Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2f45ae-75c0-439c-a311-671d68188688/1/ohEC152Hca1Ntq7nlqBdCdwaSRY.roa
File: ohEC152Hca1Ntq7nlqBdCdwaSRY.roa (raw, json)
Hash identifier: 6I66H5Yi7FovibHLFZRxrabwWnIKD8LHhYRvvFOUxww=
Subject key identifier: A2:11:02:D7:9D:87:71:AD:4D:B6:AE:E7:96:A0:5D:09:DC:1A:49:16
Certificate issuer: /CN=b7601d7cc820dc71915ea930673ef47f241a71c8
Certificate serial: 01941FFA9F4D839564C84A24A8CB2100765A
Authority key identifier: B7:60:1D:7C:C8:20:DC:71:91:5E:A9:30:67:3E:F4:7F:24:1A:71:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t2AdfMgg3HGRXqkwZz70fyQaccg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/2f45ae-75c0-439c-a311-671d68188688/1/ohEC152Hca1Ntq7nlqBdCdwaSRY.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30840
IP address blocks: 193.23.156.0/24 maxlen: 24
193.202.120.0/24 maxlen: 24
195.191.118.0/24 maxlen: 24
195.191.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9f:4d:83:95:64:c8:4a:24:a8:cb:21:00:76:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7601d7cc820dc71915ea930673ef47f241a71c8
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a21102d79d8771ad4db6aee796a05d09dc1a4916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:9d:cd:5f:ae:c2:28:5e:f6:7c:2f:73:3f:
9a:aa:e1:89:7a:f5:de:a6:74:a8:da:21:cf:9b:ef:
27:d6:b6:5f:8b:3b:25:fa:20:04:65:a2:fd:d7:0a:
f7:ce:ed:c9:28:b6:0d:e0:fb:9f:15:b3:95:5c:84:
de:d5:ce:73:67:0a:95:76:4c:8f:d1:98:d5:26:e7:
6a:65:a5:2b:03:db:d8:cc:98:9e:63:ea:43:14:39:
ba:38:c6:73:a2:9c:a0:71:ac:d1:05:3e:1b:36:55:
73:f6:7e:f6:71:83:29:ee:b7:7d:9a:3b:1f:ba:3b:
21:5d:37:e3:dc:92:6d:59:d6:23:37:02:a2:ed:e6:
a3:86:39:d2:b0:1a:07:b0:c0:6c:ea:f0:a9:13:40:
c5:81:ba:5d:ae:ed:03:80:7a:31:80:83:49:50:4e:
0e:36:4a:e2:62:b4:19:e2:46:e8:70:82:5b:e0:ac:
4d:8b:82:a8:82:76:70:f1:ef:3a:17:b4:e9:e2:0f:
0f:25:15:f6:50:fb:44:f9:65:5e:01:75:5a:13:15:
ba:f3:02:bf:ff:ae:f0:2f:0b:b8:de:90:43:e5:16:
5b:7e:f3:62:5e:a5:13:d6:00:d5:f6:b4:e2:0d:6a:
9e:be:0e:8f:97:ec:8a:1c:87:8c:7d:33:e2:54:07:
78:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:11:02:D7:9D:87:71:AD:4D:B6:AE:E7:96:A0:5D:09:DC:1A:49:16
X509v3 Authority Key Identifier:
keyid:B7:60:1D:7C:C8:20:DC:71:91:5E:A9:30:67:3E:F4:7F:24:1A:71:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t2AdfMgg3HGRXqkwZz70fyQaccg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2f45ae-75c0-439c-a311-671d68188688/1/ohEC152Hca1Ntq7nlqBdCdwaSRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2f45ae-75c0-439c-a311-671d68188688/1/t2AdfMgg3HGRXqkwZz70fyQaccg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.156.0/24
