Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/OHSnHISpUOg0a2IaET-7LST2nHw.roa
File: OHSnHISpUOg0a2IaET-7LST2nHw.roa (raw, json)
Hash identifier: oeWDTr24DHxY0Ln8Ar9TYuW/yYnaSQVcRJXJMi+oDck=
Subject key identifier: 38:74:A7:1C:84:A9:50:E8:34:6B:62:1A:11:3F:BB:2D:24:F6:9C:7C
Certificate issuer: /CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Certificate serial: 01941FFA296A6FCCB995930CD8B2FEAADCA5
Authority key identifier: D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/OHSnHISpUOg0a2IaET-7LST2nHw.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204177
IP address blocks: 91.229.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:29:6a:6f:cc:b9:95:93:0c:d8:b2:fe:aa:dc:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d350a076ce4a8ce6fb69f1fda4a194614a941afa
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3874a71c84a950e8346b621a113fbb2d24f69c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:23:3f:42:89:09:cd:3d:f8:c5:b7:8e:e3:35:
e2:9d:75:0f:5b:82:45:4f:48:16:51:fe:45:c5:b5:
12:3c:39:82:aa:a2:fb:84:6d:ae:81:b5:60:61:9b:
c4:23:d5:e6:27:c1:28:23:02:d1:f8:d9:06:ab:37:
e8:d6:67:97:a8:43:e6:51:3c:b3:06:47:bc:5e:fc:
94:ba:12:35:c7:9d:d3:10:4a:43:d0:67:84:d8:b2:
7e:bb:26:e4:b2:c1:fa:12:01:b8:46:9b:ec:2d:2f:
af:72:d4:2d:81:87:e4:4e:30:eb:d8:50:8a:b5:b0:
dd:21:07:4a:67:06:ac:0e:52:26:19:a3:e4:8b:b1:
48:9a:89:81:49:a4:50:e5:e4:89:a5:bc:6d:89:e0:
e6:58:d6:87:86:90:97:3d:52:6b:96:d9:a3:69:f9:
3c:11:92:de:d4:c4:1b:9b:d7:dc:9a:aa:0b:2a:01:
fe:f9:4d:9e:0f:39:34:6a:e3:8e:f9:00:8f:0c:67:
a3:84:51:f7:79:f1:4d:55:63:70:c4:67:89:cf:0e:
58:69:50:a7:fa:fc:77:40:52:28:30:ef:d3:93:bd:
63:67:17:32:8f:6f:96:41:f7:22:8b:83:ce:95:cf:
92:79:16:7a:75:c6:af:be:d0:0a:4f:2b:b8:b4:90:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:74:A7:1C:84:A9:50:E8:34:6B:62:1A:11:3F:BB:2D:24:F6:9C:7C
X509v3 Authority Key Identifier:
keyid:D3:50:A0:76:CE:4A:8C:E6:FB:69:F1:FD:A4:A1:94:61:4A:94:1A:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01Cgds5KjOb7afH9pKGUYUqUGvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/OHSnHISpUOg0a2IaET-7LST2nHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3cac6b-2c2a-4b66-adee-d52325de6b08/1/01Cgds5KjOb7afH9pKGUYUqUGvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.72.0/24
Signature Algorithm: sha256WithRSAEncryption
63:29:cd:bd:09:2e:a1:47:b6:f8:fb:e7:b8:f0:aa:85:2c:af:
c3:b8:c0:eb:eb:e5:73:8b:47:00:70:4e:3b:de:09:ac:f5:c8:
4e:66:f4:50:ee:e2:de:f3:a6:18:80:0a:21:93:c6:58:aa:b6:
74:67:b0:aa:04:5d:3c:82:b6:32:e7:24:93:d6:d4:83:9e:b5:
37:56:5f:25:ba:5f:5a:ee:17:a3:be:37:2f:76:49:e2:4f:e4:
13:1b:ad:11:66:d5:e3:ea:65:3a:c3:18:77:6a:df:8f:74:0e:
eb:c9:2e:d7:8a:ee:16:c8:b1:b3:df:38:fa:ea:e3:5f:fd:86:
70:50:55:17:ca:c6:4a:a6:3f:48:69:21:32:4f:84:ab:d6:57:
3f:fa:da:dc:cc:e0:89:37:6a:56:ba:e4:f1:c0:64:5a:e6:55:
0b:85:ad:60:83:1a:a3:dd:0e:ac:63:a6:3f:48:3c:06:94:61:
31:5a:2d:73:d9:a5:10:dd:31:53:eb:72:0b:f1:25:16:6b:d7:
86:d4:b6:50:90:87:8a:db:63:65:c7:6a:b9:4a:26:f1:54:dc:
c5:27:b2:16:9b:63:e6:68:d4:f7:dd:18:09:6a:85:13:a3:74:
8f:4d:82:fa:ae:57:20:dc:fe:2a:42:fd:18:da:9c:7c:de:8e:
85:63:3c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ilqb8y5lZMM2LL+qtylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTBhMDc2Y2U0YThjZTZmYjY5ZjFmZGE0YTE5NDYxNGE5
NDFhZmEwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc0YTcxYzg0YTk1MGU4MzQ2YjYyMWExMTNmYmIyZDI0ZjY5YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSM/QokJzT34xbeO4zXinXUPW4JF
T0gWUf5FxbUSPDmCqqL7hG2ugbVgYZvEI9XmJ8EoIwLR+NkGqzfo1meXqEPmUTyz
Bke8XvyUuhI1x53TEEpD0GeE2LJ+uybkssH6EgG4RpvsLS+vctQtgYfkTjDr2FCK
tbDdIQdKZwasDlImGaPki7FImomBSaRQ5eSJpbxtieDmWNaHhpCXPVJrltmjafk8
EZLe1MQbm9fcmqoLKgH++U2eDzk0auOO+QCPDGejhFH3efFNVWNwxGeJzw5YaVCn
+vx3QFIoMO/Tk71jZxcyj2+WQfcii4POlc+SeRZ6dcavvtAKTyu4tJBgewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDh0pxyEqVDoNGtiGhE/uy0k9px8MB8GA1UdIwQY
MBaAFNNQoHbOSozm+2nx/aShlGFKlBr6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFDZ2RzNUtqT2I3YWZIOXBLR1VZVXFVR3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zY2FjNmItMmMyYS00YjY2LWFkZWUt
ZDUyMzI1ZGU2YjA4LzEvT0hTbkhJU3BVT2cwYTJJYUVULTdMU1Qybkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zY2FjNmItMmMyYS00YjY2LWFkZWUtZDUyMzI1ZGU2YjA4
LzEvMDFDZ2RzNUtqT2I3YWZIOXBLR1VZVXFVR3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+VIMA0G
CSqGSIb3DQEBCwUAA4IBAQBjKc29CS6hR7b4++e48KqFLK/DuMDr6+Vzi0cAcE47
3gms9chOZvRQ7uLe86YYgAohk8ZYqrZ0Z7CqBF08grYy5yST1tSDnrU3Vl8lul9a
7hejvjcvdkniT+QTG60RZtXj6mU6wxh3at+PdA7ryS7Xiu4WyLGz3zj66uNf/YZw
UFUXysZKpj9IaSEyT4Sr1lc/+trczOCJN2pWuuTxwGRa5lULha1ggxqj3Q6sY6Y/
SDwGlGExWi1z2aUQ3TFT63IL8SUWa9eG1LZQkIeK22Nlx2q5SibxVNzFJ7IWm2Pm
aNT33RgJaoUTo3SPTYL6rlcg3P4qQv0Y2px83o6FYzwe
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:33:56 2025 by rpki-client