Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/OhsLBgdiLz12uE4gfFblJpOKDsM.roa
File: OhsLBgdiLz12uE4gfFblJpOKDsM.roa (raw, json)
Hash identifier: +nTXnosSsmnjrvQn+59KIQoVJyqP58V74UTxUmrvxmI=
Subject key identifier: 3A:1B:0B:06:07:62:2F:3D:76:B8:4E:20:7C:56:E5:26:93:8A:0E:C3
Certificate issuer: /CN=349c02b30adbf10f71f9be0f4644424498263df3
Certificate serial: 01942144109DC57CE8ACE93D53C4B26440AE
Authority key identifier: 34:9C:02:B3:0A:DB:F1:0F:71:F9:BE:0F:46:44:42:44:98:26:3D:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJwCswrb8Q9x-b4PRkRCRJgmPfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/OhsLBgdiLz12uE4gfFblJpOKDsM.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56674
IP address blocks: 91.226.148.0/24 maxlen: 24
91.226.149.0/24 maxlen: 24
91.226.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:10:9d:c5:7c:e8:ac:e9:3d:53:c4:b2:64:40:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349c02b30adbf10f71f9be0f4644424498263df3
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a1b0b0607622f3d76b84e207c56e526938a0ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b0:24:e5:0a:0a:57:92:16:cc:66:a5:c9:4c:
8b:22:86:3a:63:4e:00:c8:ae:5f:79:1a:ce:46:a7:
e3:39:de:8a:87:98:1d:d7:2c:d3:f0:c2:99:08:e7:
2c:3e:26:10:65:b2:43:c6:91:73:50:33:5e:f8:47:
45:d5:39:b6:45:5f:a0:72:3a:da:45:e2:4e:09:50:
41:ed:08:4f:13:87:6c:32:b2:ee:e9:e1:c4:69:0e:
75:fa:1e:5f:c0:5e:3c:8d:4b:48:36:e1:ba:af:3a:
04:4a:b9:73:c1:47:62:4b:f6:de:3f:3e:ba:b3:21:
29:42:aa:87:e2:b2:55:1d:a1:a0:31:7e:08:a8:d2:
55:1b:b4:51:06:f0:96:42:ec:76:23:d9:a4:37:44:
52:30:75:00:fb:e7:4e:ec:f0:24:44:56:47:43:17:
2f:fb:5d:f3:7a:21:e2:5f:fb:82:31:c4:09:ff:ff:
7e:68:13:73:42:0d:8d:e8:38:93:f3:b2:1f:7e:fe:
bf:b4:d6:b6:2d:02:81:de:c2:9c:2b:eb:38:58:bf:
e7:5d:98:b5:75:1f:01:85:36:33:4d:82:2a:d2:c3:
80:8e:a6:f2:09:fc:11:dc:c8:d3:ce:43:9c:4b:40:
31:0c:1d:c6:2b:8d:5b:61:2a:6a:c8:73:cd:c9:66:
26:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1B:0B:06:07:62:2F:3D:76:B8:4E:20:7C:56:E5:26:93:8A:0E:C3
X509v3 Authority Key Identifier:
keyid:34:9C:02:B3:0A:DB:F1:0F:71:F9:BE:0F:46:44:42:44:98:26:3D:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJwCswrb8Q9x-b4PRkRCRJgmPfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/OhsLBgdiLz12uE4gfFblJpOKDsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/NJwCswrb8Q9x-b4PRkRCRJgmPfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.148.0-91.226.150.255
Signature Algorithm: sha256WithRSAEncryption
