Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/OHPK5224ms-GF1aJCPsDsb357QY.roa
File: OHPK5224ms-GF1aJCPsDsb357QY.roa (raw, json)
Hash identifier: Zr3j7tjk6Qy3/rJEuO/M9v8x8pQYbNlF5/AmsRT9r0o=
Subject key identifier: 38:73:CA:E7:6D:B8:9A:CF:86:17:56:89:08:FB:03:B1:BD:F9:ED:06
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369CA9FDDB6885BF00B055D7831CDC0
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/OHPK5224ms-GF1aJCPsDsb357QY.roa
Signing time: Wed 01 Jan 2025 19:48:43 +0000
ROA not before: Wed 01 Jan 2025 19:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ca:9f:dd:b6:88:5b:f0:0b:05:5d:78:31:cd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3873cae76db89acf8617568908fb03b1bdf9ed06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:47:c1:5e:6c:98:4c:d8:7d:ff:b1:f2:40:6d:
94:fe:fa:6a:c3:7f:78:64:e1:47:87:ac:da:74:40:
a5:d3:4f:17:4d:03:0c:b4:23:a2:55:e6:e2:73:9d:
fa:4a:7d:0e:bf:47:e9:f1:48:fe:ae:f5:d6:f1:d6:
47:be:45:9e:22:c3:3d:d5:49:bf:d9:e5:f1:5a:6b:
e8:2a:d9:22:25:c9:66:bf:64:72:6e:c0:fd:10:26:
25:e5:b7:d1:8f:9d:6a:0c:02:d5:cb:4b:43:1a:43:
fe:e4:50:7f:5c:89:9b:d5:70:cb:45:a1:7f:5b:22:
89:be:70:6c:4a:c3:c0:8a:01:27:d8:2d:5b:89:67:
ea:79:f1:17:dc:d3:a1:81:55:90:2c:bc:2d:c8:25:
3e:fb:6a:ac:18:51:0d:46:f4:95:2a:89:8e:2f:0f:
a5:d4:45:34:a5:db:ed:f2:a6:b1:30:76:81:2a:d0:
79:84:ac:8b:be:24:d1:73:47:98:28:a1:f1:4a:44:
48:3e:8e:dc:8f:9b:64:1c:a1:70:7a:91:a5:d0:ec:
c4:7b:54:d7:bf:3e:c6:14:16:7a:f4:67:45:ef:54:
49:91:1e:33:73:6e:6d:c5:a1:e9:65:83:72:de:ab:
f1:13:18:45:64:2f:b3:f4:0a:62:bf:e0:f1:33:df:
55:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:73:CA:E7:6D:B8:9A:CF:86:17:56:89:08:FB:03:B1:BD:F9:ED:06
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/OHPK5224ms-GF1aJCPsDsb357QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:b2:37:34:d2:ea:85:ab:f7:5c:67:c1:56:f1:86:54:0f:19:
37:f4:7c:19:c2:4a:02:dd:95:3e:87:05:67:2d:b5:3f:6c:ef:
2d:24:60:1e:a8:c0:ce:1c:96:c1:23:80:33:11:e9:38:fa:f7:
af:5f:35:6d:f8:94:d4:70:4f:9d:f2:a4:8f:df:fe:4b:df:51:
be:71:10:0c:e4:2a:e3:f3:e0:4f:c8:a7:20:10:96:2b:ce:c5:
bd:36:7b:4b:2d:8b:16:c6:b7:4d:77:34:ea:ee:36:be:d2:b8:
f7:24:f4:99:7d:ef:55:33:dd:25:be:da:fc:87:1b:67:2e:c9:
30:33:2d:b6:4a:77:34:85:4c:de:ff:f6:09:1f:94:c4:83:bb:
07:26:cb:49:6f:2a:4d:4f:62:9a:ed:f5:d5:32:77:79:4b:c0:
0b:62:33:ee:5a:68:eb:1e:c8:93:4c:42:f9:7a:e3:98:13:a6:
7b:5e:c3:69:c8:2c:37:ec:a8:1b:a8:36:12:2a:cb:85:c6:7b:
19:00:31:e6:73:49:f2:b1:6f:27:f4:a2:0e:ec:5d:79:41:1e:
a6:d2:8d:40:65:8c:12:0f:1d:18:56:d8:03:12:73:7c:cc:29:
3a:c5:3f:e7:d3:d4:0a:da:bd:67:c4:04:76:58:12:11:4a:7f:
b2:fb:3b:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjacqf3baIW/ALBV14Mc3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODczY2FlNzZkYjg5YWNmODYxNzU2ODkwOGZiMDNiMWJkZjllZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEfBXmyYTNh9/7HyQG2U/vpqw394
ZOFHh6zadECl008XTQMMtCOiVebic536Sn0Ov0fp8Uj+rvXW8dZHvkWeIsM91Um/
2eXxWmvoKtkiJclmv2RybsD9ECYl5bfRj51qDALVy0tDGkP+5FB/XImb1XDLRaF/
WyKJvnBsSsPAigEn2C1biWfqefEX3NOhgVWQLLwtyCU++2qsGFENRvSVKomOLw+l
1EU0pdvt8qaxMHaBKtB5hKyLviTRc0eYKKHxSkRIPo7cj5tkHKFwepGl0OzEe1TX
vz7GFBZ69GdF71RJkR4zc25txaHpZYNy3qvxExhFZC+z9Apiv+DxM99VpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDhzyudtuJrPhhdWiQj7A7G9+e0GMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvT0hQSzUyMjRtcy1HRjFhSkNQc0RzYjM1N1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCqj5gAwQA
qj5lAwQAqj5pAwQAqj5tMA0GCSqGSIb3DQEBCwUAA4IBAQC/sjc00uqFq/dcZ8FW
8YZUDxk39HwZwkoC3ZU+hwVnLbU/bO8tJGAeqMDOHJbBI4AzEek4+vevXzVt+JTU
cE+d8qSP3/5L31G+cRAM5Crj8+BPyKcgEJYrzsW9NntLLYsWxrdNdzTq7ja+0rj3
JPSZfe9VM90lvtr8hxtnLskwMy22Snc0hUze//YJH5TEg7sHJstJbypNT2Ka7fXV
Mnd5S8ALYjPuWmjrHsiTTEL5euOYE6Z7XsNpyCw37KgbqDYSKsuFxnsZADHmc0ny
sW8n9KIO7F15QR6m0o1AZYwSDx0YVtgDEnN8zCk6xT/n09QK2r1nxAR2WBIRSn+y
+zv/
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:04:13 2025 by rpki-client