193.202.120.0/24
195.191.118.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:11:14:53:85:32:ff:96:0c:8b:ee:8a:12:80:7d:86:0b:30:
65:8d:45:51:a1:62:b1:d7:88:b1:ce:39:7b:5f:9c:33:f9:7c:
48:65:b5:3f:ab:a3:30:13:06:69:32:d3:4a:49:94:6e:12:6c:
d6:38:97:54:1b:1e:1f:25:0d:c5:bc:38:78:5b:31:19:a4:56:
e9:7e:3d:67:9e:a3:6f:a8:39:bf:da:fe:e2:9c:f5:de:de:88:
18:99:db:fd:be:f6:55:d8:a5:26:91:c7:e7:b7:29:e0:14:05:
94:f9:7f:05:30:60:f8:c5:f8:bf:fa:85:1c:7e:d6:27:f5:fc:
a1:62:21:e7:f0:44:b7:ca:33:b4:68:cc:99:8b:e2:3f:50:e8:
9c:17:7d:84:e7:e4:0e:2f:b3:e8:6d:30:19:7c:79:f6:0a:53:
e2:33:82:86:f3:21:7d:e5:45:79:9d:ae:8a:68:79:8c:d4:e2:
19:25:85:3d:19:79:85:7d:0e:45:bc:81:76:94:ba:36:d9:52:
ac:56:a7:80:5e:b0:8b:d5:3d:8b:04:c3:b4:3e:91:21:b1:cf:
a1:bd:91:2f:71:1e:3e:be:09:87:ce:fc:22:a0:10:b4:c9:1a:
73:0c:5d:a5:15:c1:ac:73:df:1b:ec:0a:8b:ba:53:56:b4:0e:
b8:9b:7e:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+p9Ng5VkyEokqMshAHZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NjAxZDdjYzgyMGRjNzE5MTVlYTkzMDY3M2VmNDdmMjQx
YTcxYzgwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjExMDJkNzlkODc3MWFkNGRiNmFlZTc5NmEwNWQwOWRjMWE0OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7adzV+uwihe9nwvcz+aquGJevXe
pnSo2iHPm+8n1rZfizsl+iAEZaL91wr3zu3JKLYN4PufFbOVXITe1c5zZwqVdkyP
0ZjVJudqZaUrA9vYzJieY+pDFDm6OMZzopygcazRBT4bNlVz9n72cYMp7rd9mjsf
ujshXTfj3JJtWdYjNwKi7eajhjnSsBoHsMBs6vCpE0DFgbpdru0DgHoxgINJUE4O
NkriYrQZ4kbocIJb4KxNi4KognZw8e86F7Tp4g8PJRX2UPtE+WVeAXVaExW68wK/
/67wLwu43pBD5RZbfvNiXqUT1gDV9rTiDWqevg6Pl+yKHIeMfTPiVAd4owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKIRAtedh3GtTbau55agXQncGkkWMB8GA1UdIwQY
MBaAFLdgHXzIINxxkV6pMGc+9H8kGnHIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDJBZGZNZ2czSEdSWHFrd1p6NzBmeVFhY2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yZjQ1YWUtNzVjMC00MzljLWEzMTEt
NjcxZDY4MTg4Njg4LzEvb2hFQzE1MkhjYTFOdHE3bmxxQmRDZHdhU1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8yZjQ1YWUtNzVjMC00MzljLWEzMTEtNjcxZDY4MTg4Njg4
LzEvdDJBZGZNZ2czSEdSWHFrd1p6NzBmeVFhY2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRecAwQA
wcp4AwQBw792MA0GCSqGSIb3DQEBCwUAA4IBAQDGERRThTL/lgyL7ooSgH2GCzBl
jUVRoWKx14ixzjl7X5wz+XxIZbU/q6MwEwZpMtNKSZRuEmzWOJdUGx4fJQ3FvDh4
WzEZpFbpfj1nnqNvqDm/2v7inPXe3ogYmdv9vvZV2KUmkcfntyngFAWU+X8FMGD4
xfi/+oUcftYn9fyhYiHn8ES3yjO0aMyZi+I/UOicF32E5+QOL7PobTAZfHn2ClPi
M4KG8yF95UV5na6KaHmM1OIZJYU9GXmFfQ5FvIF2lLo22VKsVqeAXrCL1T2LBMO0
PpEhsc+hvZEvcR4+vgmHzvwioBC0yRpzDF2lFcGsc98b7AqLulNWtA64m36e
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:57:22 2025 by rpki-client