Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/566246-ca2a-411b-aaf2-c682184d704d/1/kOhrGOFiHCQXDK7SqjPEybS0hcw.roa
File: kOhrGOFiHCQXDK7SqjPEybS0hcw.roa (raw, json)
Hash identifier: ybpwH1QupQRJQ6+PK49HntOhSn/3Y1wfK/QgMWHmniQ=
Subject key identifier: 90:E8:6B:18:E1:62:1C:24:17:0C:AE:D2:AA:33:C4:C9:B4:B4:85:CC
Certificate issuer: /CN=7c722f85b31e765d8f77b692b5d2a84c111d805d
Certificate serial: 019427486B5292B8B10F0A452E3B22273D47
Authority key identifier: 7C:72:2F:85:B3:1E:76:5D:8F:77:B6:92:B5:D2:A8:4C:11:1D:80:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fHIvhbMedl2Pd7aStdKoTBEdgF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/566246-ca2a-411b-aaf2-c682184d704d/1/kOhrGOFiHCQXDK7SqjPEybS0hcw.roa
Signing time: Thu 02 Jan 2025 13:50:45 +0000
ROA not before: Thu 02 Jan 2025 13:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50673
IP address blocks: 84.246.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:6b:52:92:b8:b1:0f:0a:45:2e:3b:22:27:3d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c722f85b31e765d8f77b692b5d2a84c111d805d
Validity
Not Before: Jan 2 13:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90e86b18e1621c24170caed2aa33c4c9b4b485cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:44:d6:24:68:93:03:50:0e:e0:d0:99:6f:
6f:6f:99:a8:8d:22:99:fc:ac:12:d2:ab:3f:5f:96:
fd:50:39:de:fa:03:dd:3f:92:00:8a:3d:bf:82:e6:
9a:57:41:d6:d5:07:6e:c4:38:7f:73:eb:dd:b3:c0:
91:4b:24:8e:13:72:7b:92:ed:90:af:e1:43:a3:81:
aa:3c:b1:2a:92:2f:0d:fe:06:9e:2f:7f:ee:e2:46:
82:56:ee:05:15:bf:da:0b:77:8f:72:d7:5e:28:47:
2d:79:e1:44:e2:eb:24:b0:4f:23:ad:5c:74:14:ae:
11:8b:de:55:d9:23:42:79:bf:77:4d:8f:2a:3e:a2:
4b:3d:3f:83:6e:ae:0e:8f:0a:c6:de:c4:57:6f:65:
5c:80:75:3f:61:f9:72:7b:e3:cb:e8:42:42:d2:90:
cf:07:74:99:da:ad:a1:85:59:a7:5f:fa:6d:1a:a6:
a1:c0:c2:e2:89:ab:c5:03:a5:8c:66:a3:e9:2c:dc:
99:6b:a8:a5:f9:a6:47:ec:a8:2b:40:b2:0e:76:dc:
d7:d1:47:1d:3e:f0:7c:c6:0b:35:93:e0:ac:4b:ee:
9a:de:50:ca:20:7f:3b:6b:84:a9:0c:24:48:92:48:
bd:9a:bd:1c:07:25:6a:53:8d:c2:ef:6b:f9:9c:3a:
00:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E8:6B:18:E1:62:1C:24:17:0C:AE:D2:AA:33:C4:C9:B4:B4:85:CC
X509v3 Authority Key Identifier:
keyid:7C:72:2F:85:B3:1E:76:5D:8F:77:B6:92:B5:D2:A8:4C:11:1D:80:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fHIvhbMedl2Pd7aStdKoTBEdgF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/566246-ca2a-411b-aaf2-c682184d704d/1/kOhrGOFiHCQXDK7SqjPEybS0hcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/566246-ca2a-411b-aaf2-c682184d704d/1/fHIvhbMedl2Pd7aStdKoTBEdgF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.80.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:85:4a:e8:96:70:b9:ea:76:d8:23:46:47:d4:e6:87:41:f2:
