Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/OialHmpN2PfgJDs6a7B2v4zJHRs.roa
File: OialHmpN2PfgJDs6a7B2v4zJHRs.roa (raw, json)
Hash identifier: Xr6Ys8oUxUhvsBwxBXXCldMQezaqpARcpSeHUjpkSck=
Subject key identifier: 3A:26:A5:1E:6A:4D:D8:F7:E0:24:3B:3A:6B:B0:76:BF:8C:C9:1D:1B
Certificate issuer: /CN=d63d5529bda17713ebe6b4c22f7fce4cb8f1e8b3
Certificate serial: 01941FFA295F64FD934E6BC8FEAF9F6FD11B
Authority key identifier: D6:3D:55:29:BD:A1:77:13:EB:E6:B4:C2:2F:7F:CE:4C:B8:F1:E8:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1j1VKb2hdxPr5rTCL3_OTLjx6LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/OialHmpN2PfgJDs6a7B2v4zJHRs.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210028
IP address blocks: 185.89.99.0/24 maxlen: 24
194.12.56.0/24 maxlen: 24
194.12.57.0/24 maxlen: 24
194.12.58.0/24 maxlen: 24
194.12.59.0/24 maxlen: 24
194.12.60.0/24 maxlen: 24
194.12.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:29:5f:64:fd:93:4e:6b:c8:fe:af:9f:6f:d1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d63d5529bda17713ebe6b4c22f7fce4cb8f1e8b3
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a26a51e6a4dd8f7e0243b3a6bb076bf8cc91d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:63:e5:e6:11:c7:af:35:3d:ea:6b:62:f5:29:
db:06:c2:34:fa:80:b9:00:f0:d5:90:54:e7:3f:93:
d4:ad:a3:d9:84:30:56:e8:3b:9f:2f:dc:9f:23:ed:
b3:87:6a:68:74:24:1b:73:5e:31:08:3c:b0:41:05:
53:6c:16:95:fa:18:7e:81:37:d9:71:04:7b:1c:a4:
6e:71:eb:6a:cf:40:08:28:f9:63:9c:46:94:c8:ff:
e5:8d:37:d3:aa:9e:c9:01:83:2f:ce:77:09:1f:80:
7e:7e:ba:f0:2f:5f:34:e0:eb:ea:34:16:04:c8:ee:
35:01:21:e9:fd:b6:66:ca:44:73:98:94:44:28:81:
e0:54:89:f2:28:ae:51:94:14:16:bb:0c:01:10:a1:
a5:ba:d4:92:d3:5a:22:16:6a:19:2e:35:7b:9f:cb:
01:27:80:0f:f3:b2:76:82:63:13:16:3e:2c:4c:96:
43:2d:41:58:d5:29:6e:43:36:c4:fe:44:2b:0c:0d:
fb:60:b1:c5:e6:2e:c4:bf:8a:43:6b:b0:b2:4c:13:
6b:b1:6f:18:78:94:a1:f8:1d:97:d0:87:5d:b4:07:
75:77:4a:57:4b:64:9b:a8:cf:d8:af:7e:41:84:c6:
d8:98:ea:33:21:2f:d2:07:6a:28:46:5a:56:39:79:
ca:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:26:A5:1E:6A:4D:D8:F7:E0:24:3B:3A:6B:B0:76:BF:8C:C9:1D:1B
X509v3 Authority Key Identifier:
keyid:D6:3D:55:29:BD:A1:77:13:EB:E6:B4:C2:2F:7F:CE:4C:B8:F1:E8:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j1VKb2hdxPr5rTCL3_OTLjx6LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/OialHmpN2PfgJDs6a7B2v4zJHRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/1j1VKb2hdxPr5rTCL3_OTLjx6LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.99.0/24
