Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/oHOE23KID-RNL2AjJC6FsHSJCTw.roa
File: oHOE23KID-RNL2AjJC6FsHSJCTw.roa (raw, json)
Hash identifier: aeFPu0tROklrZcpoYmzmuv/yNhmHB4w2carh7DS0TzM=
Subject key identifier: A0:73:84:DB:72:88:0F:E4:4D:2F:60:23:24:2E:85:B0:74:89:09:3C
Certificate issuer: /CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Certificate serial: 0185B717314D45779BBD2B95FBCB99C87F1F
Authority key identifier: C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/oHOE23KID-RNL2AjJC6FsHSJCTw.roa
Signing time: Sun 15 Jan 2023 20:20:28 +0000
ROA not before: Sun 15 Jan 2023 20:20:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 77.37.71.0/24 maxlen: 24
93.127.223.0/24 maxlen: 24
77.37.95.0/24 maxlen: 24
77.37.32.0/24 maxlen: 24
77.37.44.0/24 maxlen: 24
77.37.48.0/22 maxlen: 24
93.127.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b7:17:31:4d:45:77:9b:bd:2b:95:fb:cb:99:c8:7f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Validity
Not Before: Jan 15 20:20:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a07384db72880fe44d2f6023242e85b07489093c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:94:de:7d:16:93:ac:29:8e:3b:d3:bd:55:dc:
06:01:b1:ec:e6:97:fb:ca:26:da:f6:f6:6c:e8:0d:
35:c2:8e:c4:71:81:5e:e1:89:20:cd:9e:b9:c5:c4:
a3:62:e0:c2:c0:a5:ae:08:66:a0:0c:62:c1:5b:06:
fd:61:4d:8f:58:5b:8c:fd:74:e7:a8:2e:95:91:48:
10:df:b4:a6:90:68:d6:4a:39:aa:10:ff:76:21:ab:
bb:0d:73:4e:a1:75:ac:18:4f:4d:42:c7:1a:54:3e:
83:0f:31:1c:12:3a:fe:37:61:10:f3:bc:84:60:fc:
08:25:60:ff:24:72:95:07:7e:41:88:8a:aa:ba:ab:
e6:00:a7:72:06:b7:8f:06:45:44:b2:01:d3:a5:4b:
b8:e9:64:c0:fc:29:fd:18:9e:26:50:59:04:82:07:
27:eb:43:b0:ce:74:53:8a:62:92:a1:cc:78:50:20:
98:f9:34:1e:aa:f4:16:ad:e5:9e:7b:99:3e:46:ab:
3a:0f:22:b6:fe:80:3b:7c:33:a6:7e:4d:ad:52:b3:
c7:66:ad:96:77:0c:1e:cb:d3:00:5c:c4:96:ba:4b:
6a:b6:a5:88:bc:6a:3b:10:cb:f5:f3:02:87:e1:12:
a2:38:df:ee:e9:4b:e8:e1:e0:e8:f3:54:40:3d:67:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:73:84:DB:72:88:0F:E4:4D:2F:60:23:24:2E:85:B0:74:89:09:3C
X509v3 Authority Key Identifier:
keyid:C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/oHOE23KID-RNL2AjJC6FsHSJCTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/wI1zXzRsT8QqR5LOM4CKIhCoK7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.32.0/24
77.37.44.0/24
77.37.48.0/22
77.37.71.0/24
77.37.95.0/24
93.127.187.0/24
93.127.223.0/24