09:28:97:1d:80:56:c2:82:3b:e2:ce:74:8d:cb:e0:52:33:53:
5d:08:c5:e1:fb:2d:d7:c9:6d:b1:d5:07:e7:63:c6:e2:31:cf:
b0:a1:e8:cd:d8:1a:4f:95:d1:0d:80:1c:20:dc:e4:ea:dd:cf:
96:f2:ad:e9:ae:42:1e:89:29:2e:92:40:73:5e:1f:e4:90:18:
6f:0c:6e:d4:f8:7b:bb:75:21:61:23:56:b2:17:c1:0f:4d:ec:
a1:3b:1e:75:ff:7e:73:b5:f2:07:4d:5c:0a:c6:c4:fe:8c:c9:
ab:ff:35:75:36:29:26:11:d9:70:57:e7:04:02:c6:55:93:16:
38:08:20:60:21:b0:e2:a4:7a:ae:c8:3b:83:04:2f:ba:b3:47:
87:fc:f1:83:27:e4:ba:df:eb:8d:d1:4b:d5:06:7b:f2:0a:a9:
dd:7b:ef:76:37:77:2a:1d:ed:57:18:ac:d0:2c:d5:8f:45:1e:
ac:48:15:a9:66:19:f1:12:95:a0:69:2f:46:9b:a2:13:72:a9:
9e:92:39:50:83:5f:c6:a8:9f:e9:1b:a2:0e:63:84:b2:a5:de:
78:ed:8f:6d:17:05:23:05:a5:42:4a:31:3a:19:52:7a:61:59:
bf:d1:a3:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSGtSkrixDwpFLjsiJz1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNzIyZjg1YjMxZTc2NWQ4Zjc3YjY5MmI1ZDJhODRjMTEx
ZDgwNWQwHhcNMjUwMTAyMTM1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU4NmIxOGUxNjIxYzI0MTcwY2FlZDJhYTMzYzRjOWI0YjQ4NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyNE1iRokwNQDuDQmW9vb5mojSKZ
/KwS0qs/X5b9UDne+gPdP5IAij2/guaaV0HW1QduxDh/c+vds8CRSySOE3J7ku2Q
r+FDo4GqPLEqki8N/gaeL3/u4kaCVu4FFb/aC3ePctdeKEcteeFE4usksE8jrVx0
FK4Ri95V2SNCeb93TY8qPqJLPT+Dbq4OjwrG3sRXb2VcgHU/Yflye+PL6EJC0pDP
B3SZ2q2hhVmnX/ptGqahwMLiiavFA6WMZqPpLNyZa6il+aZH7KgrQLIOdtzX0Ucd
PvB8xgs1k+CsS+6a3lDKIH87a4SpDCRIkki9mr0cByVqU43C72v5nDoAqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDoaxjhYhwkFwyu0qozxMm0tIXMMB8GA1UdIwQY
MBaAFHxyL4WzHnZdj3e2krXSqEwRHYBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkhJdmhiTWVkbDJQZDdhU3RkS29UQkVkZ0YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81NjYyNDYtY2EyYS00MTFiLWFhZjIt
YzY4MjE4NGQ3MDRkLzEva09ockdPRmlIQ1FYREs3U3FqUEV5YlMwaGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi81NjYyNDYtY2EyYS00MTFiLWFhZjItYzY4MjE4NGQ3MDRk
LzEvZkhJdmhiTWVkbDJQZDdhU3RkS29UQkVkZ0YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPZQMA0G
CSqGSIb3DQEBCwUAA4IBAQAfhUrolnC56nbYI0ZH1OaHQfIJKJcdgFbCgjviznSN
y+BSM1NdCMXh+y3XyW2x1QfnY8biMc+woejN2BpPldENgBwg3OTq3c+W8q3prkIe
iSkukkBzXh/kkBhvDG7U+Hu7dSFhI1ayF8EPTeyhOx51/35ztfIHTVwKxsT+jMmr
/zV1NikmEdlwV+cEAsZVkxY4CCBgIbDipHquyDuDBC+6s0eH/PGDJ+S63+uN0UvV
BnvyCqnde+92N3cqHe1XGKzQLNWPRR6sSBWpZhnxEpWgaS9Gm6ITcqmekjlQg1/G
qJ/pG6IOY4Sypd547Y9tFwUjBaVCSjE6GVJ6YVm/0aMh
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:25 2025 by rpki-client