Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/OJH-3bY7Jey_mmpYXzYEewikSRw.roa
File: OJH-3bY7Jey_mmpYXzYEewikSRw.roa (raw, json)
Hash identifier: QWW0B/GAEpshetNaEGEwKmz4qiBbm/sCm0lolDcM+Gk=
Subject key identifier: 38:91:FE:DD:B6:3B:25:EC:BF:9A:6A:58:5F:36:04:7B:08:A4:49:1C
Certificate issuer: /CN=5643415c22e141972c0d7e76c24e88b22427b024
Certificate serial: 019427B69ABB3C7D78733AF4444C614E76C1
Authority key identifier: 56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/OJH-3bY7Jey_mmpYXzYEewikSRw.roa
Signing time: Thu 02 Jan 2025 15:51:06 +0000
ROA not before: Thu 02 Jan 2025 15:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 185.28.52.0/22 maxlen: 24
195.96.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:9a:bb:3c:7d:78:73:3a:f4:44:4c:61:4e:76:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5643415c22e141972c0d7e76c24e88b22427b024
Validity
Not Before: Jan 2 15:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3891feddb63b25ecbf9a6a585f36047b08a4491c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:b0:98:47:1d:96:c8:0a:3e:a6:44:bb:5b:
ec:1a:64:36:ba:aa:27:98:2c:8a:07:d3:ea:f8:8e:
21:c3:37:72:ab:46:8a:64:ca:74:cf:a9:08:e4:28:
01:83:53:ac:d7:1e:bc:f2:e6:20:73:a1:f7:fc:55:
cd:66:00:6d:23:81:2b:f0:4e:ce:31:02:18:99:b7:
5c:10:1d:c4:f1:1f:ac:76:be:c4:bb:11:0f:fe:97:
dd:bb:be:d4:e4:71:d7:71:9c:b1:f1:be:7a:50:6b:
38:18:bf:e3:78:2c:da:ae:2a:fb:ca:19:fe:1a:f3:
86:79:e8:12:37:28:16:b3:20:26:29:cd:2b:45:a2:
11:39:49:23:af:2b:2c:f5:ca:1a:e4:40:05:f4:fc:
fd:ea:74:d0:f2:86:7c:17:9c:86:42:b5:0c:6b:ef:
1d:8d:e0:26:bc:71:92:ac:6f:48:f6:35:0d:3b:67:
bf:c7:f1:d3:0b:5e:02:75:14:3d:97:2e:b0:48:0d:
dc:29:53:7f:93:ca:be:7e:4a:ae:bd:6e:75:eb:66:
09:7e:cc:2d:3f:c5:55:b6:e2:fb:ea:05:0d:b8:a9:
30:2f:58:b6:f3:52:1f:16:04:c0:6f:5a:1a:a9:b7:
e3:d5:12:7c:8b:21:71:89:42:5a:38:69:46:76:41:
d9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:91:FE:DD:B6:3B:25:EC:BF:9A:6A:58:5F:36:04:7B:08:A4:49:1C
X509v3 Authority Key Identifier:
keyid:56:43:41:5C:22:E1:41:97:2C:0D:7E:76:C2:4E:88:B2:24:27:B0:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkNBXCLhQZcsDX52wk6IsiQnsCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/OJH-3bY7Jey_mmpYXzYEewikSRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c74a-e3b2-4e09-867c-f9967c3ad3e4/1/VkNBXCLhQZcsDX52wk6IsiQnsCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.52.0/22
195.96.192.0/19