Signature Algorithm: sha256WithRSAEncryption
80:b6:af:c7:cb:be:f8:1f:d7:89:df:1e:d8:a4:9b:6d:4f:7e:
d0:1b:08:6b:36:27:e1:f6:f6:1f:6e:b4:ae:a8:5f:78:4c:d0:
8e:ac:c2:29:d9:3d:20:d1:e3:33:5c:43:6c:68:60:c7:b1:d1:
14:94:f7:da:40:3f:f5:2c:dc:b6:11:ef:53:5f:85:f7:fd:b7:
48:06:26:f2:dd:a7:ca:31:cf:87:1a:be:0c:57:0c:7f:ae:1d:
b8:29:04:ba:25:03:c1:a9:b5:8b:f4:8d:a8:69:1a:a4:04:4f:
3b:69:d7:61:f5:70:a2:07:fa:54:52:76:75:89:3f:ed:69:b5:
46:05:b8:40:f9:d9:d7:11:bb:53:5e:f7:8a:c9:ec:24:b2:e8:
ab:a5:90:b7:2f:3a:15:54:70:a9:4a:cb:6d:45:b2:78:84:93:
78:88:5a:8a:77:f0:77:6a:6b:83:98:34:83:92:fc:de:f4:f2:
94:8b:ce:25:99:fc:2f:1a:61:5b:ba:31:5c:b0:0a:d2:a8:0a:
4f:4a:19:c3:bc:de:be:83:92:f5:8e:81:33:45:62:8d:d8:3c:
d0:fe:f0:a3:e6:42:a6:3e:2c:85:43:55:75:a6:bd:da:a6:1f:
3e:91:77:df:db:51:d6:a6:8a:17:0b:9f:74:57:55:38:a2:26:
e9:c3:25:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYW3FzFNRXebvSuV+8uZyH8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOGQ3MzVmMzQ2YzRmYzQyYTQ3OTJjZTMzODA4YTIyMTBh
ODJiYjUwHhcNMjMwMTE1MjAyMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDczODRkYjcyODgwZmU0NGQyZjYwMjMyNDJlODViMDc0ODkwOTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJTefRaTrCmOO9O9VdwGAbHs5pf7
yiba9vZs6A01wo7EcYFe4YkgzZ65xcSjYuDCwKWuCGagDGLBWwb9YU2PWFuM/XTn
qC6VkUgQ37SmkGjWSjmqEP92Iau7DXNOoXWsGE9NQscaVD6DDzEcEjr+N2EQ87yE
YPwIJWD/JHKVB35BiIqquqvmAKdyBrePBkVEsgHTpUu46WTA/Cn9GJ4mUFkEggcn
60OwznRTimKSocx4UCCY+TQeqvQWreWee5k+Rqs6DyK2/oA7fDOmfk2tUrPHZq2W
dwwey9MAXMSWuktqtqWIvGo7EMv18wKH4RKiON/u6Uvo4eDo81RAPWcFmwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKBzhNtyiA/kTS9gIyQuhbB0iQk8MB8GA1UdIwQY
MBaAFMCNc180bE/EKkeSzjOAiiIQqCu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUt
YzNmMjU3ZWIyMGNjLzEvb0hPRTIzS0lELVJOTDJBakpDNkZzSFNKQ1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUtYzNmMjU3ZWIyMGNj
LzEvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATSUgAwQA
TSUsAwQCTSUwAwQATSVHAwQATSVfAwQAXX+7AwQAXX/fMA0GCSqGSIb3DQEBCwUA
A4IBAQCAtq/Hy774H9eJ3x7YpJttT37QGwhrNifh9vYfbrSuqF94TNCOrMIp2T0g
0eMzXENsaGDHsdEUlPfaQD/1LNy2Ee9TX4X3/bdIBiby3afKMc+HGr4MVwx/rh24
KQS6JQPBqbWL9I2oaRqkBE87addh9XCiB/pUUnZ1iT/tabVGBbhA+dnXEbtTXveK
yewksuirpZC3LzoVVHCpSsttRbJ4hJN4iFqKd/B3amuDmDSDkvze9PKUi84lmfwv
GmFbujFcsArSqApPShnDvN6+g5L1joEzRWKN2DzQ/vCj5kKmPiyFQ1V1pr3aph8+
kXff21HWpooXC590V1U4oibpwyVG
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:39 2025 by rpki-client