Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Ol66WOHM5O0qZSOG9y7yOIgJsCo.roa
File: Ol66WOHM5O0qZSOG9y7yOIgJsCo.roa (raw, json)
Hash identifier: tBXkTjKhKw+qp8WtoR3ZkzeeWQpNfDqudYVdDHWc62c=
Subject key identifier: 3A:5E:BA:58:E1:CC:E4:ED:2A:65:23:86:F7:2E:F2:38:88:09:B0:2A
Certificate issuer: /CN=8ab606cea79b5abe81683a63379b39289b2cab93
Certificate serial: 0194228D7A461B562081D067E3F2E6D05402
Authority key identifier: 8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Ol66WOHM5O0qZSOG9y7yOIgJsCo.roa
Signing time: Wed 01 Jan 2025 15:48:04 +0000
ROA not before: Wed 01 Jan 2025 15:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 185.162.56.0/22 maxlen: 22
2a0a:8000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7a:46:1b:56:20:81:d0:67:e3:f2:e6:d0:54:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab606cea79b5abe81683a63379b39289b2cab93
Validity
Not Before: Jan 1 15:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5eba58e1cce4ed2a652386f72ef2388809b02a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c6:13:99:61:32:44:38:dc:be:3f:c5:78:70:
11:35:65:50:0a:ea:4b:cd:88:f3:76:5e:e4:45:74:
6c:ac:de:4e:62:7f:11:0a:4f:b1:53:b9:73:d6:8e:
b7:b0:80:ff:2d:7a:47:fb:35:6f:78:65:ea:8d:5a:
26:fe:fa:e7:cc:04:d4:28:d9:c8:90:b2:4d:67:1b:
3b:f9:7e:40:8f:16:eb:d1:8e:fd:d4:d7:d0:e6:51:
8b:39:8b:90:bd:34:2e:39:fd:e9:48:ee:6d:9d:6c:
aa:de:6a:c1:5f:ed:7d:49:b7:3d:e2:52:a5:22:e3:
5a:1d:b5:be:73:5f:40:f2:f8:68:48:44:1e:60:4b:
7b:35:52:cf:ae:c5:b3:63:1d:d0:50:0c:86:e5:6e:
69:1d:11:61:5f:a3:cf:6e:26:8e:4b:f5:7c:a4:34:
ea:12:00:5c:d1:c2:07:e9:e1:be:b1:f3:5a:40:4f:
b1:4f:69:5d:f6:84:88:47:fe:c7:e9:71:e3:50:ed:
f9:5b:6f:26:c5:6a:27:81:92:d7:97:b5:7e:0b:4d:
01:f6:9b:3d:ba:f4:26:7e:17:11:4b:27:dd:27:8d:
ac:6c:80:a6:de:6b:4e:4f:1f:1d:b4:36:c8:1b:4a:
e5:eb:b7:b6:af:60:1c:53:55:e4:0c:b0:e1:c3:b4:
c7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5E:BA:58:E1:CC:E4:ED:2A:65:23:86:F7:2E:F2:38:88:09:B0:2A
X509v3 Authority Key Identifier:
keyid:8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Ol66WOHM5O0qZSOG9y7yOIgJsCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/irYGzqebWr6BaDpjN5s5KJssq5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.56.0/22
IPv6:
2a0a:8000::/29
Signature Algorithm: sha256WithRSAEncryption
72:a9:28:d9:2b:91:7f:b3:b9:7d:78:ba:d4:aa:b3:fb:0f:46:
9f:a1:75:01:76:60:fe:9d:bd:be:50:31:4e:24:34:9d:18:c9:
05:35:58:7c:82:73:0e:e4:c2:bb:db:eb:38:4a:57:67:62:7b:
91:c8:8f:8a:a3:97:b1:d3:b9:75:3e:b4:44:1a:55:5d:03:e5:
2b:6b:97:75:89:a0:d5:65:13:78:52:a9:b1:00:60:4d:b2:7b:
67:09:79:b8:35:42:ae:b9:10:67:7e:b9:56:6a:40:d9:97:d5:
5d:55:45:bc:ac:49:c1:89:88:d2:22:b0:c1:ef:93:43:41:02:
af:1b:37:b7:60:d3:3b:72:86:f4:e0:da:90:7c:7e:2b:59:82:
1a:0e:1a:d2:a7:16:9a:84:26:b1:78:1a:3a:d9:ea:27:d7:67:
29:66:82:9a:c1:53:17:51:a3:4a:b1:f1:d0:3d:b0:d8:8b:cd:
1a:22:3f:6e:3b:df:8b:1a:40:7b:76:73:58:04:58:b6:84:e2:
a9:b2:08:4d:30:03:22:96:d2:89:ac:d9:5d:bf:5f:74:3b:cf:
10:88:65:c2:74:23:e5:eb:34:f6:02:9e:3c:14:3c:95:0b:14:
6e:71:b9:3c:5f:cc:92:c8:ce:a1:42:83:1c:df:29:b2:49:df:
b0:5a:39:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijXpGG1YggdBn4/Lm0FQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjYwNmNlYTc5YjVhYmU4MTY4M2E2MzM3OWIzOTI4OWIy
Y2FiOTMwHhcNMjUwMTAxMTU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVlYmE1OGUxY2NlNGVkMmE2NTIzODZmNzJlZjIzODg4MDliMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cYTmWEyRDjcvj/FeHARNWVQCupL
zYjzdl7kRXRsrN5OYn8RCk+xU7lz1o63sID/LXpH+zVveGXqjVom/vrnzATUKNnI
kLJNZxs7+X5Ajxbr0Y791NfQ5lGLOYuQvTQuOf3pSO5tnWyq3mrBX+19Sbc94lKl
IuNaHbW+c19A8vhoSEQeYEt7NVLPrsWzYx3QUAyG5W5pHRFhX6PPbiaOS/V8pDTq
EgBc0cIH6eG+sfNaQE+xT2ld9oSIR/7H6XHjUO35W28mxWongZLXl7V+C00B9ps9
uvQmfhcRSyfdJ42sbICm3mtOTx8dtDbIG0rl67e2r2AcU1XkDLDhw7TH0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDpeuljhzOTtKmUjhvcu8jiICbAqMB8GA1UdIwQY
MBaAFIq2Bs6nm1q+gWg6YzebOSibLKuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMt
ODg4YzA3ZjIxNTNmLzEvT2w2NldPSE01TzBxWlNPRzl5N3lPSWdKc0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMtODg4YzA3ZjIxNTNm
LzEvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaI4MA0E
AgACMAcDBQMqCoAAMA0GCSqGSIb3DQEBCwUAA4IBAQByqSjZK5F/s7l9eLrUqrP7
D0afoXUBdmD+nb2+UDFOJDSdGMkFNVh8gnMO5MK72+s4SldnYnuRyI+Ko5ex07l1
PrREGlVdA+Ura5d1iaDVZRN4UqmxAGBNsntnCXm4NUKuuRBnfrlWakDZl9VdVUW8
rEnBiYjSIrDB75NDQQKvGze3YNM7cob04NqQfH4rWYIaDhrSpxaahCaxeBo62eon
12cpZoKawVMXUaNKsfHQPbDYi80aIj9uO9+LGkB7dnNYBFi2hOKpsghNMAMiltKJ
rNldv190O88QiGXCdCPl6zT2Ap48FDyVCxRucbk8X8ySyM6hQoMc3ymySd+wWjku
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:41:40 2025 by rpki-client