Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/46c7e6-4006-40f0-adaa-b4192ac638c9/1/OH2h9N_hyzRLLEO1xxz2pS01OI8.roa
File: OH2h9N_hyzRLLEO1xxz2pS01OI8.roa (raw, json)
Hash identifier: KX0d4zyKelEiSPA5pJcqywoIBRSpP8vuqYcvjW39t40=
Subject key identifier: 38:7D:A1:F4:DF:E1:CB:34:4B:2C:43:B5:C7:1C:F6:A5:2D:35:38:8F
Certificate issuer: /CN=0a42ae6e96180f03b7ca6d97427516e4c07f6e2b
Certificate serial: 01942067EC84B1C0874514D971E4E6A93735
Authority key identifier: 0A:42:AE:6E:96:18:0F:03:B7:CA:6D:97:42:75:16:E4:C0:7F:6E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkKubpYYDwO3ym2XQnUW5MB_bis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/46c7e6-4006-40f0-adaa-b4192ac638c9/1/OH2h9N_hyzRLLEO1xxz2pS01OI8.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213121
IP address blocks: 31.7.92.0/22 maxlen: 22
93.157.184.0/24 maxlen: 24
2a0a:cf80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ec:84:b1:c0:87:45:14:d9:71:e4:e6:a9:37:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a42ae6e96180f03b7ca6d97427516e4c07f6e2b
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=387da1f4dfe1cb344b2c43b5c71cf6a52d35388f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:3e:49:7f:f0:cf:90:10:81:79:bc:dd:01:
b1:29:ff:50:62:98:9e:fc:45:9b:b1:89:09:4a:98:
4b:c6:5b:91:31:95:2f:18:be:e7:26:12:4f:cf:eb:
d4:fa:41:78:7c:d6:d5:c1:dd:a9:65:97:c0:f5:43:
05:df:9c:00:93:a8:f9:7e:f7:ba:30:9a:b1:48:86:
44:d5:92:3d:4a:51:80:0f:1a:6a:64:95:71:f0:8a:
23:d6:e4:0d:97:df:4e:ca:aa:d9:a2:2a:83:d7:51:
6b:3d:0a:29:68:05:3b:da:09:4b:de:e3:79:49:6e:
79:03:96:39:56:e9:93:d8:e7:33:6a:18:11:9e:a6:
c9:23:e9:98:fa:8b:81:45:1d:d0:cd:89:ef:3e:8e:
ec:f4:5a:89:57:d2:f4:3a:4e:ac:4b:b9:60:4c:77:
5c:76:c5:06:c1:45:ca:8b:05:a5:f2:66:91:e2:37:
55:de:fd:e4:85:fd:aa:de:b6:ad:a7:7e:e7:08:69:
57:f9:6b:7d:df:97:a5:d9:fa:76:cf:ee:72:8c:ba:
55:eb:ba:74:42:e2:5c:e7:73:d6:0d:c3:0b:2f:69:
fd:56:a1:a5:b1:cc:64:bf:42:85:f8:77:e3:1a:d2:
09:d2:17:91:7a:ed:89:e9:1f:58:d2:a1:a0:e0:d4:
b0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:A1:F4:DF:E1:CB:34:4B:2C:43:B5:C7:1C:F6:A5:2D:35:38:8F
X509v3 Authority Key Identifier:
keyid:0A:42:AE:6E:96:18:0F:03:B7:CA:6D:97:42:75:16:E4:C0:7F:6E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkKubpYYDwO3ym2XQnUW5MB_bis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/46c7e6-4006-40f0-adaa-b4192ac638c9/1/OH2h9N_hyzRLLEO1xxz2pS01OI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/46c7e6-4006-40f0-adaa-b4192ac638c9/1/CkKubpYYDwO3ym2XQnUW5MB_bis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.92.0/22
93.157.184.0/24
