Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/cOhtow46e90nlng9i61VmuKnZMk.roa
File: cOhtow46e90nlng9i61VmuKnZMk.roa (raw, json)
Hash identifier: 9ntslscCHsPGSEl0s6DMTT/r9BfyLOJ9a2yKRC4G0hw=
Subject key identifier: 70:E8:6D:A3:0E:3A:7B:DD:27:96:78:3D:8B:AD:55:9A:E2:A7:64:C9
Certificate issuer: /CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Certificate serial: 0194B66771DE5E701BB469D1775D3DAF8B0E
Authority key identifier: 8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/cOhtow46e90nlng9i61VmuKnZMk.roa
Signing time: Thu 30 Jan 2025 08:50:20 +0000
ROA not before: Thu 30 Jan 2025 08:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15614
IP address blocks: 31.41.200.0/21 maxlen: 21
78.110.208.0/20 maxlen: 20
185.24.20.0/22 maxlen: 22
2a01:510::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:67:71:de:5e:70:1b:b4:69:d1:77:5d:3d:af:8b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Validity
Not Before: Jan 30 08:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70e86da30e3a7bdd2796783d8bad559ae2a764c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9b:5e:b7:66:1c:de:c7:dc:8e:61:64:82:2f:
83:d8:f2:7a:2f:fa:11:33:b8:03:a8:7f:bf:59:78:
fe:17:5e:ee:7f:0e:dd:a9:30:44:0e:c3:0f:25:48:
13:34:ed:e6:ac:74:c3:fd:43:c4:65:5f:a9:fa:21:
93:2a:b7:7e:60:5e:2f:74:1f:42:7c:22:79:51:b8:
1c:5a:2d:24:73:51:78:25:82:ea:25:b9:f3:33:d2:
cf:3e:52:0b:0a:71:7d:1a:b2:7d:38:6d:64:31:b5:
8d:e4:00:30:3b:49:ad:49:f1:0d:82:a1:b8:60:c5:
99:f4:40:3a:55:e2:1c:9b:d0:13:7a:62:07:b7:88:
2e:d1:03:19:70:89:68:86:47:36:bf:a1:1a:e1:fb:
02:9a:5e:8b:b7:10:34:f8:00:0a:a2:b9:f5:8d:48:
3c:82:a8:3c:38:44:3e:94:96:7d:6e:fa:1e:5b:71:
80:46:25:30:3a:f3:a0:94:8a:e1:6a:e8:8d:06:68:
6c:47:74:76:39:9f:93:54:a6:9e:30:6a:1e:74:73:
84:20:6f:e0:e9:51:90:81:8b:fc:e7:19:10:36:be:
a2:d2:4d:e3:a5:6a:fc:73:c1:e2:b7:4a:70:3f:61:
70:dc:ca:0c:32:a8:1f:72:53:a9:a8:4a:7c:3a:d0:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E8:6D:A3:0E:3A:7B:DD:27:96:78:3D:8B:AD:55:9A:E2:A7:64:C9
X509v3 Authority Key Identifier:
keyid:8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/cOhtow46e90nlng9i61VmuKnZMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.200.0/21
78.110.208.0/20
185.24.20.0/22
IPv6:
2a01:510::/32
Signature Algorithm: sha256WithRSAEncryption
36:bf:3a:89:df:8d:07:63:3e:82:e1:6c:81:cc:02:26:b8:ac:
67:7a:bd:4f:ef:05:09:ee:ed:56:e2:c5:2f:38:e2:de:26:7b:
33:11:88:62:8c:0d:1e:b4:97:0a:7c:84:2d:b5:7a:b8:51:d1:
56:6b:7f:83:c0:b6:16:ae:8e:89:4f:1d:57:aa:5d:52:ba:c6:
22:0b:79:76:72:24:60:38:07:30:17:19:d6:f6:d2:bc:dd:58:
39:96:19:e1:2b:af:fd:d2:13:8c:74:3f:97:f8:b0:35:c2:28:
af:ac:1a:55:05:94:f2:ea:91:13:d1:97:5b:af:81:b5:f6:ed:
7d:d0:eb:06:52:75:59:72:a9:8f:e5:5a:91:a8:c8:f4:d6:d7:
37:a8:4c:6e:58:33:43:72:5b:af:19:02:6f:58:bd:fb:78:21:
e4:8e:b5:43:7b:2c:58:f1:5c:bd:28:d7:9e:8b:54:4d:f5:22:
d3:94:46:01:f8:22:61:96:35:f8:1a:bb:7a:c9:5a:26:04:96:
bc:4b:7b:5d:23:18:04:d4:44:99:3d:cb:94:f0:bd:ae:60:1b:
26:39:56:10:a2:46:ad:35:7a:99:e6:ca:1d:cc:45:36:c1:6c:
96:3e:cd:9b:10:83:c7:33:f4:d3:14:ff:4a:65:56:c0:55:53:
02:ec:fe:3c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZS2Z3HeXnAbtGnRd109r4sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYjYyMGE0ODM4ZWY2ZTIxYmNjMjZhZDM1MTI2MmQ3NTY2
ZWIyNzUwHhcNMjUwMTMwMDg1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU4NmRhMzBlM2E3YmRkMjc5Njc4M2Q4YmFkNTU5YWUyYTc2NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZtet2Yc3sfcjmFkgi+D2PJ6L/oR
M7gDqH+/WXj+F17ufw7dqTBEDsMPJUgTNO3mrHTD/UPEZV+p+iGTKrd+YF4vdB9C
fCJ5UbgcWi0kc1F4JYLqJbnzM9LPPlILCnF9GrJ9OG1kMbWN5AAwO0mtSfENgqG4
YMWZ9EA6VeIcm9ATemIHt4gu0QMZcIlohkc2v6Ea4fsCml6LtxA0+AAKorn1jUg8
gqg8OEQ+lJZ9bvoeW3GARiUwOvOglIrhauiNBmhsR3R2OZ+TVKaeMGoedHOEIG/g
6VGQgYv85xkQNr6i0k3jpWr8c8Hit0pwP2Fw3MoMMqgfclOpqEp8OtBMNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHDobaMOOnvdJ5Z4PYutVZrip2TJMB8GA1UdIwQY
MBaAFI+2IKSDjvbiG8wmrTUSYtdWbrJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEt
ZGE3ZDQ1YjczMmZhLzEvY09odG93NDZlOTBubG5nOWk2MVZtdUtuWk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEtZGE3ZDQ1YjczMmZh
LzEvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHynIAwQE
Tm7QAwQCuRgUMA0EAgACMAcDBQAqAQUQMA0GCSqGSIb3DQEBCwUAA4IBAQA2vzqJ
340HYz6C4WyBzAImuKxner1P7wUJ7u1W4sUvOOLeJnszEYhijA0etJcKfIQttXq4
UdFWa3+DwLYWro6JTx1Xql1SusYiC3l2ciRgOAcwFxnW9tK83Vg5lhnhK6/90hOM
dD+X+LA1wiivrBpVBZTy6pET0Zdbr4G19u190OsGUnVZcqmP5VqRqMj01tc3qExu
WDNDcluvGQJvWL37eCHkjrVDeyxY8Vy9KNeei1RN9SLTlEYB+CJhljX4Grt6yVom
BJa8S3tdIxgE1ESZPcuU8L2uYBsmOVYQokatNXqZ5sodzEU2wWyWPs2bEIPHM/TT
FP9KZVbAVVMC7P48
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:15:12 2025 by rpki-client