Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/f870c4-bdc9-453b-b3c8-491d30f4a2c8/1/ohqKuhVASRrB9T2VKGm2oxF8gPE.roa
File: ohqKuhVASRrB9T2VKGm2oxF8gPE.roa (raw, json)
Hash identifier: BAH92y9b1xJW2sbjfw7QOsduF26YD433wmBfFvaPMSo=
Subject key identifier: A2:1A:8A:BA:15:40:49:1A:C1:F5:3D:95:28:69:B6:A3:11:7C:80:F1
Certificate issuer: /CN=4e98acc86f41c4715b10c1dd52631c32a8194a30
Certificate serial: 019421B1E6B3226D8DF3B33914C5836F8B7F
Authority key identifier: 4E:98:AC:C8:6F:41:C4:71:5B:10:C1:DD:52:63:1C:32:A8:19:4A:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpisyG9BxHFbEMHdUmMcMqgZSjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/f870c4-bdc9-453b-b3c8-491d30f4a2c8/1/ohqKuhVASRrB9T2VKGm2oxF8gPE.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59925
IP address blocks: 185.66.36.0/22 maxlen: 22
2a03:1e20::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e6:b3:22:6d:8d:f3:b3:39:14:c5:83:6f:8b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e98acc86f41c4715b10c1dd52631c32a8194a30
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a21a8aba1540491ac1f53d952869b6a3117c80f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:96:f3:8d:05:7f:81:ad:4e:ef:8a:53:ca:
e1:79:da:c0:91:e4:23:3b:da:52:65:8f:68:e4:db:
a9:ac:3d:26:e9:1f:64:ba:7e:37:f4:7d:5d:b6:13:
7d:1f:ea:0b:9b:68:15:95:3a:6a:c3:90:3a:f3:e6:
7f:7c:41:82:a9:df:ce:2e:e3:a3:b8:69:24:ea:20:
7c:29:60:9a:28:53:1b:6f:d9:d9:5c:96:15:3e:5f:
c5:d6:9b:2e:7e:e8:97:24:d9:ce:98:cc:23:c1:04:
4e:c4:05:a0:60:a3:45:c9:3a:84:3d:87:fd:ba:8d:
b9:f4:91:6f:a9:12:a3:4d:ca:5a:8c:cf:48:51:66:
90:ae:e7:e4:e3:32:98:00:99:6e:23:3f:2a:a4:88:
4b:fd:a3:20:2b:9e:45:aa:90:c2:d8:36:98:e4:81:
d9:01:82:ee:fe:a1:bc:6a:82:5e:6c:c1:61:7d:26:
bb:df:d3:fa:43:c7:c9:78:c6:40:0e:01:aa:da:d8:
52:cd:0b:7f:16:f7:32:52:79:13:ea:d1:66:4f:28:
76:13:55:cc:3d:54:9b:d1:a6:39:52:6f:db:3f:fa:
53:9f:af:98:54:bb:28:78:32:9e:17:fe:74:07:46:
44:2b:16:a5:f1:9e:ef:47:c4:a1:c2:33:83:cf:74:
26:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:8A:BA:15:40:49:1A:C1:F5:3D:95:28:69:B6:A3:11:7C:80:F1
X509v3 Authority Key Identifier:
keyid:4E:98:AC:C8:6F:41:C4:71:5B:10:C1:DD:52:63:1C:32:A8:19:4A:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpisyG9BxHFbEMHdUmMcMqgZSjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/f870c4-bdc9-453b-b3c8-491d30f4a2c8/1/ohqKuhVASRrB9T2VKGm2oxF8gPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/f870c4-bdc9-453b-b3c8-491d30f4a2c8/1/TpisyG9BxHFbEMHdUmMcMqgZSjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.36.0/22
IPv6:
2a03:1e20::/32
