Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/ghs_2nhI69n-rkFuhZa1daNKbiU.roa
File: ghs_2nhI69n-rkFuhZa1daNKbiU.roa (raw, json)
Hash identifier: XbJjwdqyFFjNgekWxRiteXINphE+amEqzM8d15lsXx0=
Subject key identifier: 82:1B:3F:DA:78:48:EB:D9:FE:AE:41:6E:85:96:B5:75:A3:4A:6E:25
Certificate issuer: /CN=88796992df883be1bab2a52f45f5254ebb52b697
Certificate serial: 017024D5
Authority key identifier: 88:79:69:92:DF:88:3B:E1:BA:B2:A5:2F:45:F5:25:4E:BB:52:B6:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHlpkt-IO-G6sqUvRfUlTrtStpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/ghs_2nhI69n-rkFuhZa1daNKbiU.roa
Signing time: Sat 01 Jan 2022 16:05:20 +0000
ROA not before: Sat 01 Jan 2022 16:05:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212850
IP address blocks: 195.16.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24126677 (0x17024d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88796992df883be1bab2a52f45f5254ebb52b697
Validity
Not Before: Jan 1 16:05:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=821b3fda7848ebd9feae416e8596b575a34a6e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:41:a9:04:96:49:1a:38:38:a0:fe:15:91:
e6:1d:b7:7e:1d:05:45:86:da:8b:d4:d3:09:47:ef:
29:6c:c5:80:f2:4e:c7:51:4d:42:de:54:31:2d:6d:
56:f9:d8:20:9e:70:66:0f:0e:c9:5d:f7:9e:00:eb:
04:41:22:69:ac:8f:4e:39:76:ad:c5:57:d2:d3:c3:
91:d1:08:4b:0d:45:9f:a3:a7:99:74:12:6c:8e:3a:
8a:40:90:6e:a1:7a:4d:f2:a4:96:94:bc:5d:8f:f2:
fb:cb:a5:1e:83:c7:bc:5f:a7:c8:c2:37:93:b1:57:
04:18:bc:12:3c:75:46:77:34:d1:71:28:dc:fb:cd:
1d:4d:82:66:9b:d7:d3:95:3a:7d:cb:fb:ff:b1:aa:
f2:f2:5b:27:6d:c9:1d:eb:8e:1e:9c:a0:1a:3e:7a:
40:61:96:87:06:f0:91:06:2b:ed:0d:ea:3c:7e:66:
17:d2:43:f6:12:aa:9d:2f:64:fc:34:69:ef:a2:e5:
05:0a:ef:89:30:23:e8:3e:ff:1b:dc:c2:a6:a2:ac:
a3:44:43:bb:7c:4c:d0:25:10:d0:8a:c9:e2:02:bd:
4d:8b:c6:59:19:2e:99:4e:2f:b9:a4:a4:05:01:fc:
14:24:b1:7c:5d:69:83:a2:18:3b:c9:8f:06:e4:9c:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1B:3F:DA:78:48:EB:D9:FE:AE:41:6E:85:96:B5:75:A3:4A:6E:25
X509v3 Authority Key Identifier:
keyid:88:79:69:92:DF:88:3B:E1:BA:B2:A5:2F:45:F5:25:4E:BB:52:B6:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHlpkt-IO-G6sqUvRfUlTrtStpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/ghs_2nhI69n-rkFuhZa1daNKbiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/iHlpkt-IO-G6sqUvRfUlTrtStpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
54:23:2a:f8:dd:68:1d:48:78:7f:ab:71:60:6e:f3:7a:3c:30:
