Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/how_KooQmBdSj409x5L5qI3rdqA.roa
File: how_KooQmBdSj409x5L5qI3rdqA.roa (raw, json)
Hash identifier: gscCPBnIx5JS7yQhDQhrULF4Cba6gqZr6uXn7eU48vw=
Subject key identifier: 86:8C:3F:2A:8A:10:98:17:52:8F:8D:3D:C7:92:F9:A8:8D:EB:76:A0
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50F39FB2
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/how_KooQmBdSj409x5L5qI3rdqA.roa
Signing time: Sat 01 Jan 2022 16:02:05 +0000
ROA not before: Sat 01 Jan 2022 16:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213011
IP address blocks: 194.209.39.0/24 maxlen: 24
194.209.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1358143410 (0x50f39fb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=868c3f2a8a109817528f8d3dc792f9a88deb76a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:13:f8:16:98:8d:b3:0a:5e:4c:96:9f:d6:
fc:93:d4:04:df:7a:6b:31:ad:53:55:4f:0d:5e:e5:
35:7f:02:b8:c1:74:9f:e8:e8:c9:bd:fa:3f:fc:09:
72:d4:94:4e:1f:91:0b:10:5e:93:61:0e:99:ec:b1:
37:4f:fe:77:7b:f8:9d:cb:e6:84:c9:b6:95:dd:2b:
16:22:71:df:9e:b3:1f:46:72:b0:3b:e7:78:04:88:
75:da:00:e1:f1:88:1e:06:95:b7:15:e9:ab:bb:dd:
65:52:d8:a6:72:2a:df:2a:9c:47:64:3d:36:9b:e0:
7f:b7:c5:12:f7:98:58:73:fb:1e:93:b3:3e:29:89:
8a:58:78:bf:6c:1d:a5:93:e7:a2:45:ef:48:40:40:
10:b7:62:59:ea:22:73:65:3b:db:47:2a:86:36:54:
5a:9e:80:f4:3a:f9:58:f7:87:41:f2:8a:1e:9d:50:
20:75:44:ea:11:c1:ba:15:e1:3b:fd:6d:fc:e7:86:
77:18:ff:3c:85:61:98:b3:a2:cd:85:30:37:32:26:
b5:be:02:d4:4b:ba:1f:aa:b4:df:71:e7:a3:2b:3e:
53:31:72:e9:ba:a3:54:17:27:e9:ef:0e:8c:84:2a:
99:61:6a:ab:ca:ab:e3:e5:7e:d9:d6:aa:5a:a3:6f:
65:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8C:3F:2A:8A:10:98:17:52:8F:8D:3D:C7:92:F9:A8:8D:EB:76:A0
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/how_KooQmBdSj409x5L5qI3rdqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.39.0/24
194.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:f8:e6:8d:ab:aa:c7:53:12:75:e8:4e:7b:f2:33:ff:9f:ba:
1d:c2:84:5e:4f:1d:a6:f5:98:1b:4a:a9:25:24:70:87:d5:59:
aa:e0:bd:58:ee:e9:49:9b:ca:b2:23:0a:b7:65:4d:8f:74:31:
3a:05:04:94:32:4e:0e:8e:99:81:00:bc:9e:cf:fc:3f:46:0a:
07:31:b6:b0:6e:43:5a:da:52:75:59:ee:80:98:ca:d7:b5:20:
3c:3a:e8:41:b9:39:b7:18:f6:f7:73:d7:56:7f:e5:27:7f:09:
48:23:4e:3f:2a:d2:90:c4:8d:68:bf:53:1d:12:2f:9d:1a:25:
72:fb:fc:f3:cf:ae:38:8b:a4:ac:cc:21:43:66:2e:60:50:37:
2b:2e:4e:de:25:2b:71:de:81:18:46:07:77:2f:1e:ce:d9:f3:
c6:01:5d:95:14:42:af:1c:6a:3b:5e:d5:8a:94:06:b8:fa:e2:
95:60:74:9f:95:b2:31:64:24:06:d0:64:b5:53:66:82:7f:cf:
3c:ec:03:af:f8:f4:10:14:5b:10:c7:8d:e6:ca:d8:df:53:67:
82:6f:72:06:e4:d8:58:2d:34:b9:3f:1d:37:71:2b:a1:da:77:
c5:74:33:d3:2c:aa:e8:ce:a3:fc:26:5e:dc:e3:06:94:87:f8:
23:3f:67:46
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEUPOfsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4YzNmMmE4YTEw
OTgxNzUyOGY4ZDNkYzc5MmY5YTg4ZGViNzZhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL56E/gWmI2zCl5Mlp/W/JPUBN96azGtU1VPDV7lNX8CuMF0
n+joyb36P/wJctSUTh+RCxBek2EOmeyxN0/+d3v4ncvmhMm2ld0rFiJx356zH0Zy
sDvneASIddoA4fGIHgaVtxXpq7vdZVLYpnIq3yqcR2Q9Npvgf7fFEveYWHP7HpOz
PimJilh4v2wdpZPnokXvSEBAELdiWeoic2U720cqhjZUWp6A9Dr5WPeHQfKKHp1Q
IHVE6hHBuhXhO/1t/OeGdxj/PIVhmLOizYUwNzImtb4C1Eu6H6q033Hnoys+UzFy
6bqjVBcn6e8OjIQqmWFqq8qr4+V+2daqWqNvZc8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSGjD8qihCYF1KPjT3Hkvmojet2oDAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L2hvd19Lb29RbUJkU2o0MDl4NUw1cUkzcmRxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMLRJwMEAMLRxjANBgkqhkiG9w0B
AQsFAAOCAQEATfjmjauqx1MSdehOe/Iz/5+6HcKEXk8dpvWYG0qpJSRwh9VZquC9
WO7pSZvKsiMKt2VNj3QxOgUElDJODo6ZgQC8ns/8P0YKBzG2sG5DWtpSdVnugJjK
17UgPDroQbk5txj293PXVn/lJ38JSCNOPyrSkMSNaL9THRIvnRolcvv888+uOIuk
rMwhQ2YuYFA3Ky5O3iUrcd6BGEYHdy8eztnzxgFdlRRCrxxqO17VipQGuPrilWB0
n5WyMWQkBtBktVNmgn/PPOwDr/j0EBRbEMeN5srY31Nngm9yBuTYWC00uT8dN3Er
odp3xXQz0yyq6M6j/CZe3OMGlIf4Iz9nRg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:08 2025 by rpki-client