Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b71d88-2ead-4838-9955-8369dd531af5/1/OHS7HyRz5lR0qtUz0IPHv9gKn6E.roa
File: OHS7HyRz5lR0qtUz0IPHv9gKn6E.roa (raw, json)
Hash identifier: BPelc93yY57pAOIurnzqYh1BdxhBQ7jrRDRcf+pWbNo=
Subject key identifier: 38:74:BB:1F:24:73:E6:54:74:AA:D5:33:D0:83:C7:BF:D8:0A:9F:A1
Certificate issuer: /CN=1a3bfeb521f66e57248326cfff55becefddd0fcd
Certificate serial: E35DA2
Authority key identifier: 1A:3B:FE:B5:21:F6:6E:57:24:83:26:CF:FF:55:BE:CE:FD:DD:0F:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gjv-tSH2blckgybP_1W-zv3dD80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b71d88-2ead-4838-9955-8369dd531af5/1/OHS7HyRz5lR0qtUz0IPHv9gKn6E.roa
Signing time: Sat 01 Jan 2022 06:54:05 +0000
ROA not before: Sat 01 Jan 2022 06:54:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24843
IP address blocks: 193.8.206.0/24 maxlen: 24
193.8.206.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14900642 (0xe35da2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a3bfeb521f66e57248326cfff55becefddd0fcd
Validity
Not Before: Jan 1 06:54:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3874bb1f2473e65474aad533d083c7bfd80a9fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8d:72:85:88:0f:85:9f:70:29:de:19:c2:d6:
96:e8:65:ab:70:14:81:09:d9:d7:26:4c:8b:b6:c6:
d3:35:fc:9d:a8:f7:4f:3b:ef:16:70:50:50:12:b3:
9c:65:0d:13:70:dc:06:6e:52:4d:6d:f9:da:12:e7:
fd:e5:6b:15:e2:55:a5:00:25:24:0c:a3:38:87:62:
69:2f:37:b5:f9:45:c0:af:0f:53:0a:82:b8:1f:0a:
cc:ce:85:13:be:0a:95:59:b1:4f:ed:d3:4f:cc:8c:
dc:fc:a5:cd:33:bc:b0:31:fa:71:3a:9c:b9:15:c5:
ab:0c:3e:aa:d2:75:fe:48:a6:90:fb:3c:5b:6e:88:
6e:15:d6:be:56:00:f0:18:dc:d4:e3:40:94:37:91:
e4:f7:24:8e:e6:45:96:25:d1:98:09:16:7c:48:82:
c9:22:43:f1:94:81:34:63:c8:a1:4c:1a:12:8c:23:
df:c4:66:1c:44:59:d5:d9:f4:f8:3b:71:3f:e8:e0:
5d:02:86:40:6a:85:b1:fa:6c:ab:5e:34:a1:cc:6c:
4b:24:86:58:44:d2:49:5b:ed:3d:97:92:57:c9:64:
db:d6:f9:4c:29:d9:b0:c7:0a:ab:40:87:07:9a:7d:
ec:a2:aa:72:b7:f7:ad:5a:7a:3e:91:9f:69:94:61:
45:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:74:BB:1F:24:73:E6:54:74:AA:D5:33:D0:83:C7:BF:D8:0A:9F:A1
X509v3 Authority Key Identifier:
keyid:1A:3B:FE:B5:21:F6:6E:57:24:83:26:CF:FF:55:BE:CE:FD:DD:0F:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gjv-tSH2blckgybP_1W-zv3dD80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b71d88-2ead-4838-9955-8369dd531af5/1/OHS7HyRz5lR0qtUz0IPHv9gKn6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b71d88-2ead-4838-9955-8369dd531af5/1/Gjv-tSH2blckgybP_1W-zv3dD80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.206.0/23