194.12.56.0-194.12.61.255
Signature Algorithm: sha256WithRSAEncryption
63:50:dd:ef:db:74:fe:90:97:e0:10:82:ec:48:1c:35:b3:63:
a4:35:75:62:cb:60:96:48:70:48:2e:e9:6c:e8:4a:4e:2a:01:
6a:c1:4f:28:f0:4d:48:2d:ca:2c:77:fa:30:de:8d:e5:8e:9f:
fd:d4:90:c2:ee:f2:b1:2d:77:8d:63:92:b5:e7:9a:5d:37:8c:
b8:ce:2f:63:2b:31:c4:15:9e:36:fa:1c:83:ef:bf:f5:bb:09:
43:5c:ff:b5:dc:2f:83:d4:5d:d3:ec:c3:89:38:79:8b:21:40:
31:05:a9:20:06:15:e2:60:87:ec:70:76:fd:fe:40:1a:62:4b:
b1:8e:32:18:ad:64:5c:2a:7d:f7:44:34:a6:ad:cf:49:78:cb:
00:ae:14:cc:b7:f4:63:d0:c3:74:77:8e:df:fb:ad:e4:dc:80:
53:ad:6e:8a:96:ec:fa:78:25:be:6a:56:43:4e:1e:aa:7d:a4:
e2:ed:50:fc:82:63:b1:c2:12:0f:7e:c1:c1:57:d3:83:5c:f3:
91:0b:b6:e7:c5:48:37:4d:22:bb:34:fc:cd:ff:88:13:3f:5d:
52:2d:31:9d:76:5f:cb:49:59:42:9f:39:c1:8d:3f:08:8a:c6:
5e:15:f0:ba:29:77:5a:e7:ac:38:33:75:29:bb:a1:7c:a4:6a:
02:17:83:31
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQf+ilfZP2TTmvI/q+fb9EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Q1NTI5YmRhMTc3MTNlYmU2YjRjMjJmN2ZjZTRjYjhm
MWU4YjMwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI2YTUxZTZhNGRkOGY3ZTAyNDNiM2E2YmIwNzZiZjhjYzkxZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGPl5hHHrzU96mti9SnbBsI0+oC5
APDVkFTnP5PUraPZhDBW6DufL9yfI+2zh2podCQbc14xCDywQQVTbBaV+hh+gTfZ
cQR7HKRucetqz0AIKPljnEaUyP/ljTfTqp7JAYMvzncJH4B+frrwL1804OvqNBYE
yO41ASHp/bZmykRzmJREKIHgVInyKK5RlBQWuwwBEKGlutSS01oiFmoZLjV7n8sB
J4AP87J2gmMTFj4sTJZDLUFY1SluQzbE/kQrDA37YLHF5i7Ev4pDa7CyTBNrsW8Y
eJSh+B2X0IddtAd1d0pXS2SbqM/Yr35BhMbYmOozIS/SB2ooRlpWOXnK7QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDompR5qTdj34CQ7Omuwdr+MyR0bMB8GA1UdIwQY
MBaAFNY9VSm9oXcT6+a0wi9/zky48eizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWoxVktiMmhkeFByNXJUQ0wzX09UTGp4NkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82MmIzNDItN2MyMC00MWUzLThmMWIt
Y2RjZjVmNmE0YzI3LzEvT2lhbEhtcE4yUGZnSkRzNmE3QjJ2NHpKSFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82MmIzNDItN2MyMC00MWUzLThmMWItY2RjZjVmNmE0YzI3
LzEvMWoxVktiMmhkeFByNXJUQ0wzX09UTGp4NkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuVljMAwD
BAPCDDgDBAHCDDwwDQYJKoZIhvcNAQELBQADggEBAGNQ3e/bdP6Ql+AQguxIHDWz
Y6Q1dWLLYJZIcEgu6WzoSk4qAWrBTyjwTUgtyix3+jDejeWOn/3UkMLu8rEtd41j
krXnml03jLjOL2MrMcQVnjb6HIPvv/W7CUNc/7XcL4PUXdPsw4k4eYshQDEFqSAG
FeJgh+xwdv3+QBpiS7GOMhitZFwqffdENKatz0l4ywCuFMy39GPQw3R3jt/7reTc
gFOtboqW7Pp4Jb5qVkNOHqp9pOLtUPyCY7HCEg9+wcFX04Nc85ELtufFSDdNIrs0
/M3/iBM/XVItMZ12X8tJWUKfOcGNPwiKxl4V8Lopd1rnrDgzdSm7oXykagIXgzE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net