Signature Algorithm: sha256WithRSAEncryption
67:a5:71:40:70:0c:96:57:b6:92:c0:db:1a:28:85:5d:0d:06:
e7:c5:9d:45:9b:81:a5:30:d6:17:a1:66:db:53:d3:3e:bc:41:
e1:8d:3a:de:be:b0:2b:2d:bb:91:29:ae:86:c3:6a:0d:e9:62:
84:fa:5f:db:2a:a8:b1:b7:f9:b3:91:5a:41:5d:21:f2:37:8f:
e3:6a:22:dc:14:8d:e5:2a:b6:6c:6d:26:6e:e4:4b:b5:f5:69:
ba:2c:17:a4:3c:b4:4a:52:56:7f:e6:46:f1:49:32:a4:a0:cb:
27:2e:8e:64:3e:bf:9a:55:a7:68:e5:49:0b:33:f2:5b:fe:b9:
e0:42:05:2b:c3:f8:e1:bd:bc:c8:78:43:51:c4:c4:09:03:cf:
f0:58:02:fa:92:40:a8:b9:98:b3:5f:51:be:f3:f1:9f:06:b8:
c9:18:e0:c6:6b:ed:f4:17:66:36:e0:44:9d:17:34:7d:82:03:
d1:44:8f:1f:72:6f:03:45:9e:a1:b9:6d:fb:3d:c1:96:28:9a:
b2:db:ff:66:a8:d6:58:f4:9e:be:a5:be:0b:3a:1c:86:4f:c7:
8f:d3:c1:ad:21:81:cb:99:4c:5c:e7:5e:6d:99:e1:e8:94:ce:
02:9c:59:f7:bf:53:a0:a7:3b:89:f6:55:b0:d2:07:ef:e0:24:
1d:8f:e6:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntpq7PH14czr0RExhTnbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NDM0MTVjMjJlMTQxOTcyYzBkN2U3NmMyNGU4OGIyMjQy
N2IwMjQwHhcNMjUwMTAyMTU1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODkxZmVkZGI2M2IyNWVjYmY5YTZhNTg1ZjM2MDQ3YjA4YTQ0OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdOwmEcdlsgKPqZEu1vsGmQ2uqon
mCyKB9Pq+I4hwzdyq0aKZMp0z6kI5CgBg1Os1x688uYgc6H3/FXNZgBtI4Er8E7O
MQIYmbdcEB3E8R+sdr7EuxEP/pfdu77U5HHXcZyx8b56UGs4GL/jeCzarir7yhn+
GvOGeegSNygWsyAmKc0rRaIROUkjryss9coa5EAF9Pz96nTQ8oZ8F5yGQrUMa+8d
jeAmvHGSrG9I9jUNO2e/x/HTC14CdRQ9ly6wSA3cKVN/k8q+fkquvW5162YJfswt
P8VVtuL76gUNuKkwL1i281IfFgTAb1oaqbfj1RJ8iyFxiUJaOGlGdkHZfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDiR/t22OyXsv5pqWF82BHsIpEkcMB8GA1UdIwQY
MBaAFFZDQVwi4UGXLA1+dsJOiLIkJ7AkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2Mt
Zjk5NjdjM2FkM2U0LzEvT0pILTNiWTdKZXlfbW1wWVh6WUVld2lrU1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNGM3NGEtZTNiMi00ZTA5LTg2N2MtZjk5NjdjM2FkM2U0
LzEvVmtOQlhDTGhRWmNzRFg1MndrNklzaVFuc0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRw0AwQF
w2DAMA0GCSqGSIb3DQEBCwUAA4IBAQBnpXFAcAyWV7aSwNsaKIVdDQbnxZ1Fm4Gl
MNYXoWbbU9M+vEHhjTrevrArLbuRKa6Gw2oN6WKE+l/bKqixt/mzkVpBXSHyN4/j
aiLcFI3lKrZsbSZu5Eu19Wm6LBekPLRKUlZ/5kbxSTKkoMsnLo5kPr+aVado5UkL
M/Jb/rngQgUrw/jhvbzIeENRxMQJA8/wWAL6kkCouZizX1G+8/GfBrjJGODGa+30
F2Y24ESdFzR9ggPRRI8fcm8DRZ6huW37PcGWKJqy2/9mqNZY9J6+pb4LOhyGT8eP
08GtIYHLmUxc515tmeHolM4CnFn3v1OgpzuJ9lWw0gfv4CQdj+a8
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:40:50 2025 by rpki-client