Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/OIw1IENePZ-upkTKRtn8rlZjiKY.roa
File: OIw1IENePZ-upkTKRtn8rlZjiKY.roa (raw, json)
Hash identifier: zOqnUi4pX1IWvLYQ+EBAhcXccgQfhAY/XDiO0iIVI4U=
Subject key identifier: 38:8C:35:20:43:5E:3D:9F:AE:A6:44:CA:46:D9:FC:AE:56:63:88:A6
Certificate issuer: /CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Certificate serial: 0194228D0EDD6A22DDF09CFCD8DD775338F8
Authority key identifier: 85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/OIw1IENePZ-upkTKRtn8rlZjiKY.roa
Signing time: Wed 01 Jan 2025 15:47:37 +0000
ROA not before: Wed 01 Jan 2025 15:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20572
IP address blocks: 195.190.8.0/24 maxlen: 24
2001:67c:2ae4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0e:dd:6a:22:dd:f0:9c:fc:d8:dd:77:53:38:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851272e4e8186b9cf3d1eb42665c53ce714f4d4b
Validity
Not Before: Jan 1 15:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=388c3520435e3d9faea644ca46d9fcae566388a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:52:51:08:71:e7:dd:67:e1:d7:f6:66:04:
b8:cd:a4:84:5d:50:de:ce:a8:e8:77:90:6f:3c:e4:
71:ea:c0:15:c6:86:b4:d0:ad:fc:a3:67:8a:e8:b5:
7d:60:9f:c5:b9:71:6f:f2:a3:b9:82:4b:a4:c0:20:
83:14:94:98:cd:a4:a5:21:8a:19:01:04:70:ef:8b:
3d:70:1c:5b:a7:8b:b0:0a:fd:d3:1c:9b:39:6c:1a:
0d:af:cd:9a:ee:ef:5f:35:cb:3f:d8:38:f4:98:29:
08:a3:52:ce:f8:63:99:ec:0f:1f:e8:5b:5b:8c:53:
eb:65:cf:6a:fc:15:a3:c7:92:9b:dc:ea:c6:9c:1e:
c1:39:66:ad:de:33:78:0c:9d:fd:d2:81:ec:d4:86:
5c:88:56:86:79:cd:03:45:70:42:cc:96:36:3b:57:
22:c9:04:72:40:4e:61:62:91:3c:98:a8:1f:0f:2d:
7e:85:1f:49:d8:1f:f4:e7:77:bc:af:2d:1d:74:2b:
86:3c:ca:0f:13:6c:fb:be:57:9e:59:c4:b9:90:5d:
a5:08:d5:bb:e1:b1:30:f7:f8:0a:86:9d:c3:5d:42:
f5:87:49:9f:fe:73:61:a2:24:d1:17:9d:46:49:ea:
c1:96:77:6d:0e:92:f6:b0:ce:2e:0f:8b:5f:6f:28:
90:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8C:35:20:43:5E:3D:9F:AE:A6:44:CA:46:D9:FC:AE:56:63:88:A6
X509v3 Authority Key Identifier:
keyid:85:12:72:E4:E8:18:6B:9C:F3:D1:EB:42:66:5C:53:CE:71:4F:4D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hRJy5OgYa5zz0etCZlxTznFPTUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/OIw1IENePZ-upkTKRtn8rlZjiKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed94b1-b573-45e4-9e21-3f42c71780bc/1/hRJy5OgYa5zz0etCZlxTznFPTUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.8.0/24
IPv6:
2001:67c:2ae4::/48
