MNdpRisC6DaMLHb
lQVjAGUM7unGHII2uXGsxTMI338/nAYVZgfRUt0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiS/5QGGwc2jkQRS64rbryDOy3rjAfBgNVHSMEGDAWgBSCYfl/14V8ECvJ
ZX1/PCrT64Zb5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtSDVmOWVGZkJBcnlXVjlmendxMC11R1ctUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNGNjZGQ2LTdlYzQtNGRmMy1iZmIyLWNhYjRkM2YzZmQ0NS8x
L29rdi1VQmhzSE5vNUVFVXV1SzI2OGd6c3Q2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NGNjZGQ2LTdlYzQtNGRmMy1iZmIyLWNhYjRkM2YzZmQ0NS8xL2dtSDVmOWVGZkJB
cnlXVjlmendxMC11R1ctUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnKADANBgkqhkiG9w0BAQsFAAOC
AQEAPr44zr9K8NB7N/UYg/hsIm2lbL4QcTfzwKVUrSwSdVkl43XvYkugwiWpLSqV
yQH3PWUAPizo9JIJU5jaYK5D1X0IzSbB+cccVBrGL5UasE/ea+SY6H3uUSYJaVvm
+HwnwAS9nJooAimy9Q6kJxLV9bhAJyQ6b89I8N17+2zENW9fP9SCOvTxTa0wHMwu
F/YI8t8iOrptG3OX7KX2Z7JBWfKrLr4o17e301W0FyQwkdaPMB9q0FqZdhro4gck
7NVUnAiLWpBNHkrxKLLtzK14RAqWqbIhq7XuQpVhew489ez09VtXTSUS9TO8zHLp
Zr1yvXuUSSwVLC+qYT3DMiwVVQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net