Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/hoKOermCUGUXPhGJMB3htCGxKbo.roa
File: hoKOermCUGUXPhGJMB3htCGxKbo.roa (raw, json)
Hash identifier: C2bDkxfzxHRN/J0tOztxhLbDgje2XNYFfUjponmFTcE=
Subject key identifier: 86:82:8E:7A:B9:82:50:65:17:3E:11:89:30:1D:E1:B4:21:B1:29:BA
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 019425FC1E010468D01F7F8432DB88DB3B51
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/hoKOermCUGUXPhGJMB3htCGxKbo.roa
Signing time: Thu 02 Jan 2025 07:47:47 +0000
ROA not before: Thu 02 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1930
IP address blocks: 158.162.0.0/18 maxlen: 19
158.162.64.0/19 maxlen: 19
158.162.96.0/20 maxlen: 20
158.162.112.0/21 maxlen: 21
158.162.128.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1e:01:04:68:d0:1f:7f:84:32:db:88:db:3b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86828e7ab9825065173e1189301de1b421b129ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:29:fc:ad:04:dd:54:81:61:ac:c0:56:20:3c:
ec:ff:a7:5f:e8:5a:cf:71:ed:21:35:e4:ef:9c:0f:
95:5b:0b:07:2c:0e:30:55:14:f6:28:72:5a:f2:3f:
9a:f5:70:80:76:e8:aa:a2:4d:ec:12:7e:98:28:00:
ae:f4:97:01:32:d0:d3:78:63:3f:91:11:9b:54:8a:
36:6d:07:92:b3:69:4a:41:c2:ff:c1:9b:df:3e:1a:
41:99:9d:59:12:86:fc:fa:87:f0:eb:a7:cd:92:0d:
33:7e:8e:66:13:6f:e7:47:f6:0b:48:fd:4b:87:17:
de:f1:f3:fb:df:0f:1e:62:95:22:cc:7e:3f:77:8d:
80:f2:67:e5:1a:90:d4:99:7d:70:b1:91:ef:04:3c:
d6:4e:5b:88:b4:7b:61:fe:f0:71:ec:ae:6f:34:62:
0a:aa:e5:e0:bc:83:79:3b:4b:f7:24:e7:9e:0c:3e:
82:c0:a9:fc:28:2d:a3:49:79:1b:99:43:67:81:ba:
49:1b:32:f5:11:99:9f:54:b9:0f:33:99:95:27:1e:
53:44:33:12:78:af:70:27:2a:bd:8d:b2:2d:51:d0:
ed:1a:04:05:00:7c:0b:28:80:01:56:93:10:b6:ae:
3f:96:44:51:f2:cb:07:58:af:d0:5d:05:a4:1c:8c:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:82:8E:7A:B9:82:50:65:17:3E:11:89:30:1D:E1:B4:21:B1:29:BA
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/hoKOermCUGUXPhGJMB3htCGxKbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.0.0-158.162.119.255
158.162.128.0/18
Signature Algorithm: sha256WithRSAEncryption
43:d2:9c:e8:36:4a:d1:47:9e:67:8d:d3:c3:18:4d:61:ae:1a:
d3:00:b0:6f:96:b8:08:a9:57:95:cc:79:8f:ea:e4:0f:e4:8f:
fb:85:86:48:d5:dc:fb:f9:41:cf:62:35:88:ed:6a:f9:57:86:
59:33:5f:a9:eb:40:03:9e:22:b3:19:7e:e7:9f:b7:cd:b4:46:
15:6e:69:7d:82:86:ae:3c:37:94:c8:bb:19:f7:be:e6:63:65:
8e:73:6c:bb:ca:1f:a7:43:51:97:8a:53:f9:20:a9:9f:90:14:
8d:5b:1d:f7:3a:1e:76:df:31:06:ef:bc:e8:6a:94:30:aa:8b:
22:d5:c9:b0:95:e6:5b:52:6a:c4:15:46:86:6d:23:78:7d:c5:
f5:97:6c:23:e8:aa:d8:7b:5f:5b:0a:71:ff:ea:c5:95:3b:f6:
68:bb:b0:f2:91:18:aa:77:e9:e6:74:cf:c8:97:fb:3b:55:e1:
4a:f1:2e:02:2c:13:54:a4:ea:b1:60:af:1a:94:80:34:73:bc:
56:b3:f0:32:f4:50:70:44:7f:d3:45:9a:5a:c3:11:0d:1b:c1:
17:85:d8:d2:8b:1d:0f:08:cc:ae:7d:e6:bb:04:86:63:9d:80:
6b:b3:99:d4:35:19:a8:53:39:0f:d3:22:d5:96:72:bf:70:b2:
c7:45:43:c0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQl/B4BBGjQH3+EMtuI2ztRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjUwMTAyMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgyOGU3YWI5ODI1MDY1MTczZTExODkzMDFkZTFiNDIxYjEyOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCn8rQTdVIFhrMBWIDzs/6df6FrP
ce0hNeTvnA+VWwsHLA4wVRT2KHJa8j+a9XCAduiqok3sEn6YKACu9JcBMtDTeGM/
kRGbVIo2bQeSs2lKQcL/wZvfPhpBmZ1ZEob8+ofw66fNkg0zfo5mE2/nR/YLSP1L
hxfe8fP73w8eYpUizH4/d42A8mflGpDUmX1wsZHvBDzWTluItHth/vBx7K5vNGIK
quXgvIN5O0v3JOeeDD6CwKn8KC2jSXkbmUNngbpJGzL1EZmfVLkPM5mVJx5TRDMS
eK9wJyq9jbItUdDtGgQFAHwLKIABVpMQtq4/lkRR8ssHWK/QXQWkHIxf4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIaCjnq5glBlFz4RiTAd4bQhsSm6MB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvaG9LT2VybUNVR1VYUGhHSk1CM2h0Q0d4S2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwGeogME
A56icAMEBp6igDANBgkqhkiG9w0BAQsFAAOCAQEAQ9Kc6DZK0UeeZ43TwxhNYa4a
0wCwb5a4CKlXlcx5j+rkD+SP+4WGSNXc+/lBz2I1iO1q+VeGWTNfqetAA54isxl+
55+3zbRGFW5pfYKGrjw3lMi7Gfe+5mNljnNsu8ofp0NRl4pT+SCpn5AUjVsd9zoe
dt8xBu+86GqUMKqLItXJsJXmW1JqxBVGhm0jeH3F9ZdsI+iq2HtfWwpx/+rFlTv2
aLuw8pEYqnfp5nTPyJf7O1XhSvEuAiwTVKTqsWCvGpSANHO8VrPwMvRQcER/00Wa
WsMRDRvBF4XY0osdDwjMrn3muwSGY52Aa7OZ1DUZqFM5D9Mi1ZZyv3Cyx0VDwA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:11 2025 by rpki-client