Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/OK60eEXoBVz15pEwVmX0yYULZbk.roa
File: OK60eEXoBVz15pEwVmX0yYULZbk.roa (raw, json)
Hash identifier: irOuBXNJpmhp7Bb40BZggz4rGVp00h/PvH1AyeAmbL8=
Subject key identifier: 38:AE:B4:78:45:E8:05:5C:F5:E6:91:30:56:65:F4:C9:85:0B:65:B9
Certificate issuer: /CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Certificate serial: 019422FB54D0068D18FFF8A0852836FD60F9
Authority key identifier: DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/OK60eEXoBVz15pEwVmX0yYULZbk.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8538
IP address blocks: 192.162.104.0/22 maxlen: 22
195.8.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:54:d0:06:8d:18:ff:f8:a0:85:28:36:fd:60:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38aeb47845e8055cf5e691305665f4c9850b65b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:61:ce:bf:1a:61:07:90:75:3a:93:b2:12:
03:30:9a:c0:34:73:2a:3a:07:7a:32:8e:b8:ef:44:
5c:e9:5f:a4:8f:7a:89:cc:e1:6b:d8:fc:9d:8d:06:
ae:49:23:9e:d2:07:84:d7:a0:e4:7d:2e:0d:69:de:
d6:01:85:8a:69:e8:9a:0c:f4:ca:b6:f4:d5:9d:21:
44:e5:02:47:87:e6:ee:bb:57:6f:ef:0f:52:3d:3d:
ea:90:fd:39:c5:58:e8:24:62:e2:4f:f6:1a:45:e2:
e3:20:0d:a4:e7:c5:31:fc:6e:62:e2:8d:a5:3a:f0:
d9:3f:19:b0:90:2f:3f:b9:e4:91:0f:9c:d3:6d:1c:
5b:93:91:5a:48:6c:77:c9:ee:c2:ac:b4:80:c1:e5:
f5:d7:b4:43:0d:f3:92:5f:01:f9:11:1b:d9:0f:2d:
e6:52:50:67:b2:17:4e:d5:04:00:57:c2:ae:28:75:
7d:83:99:10:33:65:86:cb:20:1a:22:d4:d3:7a:a2:
4c:e7:9d:29:5b:b3:7e:75:16:0c:8f:36:41:7e:5e:
6e:91:d6:d2:b9:8a:7c:4f:b2:82:2e:b2:c3:8a:5c:
6a:98:2f:3d:aa:ef:00:bc:1a:2c:18:f5:61:dd:17:
a1:e4:a1:82:cc:e5:50:82:f1:b8:fa:0b:91:e8:b9:
30:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AE:B4:78:45:E8:05:5C:F5:E6:91:30:56:65:F4:C9:85:0B:65:B9
X509v3 Authority Key Identifier:
keyid:DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/OK60eEXoBVz15pEwVmX0yYULZbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.104.0/22
195.8.115.0/24
Signature Algorithm: sha256WithRSAEncryption
63:2e:b7:51:f8:f1:d3:49:a0:76:47:1c:f9:30:af:09:34:cb:
f5:96:e8:89:93:09:11:57:c0:71:5a:cf:c7:5c:e2:76:74:62:
bb:17:29:69:65:37:70:49:fb:e1:7c:c9:b0:fc:11:9a:1b:b4:
1f:11:50:44:99:7f:40:af:15:db:87:b6:86:8c:36:6c:bc:9f:
f2:c8:6e:8f:08:00:19:66:34:3d:f6:81:8b:c5:ed:78:15:d9:
15:4d:79:3a:0e:9e:95:3d:52:b0:f7:cf:14:d3:c7:ba:ab:58:
c3:b0:28:64:4a:69:ae:e4:f6:82:6f:30:3e:df:1f:67:aa:05:
38:ec:f7:99:71:8c:ae:96:b1:6f:36:b6:aa:20:15:f3:ba:0d:
85:5d:0e:6c:ee:6f:fb:0f:40:27:9b:24:26:c0:e3:86:da:7f:
92:30:12:05:67:2d:33:d4:b2:05:69:2f:d8:f2:0a:e0:32:24:
44:59:b3:51:99:c3:34:7f:71:d2:c4:c3:bc:c3:9a:47:05:29:
dc:27:f5:2a:e2:39:04:b5:a2:75:12:c2:d6:de:65:b3:24:49:
fc:b5:64:b3:22:49:a3:91:9a:56:7a:e0:ed:91:6a:66:f4:d2:
43:a1:25:8a:c2:a1:a3:0e:eb:e0:25:db:0d:88:7a:c5:cc:a5:
70:34:74:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+1TQBo0Y//ighSg2/WD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYzg4MjMyYzA3ZGUyY2RjYjk2ZWFmOWU3NTE1NTBiYWE2
NmM1ODgwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFlYjQ3ODQ1ZTgwNTVjZjVlNjkxMzA1NjY1ZjRjOTg1MGI2NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluZhzr8aYQeQdTqTshIDMJrANHMq
Ogd6Mo6470Rc6V+kj3qJzOFr2PydjQauSSOe0geE16DkfS4Nad7WAYWKaeiaDPTK
tvTVnSFE5QJHh+buu1dv7w9SPT3qkP05xVjoJGLiT/YaReLjIA2k58Ux/G5i4o2l
OvDZPxmwkC8/ueSRD5zTbRxbk5FaSGx3ye7CrLSAweX117RDDfOSXwH5ERvZDy3m
UlBnshdO1QQAV8KuKHV9g5kQM2WGyyAaItTTeqJM550pW7N+dRYMjzZBfl5ukdbS
uYp8T7KCLrLDilxqmC89qu8AvBosGPVh3Reh5KGCzOVQgvG4+guR6LkwzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDiutHhF6AVc9eaRMFZl9MmFC2W5MB8GA1UdIwQY
MBaAFN3IgjLAfeLNy5bq+edRVQuqZsWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGIt
NDJjNzliMDNiNGRmLzEvT0s2MGVFWG9CVnoxNXBFd1ZtWDB5WVVMWmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGItNDJjNzliMDNiNGRm
LzEvM2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwKJoAwQA
wwhzMA0GCSqGSIb3DQEBCwUAA4IBAQBjLrdR+PHTSaB2Rxz5MK8JNMv1luiJkwkR
V8BxWs/HXOJ2dGK7FylpZTdwSfvhfMmw/BGaG7QfEVBEmX9ArxXbh7aGjDZsvJ/y
yG6PCAAZZjQ99oGLxe14FdkVTXk6Dp6VPVKw988U08e6q1jDsChkSmmu5PaCbzA+
3x9nqgU47PeZcYyulrFvNraqIBXzug2FXQ5s7m/7D0AnmyQmwOOG2n+SMBIFZy0z
1LIFaS/Y8grgMiREWbNRmcM0f3HSxMO8w5pHBSncJ/Uq4jkEtaJ1EsLW3mWzJEn8
tWSzIkmjkZpWeuDtkWpm9NJDoSWKwqGjDuvgJdsNiHrFzKVwNHQ7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net