c8:26:b6:8e:5b:7d:82:21:a1:1d:63:42:a9:df:fa:1f:b0:96:
bf:5d:24:02:9a:1d:90:45:16:3c:ce:e3:ff:cc:d1:84:de:1d:
46:9a:28:06:cd:52:65:e5:2e:36:88:d3:ef:6f:d0:6a:dd:db:
0d:f6:35:37:a7:72:87:d2:95:f7:42:7f:ba:33:65:ea:02:16:
f9:89:80:96:98:03:fe:18:3a:f2:a2:b1:de:72:d3:76:15:54:
22:ff:32:37:6b:06:1c:7d:87:bf:f8:fc:6e:e0:54:d2:a2:5a:
f7:39:0e:aa:7e:0c:35:d4:2c:a4:67:c3:d0:5b:c0:91:b4:01:
d3:97:01:b0:84:c5:9b:ef:f1:a7:8f:0b:08:29:d2:90:34:be:
e2:58:d4:7b:a3:a6:38:03:f3:43:b8:42:91:c4:2a:80:89:f9:
e4:88:21:1b:50:7c:2c:14:ca:cb:88:81:2a:26:56:dc:25:93:
88:28:63:e5:99:fe:00:fa:8b:f8:ce:a8:4c:86:54:f3:42:9f:
af:2e:b1:23:42:a7:f8:3c:a7:c1:14:89:f2:f7:44:d6:7d:8c:
95:64:dd:ac:d5:a5:57:eb:f4:ac:c5:a9:fd:58:be:41:4e:24:
3c:a3:54:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXAk1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODc5Njk5MmRmODgzYmUxYmFiMmE1MmY0NWY1MjU0ZWJiNTJiNjk3MB4XDTIyMDEw
MTE2MDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIxYjNmZGE3ODQ4
ZWJkOWZlYWU0MTZlODU5NmI1NzVhMzRhNmUyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmvQakElkkaODig/hWR5h23fh0FRYbai9TTCUfvKWzFgPJO
x1FNQt5UMS1tVvnYIJ5wZg8OyV33ngDrBEEiaayPTjl2rcVX0tPDkdEISw1Fn6On
mXQSbI46ikCQbqF6TfKklpS8XY/y+8ulHoPHvF+nyMI3k7FXBBi8Ejx1Rnc00XEo
3PvNHU2CZpvX05U6fcv7/7Gq8vJbJ23JHeuOHpygGj56QGGWhwbwkQYr7Q3qPH5m
F9JD9hKqnS9k/DRp76LlBQrviTAj6D7/G9zCpqKso0RDu3xM0CUQ0IrJ4gK9TYvG
WRkumU4vuaSkBQH8FCSxfF1pg6IYO8mPBuSc1HUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSCGz/aeEjr2f6uQW6FlrV1o0puJTAfBgNVHSMEGDAWgBSIeWmS34g74bqy
pS9F9SVOu1K2lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lIbHBrdC1JTy1HNnNxVXZSZlVsVHJ0U3RwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvN2UwNzBlLTc5MzAtNDNjOC1hNjZkLTIxNWMzZDhmODkxNC8x
L2doc18ybmhJNjluLXJrRnVoWmExZGFOS2JpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
N2UwNzBlLTc5MzAtNDNjOC1hNjZkLTIxNWMzZDhmODkxNC8xL2lIbHBrdC1JTy1H
NnNxVXZSZlVsVHJ0U3RwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMQSjANBgkqhkiG9w0BAQsFAAOC
AQEAVCMq+N1oHUh4f6txYG7zejwwyCa2jlt9giGhHWNCqd/6H7CWv10kApodkEUW
PM7j/8zRhN4dRpooBs1SZeUuNojT72/Qat3bDfY1N6dyh9KV90J/ujNl6gIW+YmA
lpgD/hg68qKx3nLTdhVUIv8yN2sGHH2Hv/j8buBU0qJa9zkOqn4MNdQspGfD0FvA
kbQB05cBsITFm+/xp48LCCnSkDS+4ljUe6OmOAPzQ7hCkcQqgIn55IghG1B8LBTK
y4iBKiZW3CWTiChj5Zn+APqL+M6oTIZU80Kfry6xI0Kn+DynwRSJ8vdE1n2MlWTd
rNWlV+v0rMWp/Vi+QU4kPKNUTQ==
-----END CERTIFICATE-----
Generated at Wed May 7 18:13:58 2025 by rpki-client