Signature Algorithm: sha256WithRSAEncryption
58:14:73:74:7b:63:f2:d0:06:1f:1a:66:9b:18:54:71:f9:75:
6b:cd:a4:7e:7b:4f:e8:90:a6:0c:b0:56:02:fa:61:2c:bd:0d:
bf:29:b7:54:92:b8:cd:46:94:b8:2a:d1:5e:6b:51:b9:0a:30:
9b:a1:5c:f3:da:76:96:64:ed:2c:3d:8c:e3:d9:a8:b3:c8:75:
60:f1:fb:3c:d0:69:d3:6f:5b:bd:8d:4e:b1:1c:9b:c8:de:78:
cc:8a:0a:11:e1:85:d7:67:3b:7c:64:e3:7e:fb:7f:06:ce:4a:
ca:57:a8:19:9f:2d:43:a2:7c:60:9d:89:c6:de:f8:3b:4e:86:
20:e9:d8:b6:56:dd:8e:19:f6:da:b5:ae:7c:bf:99:d4:63:3d:
2a:85:8b:2c:50:28:b9:9f:3d:20:48:88:97:e4:44:b0:3f:4e:
76:d9:da:ad:b9:13:83:22:b8:74:26:4e:52:61:e5:b0:f7:fb:
10:18:b0:da:2f:df:0b:44:65:01:85:9e:48:cb:0b:71:fb:c8:
6f:85:a8:3f:dd:66:59:11:88:70:40:9c:ed:8c:1e:31:95:a9:
45:99:78:0a:bb:b5:b3:96:22:e8:2a:e2:b3:bd:b4:e7:6a:02:
92:32:ba:d3:7b:a8:4d:bc:f6:df:8c:d0:53:fc:6b:f4:bf:5c:
8b:7b:e5:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhseazIm2N87M5FMWDb4t/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOThhY2M4NmY0MWM0NzE1YjEwYzFkZDUyNjMxYzMyYTgx
OTRhMzAwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFhOGFiYTE1NDA0OTFhYzFmNTNkOTUyODY5YjZhMzExN2M4MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHaW840Ff4GtTu+KU8rhedrAkeQj
O9pSZY9o5NuprD0m6R9kun439H1dthN9H+oLm2gVlTpqw5A68+Z/fEGCqd/OLuOj
uGkk6iB8KWCaKFMbb9nZXJYVPl/F1psufuiXJNnOmMwjwQROxAWgYKNFyTqEPYf9
uo259JFvqRKjTcpajM9IUWaQrufk4zKYAJluIz8qpIhL/aMgK55FqpDC2DaY5IHZ
AYLu/qG8aoJebMFhfSa739P6Q8fJeMZADgGq2thSzQt/FvcyUnkT6tFmTyh2E1XM
PVSb0aY5Um/bP/pTn6+YVLsoeDKeF/50B0ZEKxal8Z7vR8ShwjODz3QmHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKIairoVQEkawfU9lShptqMRfIDxMB8GA1UdIwQY
MBaAFE6YrMhvQcRxWxDB3VJjHDKoGUowMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBpc3lHOUJ4SEZiRU1IZFVtTWNNcWdaU2pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mODcwYzQtYmRjOS00NTNiLWIzYzgt
NDkxZDMwZjRhMmM4LzEvb2hxS3VoVkFTUnJCOVQyVktHbTJveEY4Z1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mODcwYzQtYmRjOS00NTNiLWIzYzgtNDkxZDMwZjRhMmM4
LzEvVHBpc3lHOUJ4SEZiRU1IZFVtTWNNcWdaU2pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUIkMA0E
AgACMAcDBQAqAx4gMA0GCSqGSIb3DQEBCwUAA4IBAQBYFHN0e2Py0AYfGmabGFRx
+XVrzaR+e0/okKYMsFYC+mEsvQ2/KbdUkrjNRpS4KtFea1G5CjCboVzz2naWZO0s
PYzj2aizyHVg8fs80GnTb1u9jU6xHJvI3njMigoR4YXXZzt8ZON++38GzkrKV6gZ
ny1DonxgnYnG3vg7ToYg6di2Vt2OGfbata58v5nUYz0qhYssUCi5nz0gSIiX5ESw
P0522dqtuRODIrh0Jk5SYeWw9/sQGLDaL98LRGUBhZ5Iywtx+8hvhag/3WZZEYhw
QJztjB4xlalFmXgKu7WzliLoKuKzvbTnagKSMrrTe6hNvPbfjNBT/Gv0v1yLe+Uq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:00 2025 by rpki-client on console.sobornost.net