Signature Algorithm: sha256WithRSAEncryption
10:05:05:15:13:bf:b6:48:30:66:e8:7f:12:e7:bc:88:81:39:
07:24:ea:fd:5e:93:32:a9:92:35:a3:21:bd:19:8d:32:f3:73:
00:15:46:d9:da:3b:ab:26:33:0a:df:9c:7a:3e:af:a2:f7:3c:
ab:a8:08:37:59:d0:a1:fe:19:10:2e:42:ef:43:d5:17:fe:ae:
1c:7b:ed:e1:d4:a1:ce:30:30:52:ca:31:7b:02:81:fe:4e:08:
d2:b4:d3:ad:5c:54:5f:42:a4:59:0b:8f:4c:5e:81:23:06:9f:
51:71:91:25:2b:d8:b1:af:e5:4a:80:0d:3c:86:11:fc:e5:1d:
67:c5:21:5b:7c:1c:d8:ae:4a:65:65:2f:d6:d0:8b:37:6d:71:
64:8f:07:a3:19:3f:9a:6b:49:5c:83:8b:b3:b5:78:e3:6c:28:
e1:5a:1f:a7:be:05:e4:e6:41:53:6d:ec:fd:c8:3a:a2:e1:89:
31:99:5f:95:f9:37:54:15:4b:98:71:5c:65:9a:4b:45:ab:8c:
67:53:ee:f7:ed:46:17:16:21:f4:32:08:82:9c:95:11:24:bc:
8c:7d:3f:26:bf:cc:39:33:fe:4c:cc:8d:5b:f0:f2:45:39:6f:
c3:fc:7b:29:c8:f5:1d:0a:cf:31:73:0a:92:00:bd:17:9a:bd:
ae:76:9a:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijQ7daiLd8Jz82N13Uzj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MTI3MmU0ZTgxODZiOWNmM2QxZWI0MjY2NWM1M2NlNzE0
ZjRkNGIwHhcNMjUwMTAxMTU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhjMzUyMDQzNWUzZDlmYWVhNjQ0Y2E0NmQ5ZmNhZTU2NjM4OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQlSUQhx591n4df2ZgS4zaSEXVDe
zqjod5BvPORx6sAVxoa00K38o2eK6LV9YJ/FuXFv8qO5gkukwCCDFJSYzaSlIYoZ
AQRw74s9cBxbp4uwCv3THJs5bBoNr82a7u9fNcs/2Dj0mCkIo1LO+GOZ7A8f6Ftb
jFPrZc9q/BWjx5Kb3OrGnB7BOWat3jN4DJ390oHs1IZciFaGec0DRXBCzJY2O1ci
yQRyQE5hYpE8mKgfDy1+hR9J2B/053e8ry0ddCuGPMoPE2z7vleeWcS5kF2lCNW7
4bEw9/gKhp3DXUL1h0mf/nNhoiTRF51GSerBlndtDpL2sM4uD4tfbyiQIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDiMNSBDXj2frqZEykbZ/K5WY4imMB8GA1UdIwQY
MBaAFIUScuToGGuc89HrQmZcU85xT01LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEt
M2Y0MmM3MTc4MGJjLzEvT0l3MUlFTmVQWi11cGtUS1J0bjhybFpqaUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDk0YjEtYjU3My00NWU0LTllMjEtM2Y0MmM3MTc4MGJj
LzEvaFJKeTVPZ1lhNXp6MGV0Q1pseFR6bkZQVFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw74IMA8E
AgACMAkDBwAgAQZ8KuQwDQYJKoZIhvcNAQELBQADggEBABAFBRUTv7ZIMGbofxLn
vIiBOQck6v1ekzKpkjWjIb0ZjTLzcwAVRtnaO6smMwrfnHo+r6L3PKuoCDdZ0KH+
GRAuQu9D1Rf+rhx77eHUoc4wMFLKMXsCgf5OCNK0061cVF9CpFkLj0xegSMGn1Fx
kSUr2LGv5UqADTyGEfzlHWfFIVt8HNiuSmVlL9bQizdtcWSPB6MZP5prSVyDi7O1
eONsKOFaH6e+BeTmQVNt7P3IOqLhiTGZX5X5N1QVS5hxXGWaS0WrjGdT7vftRhcW
IfQyCIKclREkvIx9Pya/zDkz/kzMjVvw8kU5b8P8eynI9R0KzzFzCpIAvReava52
mpo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:09 2025 by rpki-client on console.sobornost.net