IPv6:
2a0a:cf80::/29
Signature Algorithm: sha256WithRSAEncryption
0c:7a:a2:94:a4:5a:4c:95:5b:c8:ab:de:2b:3a:c8:b0:58:f9:
8b:21:d7:8c:93:a9:f2:bc:7c:38:38:31:39:93:ff:36:c5:04:
d7:0a:a6:5c:ca:5e:63:19:d6:9e:6f:e4:d0:8d:d0:ad:96:d4:
3f:58:48:c0:50:89:e7:31:b5:35:21:2a:d2:21:70:2b:e3:60:
c3:b0:66:10:a8:a9:15:6a:35:48:0a:2c:eb:a2:4a:c4:86:a3:
b2:db:b5:54:96:18:57:c8:25:2c:bb:00:a6:43:c4:59:c3:2d:
7b:44:21:1a:a0:b1:df:43:91:1c:d3:74:63:8d:c2:a5:85:81:
e9:48:74:c1:ac:38:2b:f5:a1:11:c4:34:31:9e:cd:18:6e:68:
ea:9e:25:66:87:9c:a9:2d:2b:71:4c:be:fc:93:e5:07:a7:f7:
05:bc:ef:f2:e6:81:7f:f0:3d:ee:f3:63:72:ab:57:bb:83:65:
cd:91:5f:5c:df:05:42:32:d8:72:df:cc:bf:75:0d:90:ac:81:
dc:38:40:13:cb:36:c3:ca:2d:8b:4a:47:c5:d5:0a:6a:4a:95:
8b:0b:ea:fd:10:39:af:07:86:1f:15:b1:95:86:09:ed:21:1b:
90:63:c4:bb:2d:35:70:ad:08:ae:8f:43:8c:f9:43:3a:fa:14:
1f:8e:f8:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ+yEscCHRRTZceTmqTc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDJhZTZlOTYxODBmMDNiN2NhNmQ5NzQyNzUxNmU0YzA3
ZjZlMmIwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdkYTFmNGRmZTFjYjM0NGIyYzQzYjVjNzFjZjZhNTJkMzUzODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5c+SX/wz5AQgXm83QGxKf9QYpie
/EWbsYkJSphLxluRMZUvGL7nJhJPz+vU+kF4fNbVwd2pZZfA9UMF35wAk6j5fve6
MJqxSIZE1ZI9SlGADxpqZJVx8Ioj1uQNl99OyqrZoiqD11FrPQopaAU72glL3uN5
SW55A5Y5VumT2OczahgRnqbJI+mY+ouBRR3QzYnvPo7s9FqJV9L0Ok6sS7lgTHdc
dsUGwUXKiwWl8maR4jdV3v3khf2q3ratp37nCGlX+Wt935el2fp2z+5yjLpV67p0
QuJc53PWDcMLL2n9VqGlscxkv0KF+HfjGtIJ0heReu2J6R9Y0qGg4NSweQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDh9ofTf4cs0SyxDtccc9qUtNTiPMB8GA1UdIwQY
MBaAFApCrm6WGA8Dt8ptl0J1FuTAf24rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tLdWJwWVlEd08zeW0yWFFuVVc1TUJfYmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80NmM3ZTYtNDAwNi00MGYwLWFkYWEt
YjQxOTJhYzYzOGM5LzEvT0gyaDlOX2h5elJMTEVPMXh4ejJwUzAxT0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80NmM3ZTYtNDAwNi00MGYwLWFkYWEtYjQxOTJhYzYzOGM5
LzEvQ2tLdWJwWVlEd08zeW0yWFFuVVc1TUJfYmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCHwdcAwQA
XZ24MA0EAgACMAcDBQMqCs+AMA0GCSqGSIb3DQEBCwUAA4IBAQAMeqKUpFpMlVvI
q94rOsiwWPmLIdeMk6nyvHw4ODE5k/82xQTXCqZcyl5jGdaeb+TQjdCtltQ/WEjA
UInnMbU1ISrSIXAr42DDsGYQqKkVajVICizrokrEhqOy27VUlhhXyCUsuwCmQ8RZ
wy17RCEaoLHfQ5Ec03RjjcKlhYHpSHTBrDgr9aERxDQxns0YbmjqniVmh5ypLStx
TL78k+UHp/cFvO/y5oF/8D3u82Nyq1e7g2XNkV9c3wVCMthy38y/dQ2QrIHcOEAT
yzbDyi2LSkfF1QpqSpWLC+r9EDmvB4YfFbGVhgntIRuQY8S7LTVwrQiuj0OM+UM6
+hQfjvhR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:20 2025 by rpki-client on console.sobornost.net