82:c4:b5:46:1c:c9:22:5c:d1:85:10:dd:2f:99:86:bf:19:55:
2e:1a:3d:1d:62:0e:d1:bc:3e:f2:3d:ee:d6:98:63:6a:0b:84:
98:04:e2:d5:ee:ca:60:0b:fc:7c:ab:5d:42:82:23:c3:17:53:
88:c1:94:c0:3a:48:da:9a:52:7c:5c:43:4f:80:aa:0b:d5:ca:
9d:6a:9e:84:60:8a:24:84:46:44:dc:2a:c3:65:4d:c1:b8:6d:
6a:2a:31:e9:95:22:87:ce:9d:1f:9b:1b:63:08:1a:3c:05:46:
ca:19:5d:52:83:f2:59:5c:a8:8d:e6:93:1f:76:42:97:fe:2e:
2b:ba:7f:af:e1:16:59:42:27:40:00:3f:5f:78:95:c3:2b:da:
e9:01:ed:bc:c9:78:0e:f2:ee:74:e6:95:12:1f:6a:9a:ed:ec:
56:43:8e:d9:79:36:c6:67:0a:7e:d9:e6:cd:4a:b3:a1:26:e1:
5e:96:7e:c1:41:42:5a:3c:0b:b9:f0:66:87:05:ee:0a:f9:13:
29:1a:68:3c:d1:a9:7f:31:69:a0:62:19:d6:08:50:1b:92:eb:
19:6b:43:78:fd:ec:9a:66:85:ab:23:bc:c3:ff:af:a0:8d:44:
d1:d5:6b:6e:fc:52:8a:bf:ef:d5:fc:a2:df:1a:fb:f1:95:f9:
72:84:5d:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQhRBCdxXzorOk9U8SyZECuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWMwMmIzMGFkYmYxMGY3MWY5YmUwZjQ2NDQ0MjQ0OTgy
NjNkZjMwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFiMGIwNjA3NjIyZjNkNzZiODRlMjA3YzU2ZTUyNjkzOGEwZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrAk5QoKV5IWzGalyUyLIoY6Y04A
yK5feRrORqfjOd6Kh5gd1yzT8MKZCOcsPiYQZbJDxpFzUDNe+EdF1Tm2RV+gcjra
ReJOCVBB7QhPE4dsMrLu6eHEaQ51+h5fwF48jUtINuG6rzoESrlzwUdiS/bePz66
syEpQqqH4rJVHaGgMX4IqNJVG7RRBvCWQux2I9mkN0RSMHUA++dO7PAkRFZHQxcv
+13zeiHiX/uCMcQJ//9+aBNzQg2N6DiT87Iffv6/tNa2LQKB3sKcK+s4WL/nXZi1
dR8BhTYzTYIq0sOAjqbyCfwR3MjTzkOcS0AxDB3GK41bYSpqyHPNyWYmYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDobCwYHYi89drhOIHxW5SaTig7DMB8GA1UdIwQY
MBaAFDScArMK2/EPcfm+D0ZEQkSYJj3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp3Q3N3cmI4UTl4LWI0UFJrUkNSSmdtUGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84MTM4MjEtMjRmNC00ODVmLTljNGIt
NDMzNDAzZDMwYTgzLzEvT2hzTEJnZGlMejEydUU0Z2ZGYmxKcE9LRHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84MTM4MjEtMjRmNC00ODVmLTljNGItNDMzNDAzZDMwYTgz
LzEvTkp3Q3N3cmI4UTl4LWI0UFJrUkNSSmdtUGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb4pQD
BABb4pYwDQYJKoZIhvcNAQELBQADggEBAILEtUYcySJc0YUQ3S+Zhr8ZVS4aPR1i
DtG8PvI97taYY2oLhJgE4tXuymAL/HyrXUKCI8MXU4jBlMA6SNqaUnxcQ0+AqgvV
yp1qnoRgiiSERkTcKsNlTcG4bWoqMemVIofOnR+bG2MIGjwFRsoZXVKD8llcqI3m
kx92Qpf+Liu6f6/hFllCJ0AAP194lcMr2ukB7bzJeA7y7nTmlRIfaprt7FZDjtl5
NsZnCn7Z5s1Ks6Em4V6WfsFBQlo8C7nwZocF7gr5EykaaDzRqX8xaaBiGdYIUBuS
6xlrQ3j97JpmhasjvMP/r6CNRNHVa278Uoq/79X8ot8a+/GV+XKEXYE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net