Signature Algorithm: sha256WithRSAEncryption
64:fd:b4:53:b7:2d:f3:27:04:eb:dc:b8:18:5c:b6:87:3c:88:
56:d3:db:1c:f6:5e:67:a1:2a:03:4d:af:11:53:b7:d9:0b:c3:
ce:fc:88:fc:ab:62:4a:1c:a5:b4:3d:7b:3d:89:4b:d4:68:94:
82:a9:b1:9a:99:fd:ca:63:9f:98:59:41:76:aa:a2:26:6a:a3:
33:9b:85:44:fc:04:26:95:18:5c:04:36:6d:9f:22:38:b7:92:
a1:67:01:a6:05:51:aa:36:dc:ec:ae:3b:3b:26:5c:ef:8e:3a:
5a:15:ed:1e:75:ec:aa:62:ea:b8:34:dc:30:d2:c2:40:32:c1:
14:6b:4d:74:79:27:16:61:10:03:74:dd:29:00:40:72:a7:09:
d0:4f:1c:22:61:a5:b8:e8:a9:95:50:d4:46:d0:81:c1:ab:d8:
b9:7d:fc:49:7e:49:27:87:89:3b:f5:e6:db:57:c3:e7:95:b8:
1d:e1:dc:1a:3d:9a:f0:57:15:75:0a:f0:31:14:f9:47:90:5f:
81:29:c7:7b:f8:e8:80:a7:70:25:9d:e6:bd:c7:86:b6:7b:fd:
b3:2e:5e:43:64:24:91:6a:f2:31:33:ec:47:46:14:5e:ac:f6:
ca:00:52:6b:84:06:19:49:69:81:a4:51:51:c1:5c:18:be:2f:
8e:29:74:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAONdojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTNiZmViNTIxZjY2ZTU3MjQ4MzI2Y2ZmZjU1YmVjZWZkZGQwZmNkMB4XDTIyMDEw
MTA2NTQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg3NGJiMWYyNDcz
ZTY1NDc0YWFkNTMzZDA4M2M3YmZkODBhOWZhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGNcoWID4WfcCneGcLWluhlq3AUgQnZ1yZMi7bG0zX8naj3
TzvvFnBQUBKznGUNE3DcBm5STW352hLn/eVrFeJVpQAlJAyjOIdiaS83tflFwK8P
UwqCuB8KzM6FE74KlVmxT+3TT8yM3PylzTO8sDH6cTqcuRXFqww+qtJ1/kimkPs8
W26IbhXWvlYA8Bjc1ONAlDeR5PckjuZFliXRmAkWfEiCySJD8ZSBNGPIoUwaEowj
38RmHERZ1dn0+DtxP+jgXQKGQGqFsfpsq140ocxsSySGWETSSVvtPZeSV8lk29b5
TCnZsMcKq0CHB5p97KKqcrf3rVp6PpGfaZRhRSECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4dLsfJHPmVHSq1TPQg8e/2AqfoTAfBgNVHSMEGDAWgBQaO/61IfZuVySD
Js//Vb7O/d0PzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dqdi10U0gyYmxja2d5YlBfMVctenYzZEQ4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYjcxZDg4LTJlYWQtNDgzOC05OTU1LTgzNjlkZDUzMWFmNS8x
L09IUzdIeVJ6NWxSMHF0VXowSVBIdjlnS242RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YjcxZDg4LTJlYWQtNDgzOC05OTU1LTgzNjlkZDUzMWFmNS8xL0dqdi10U0gyYmxj
a2d5YlBfMVctenYzZEQ4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEIzjANBgkqhkiG9w0BAQsFAAOC
AQEAZP20U7ct8ycE69y4GFy2hzyIVtPbHPZeZ6EqA02vEVO32QvDzvyI/KtiShyl
tD17PYlL1GiUgqmxmpn9ymOfmFlBdqqiJmqjM5uFRPwEJpUYXAQ2bZ8iOLeSoWcB
pgVRqjbc7K47OyZc7446WhXtHnXsqmLquDTcMNLCQDLBFGtNdHknFmEQA3TdKQBA
cqcJ0E8cImGluOiplVDURtCBwavYuX38SX5JJ4eJO/Xm21fD55W4HeHcGj2a8FcV
dQrwMRT5R5BfgSnHe/jogKdwJZ3mvceGtnv9sy5eQ2QkkWryMTPsR0YUXqz2ygBS
a4QGGUlpgaRRUcFcGL4vjil0yA==
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:41:19 2025 by rpki-client