Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H-A3_LTO-Cr7UTkTjDGHIFQ4y6o.roa
File: H-A3_LTO-Cr7UTkTjDGHIFQ4y6o.roa (raw, json)
Hash identifier: 0Ux0NwMINBFH3+IPf7sfHo/GTtmrxqNjNHBoKnMg3bQ=
Subject key identifier: 1F:E0:37:FC:B4:CE:F8:2A:FB:51:39:13:8C:31:87:20:54:38:CB:AA
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0194214400B04709F57003BC8883069A5F32
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H-A3_LTO-Cr7UTkTjDGHIFQ4y6o.roa
Signing time: Wed 01 Jan 2025 09:48:12 +0000
ROA not before: Wed 01 Jan 2025 09:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 146.19.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:00:b0:47:09:f5:70:03:bc:88:83:06:9a:5f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fe037fcb4cef82afb5139138c3187205438cbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:c1:07:d2:15:90:9f:3a:40:16:bd:a8:fb:
4b:24:a0:91:a7:b1:6c:01:83:55:64:69:bd:15:19:
a2:8e:55:82:4d:2a:aa:56:fe:0b:03:35:4f:59:87:
6f:09:af:d4:f1:09:75:96:30:5b:51:91:d2:bd:e2:
3a:51:75:3b:9a:88:38:6e:83:d6:54:c2:2e:38:78:
19:cd:88:48:70:4a:3c:2b:c4:41:0f:e5:ad:b5:21:
96:18:eb:e9:df:99:56:67:80:1a:ec:26:75:61:48:
00:05:79:b7:da:07:81:0f:cd:0a:51:08:0d:c7:a6:
a0:a2:8d:07:71:32:87:c3:3a:f9:2a:c9:64:93:83:
27:1b:f4:e6:ad:85:4a:11:11:4a:f7:a3:4f:0f:88:
65:72:9b:de:17:3c:10:fc:11:2a:49:59:a2:8d:49:
14:78:38:1f:68:db:ca:62:88:fb:69:29:10:69:b0:
c9:68:17:66:60:58:3f:5c:8d:24:fb:90:60:8d:95:
58:49:6c:9b:a6:07:0c:b8:72:c9:76:0f:b3:51:65:
6a:32:38:c3:0a:8f:22:a8:dc:4d:a4:20:93:78:25:
27:5e:91:ba:2e:83:7e:58:7a:dc:74:1e:b5:1b:2a:
bc:33:6d:48:dc:6e:42:13:4b:10:dc:74:a5:20:1e:
fb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E0:37:FC:B4:CE:F8:2A:FB:51:39:13:8C:31:87:20:54:38:CB:AA
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H-A3_LTO-Cr7UTkTjDGHIFQ4y6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.87.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ef:fd:fe:d3:54:5f:d7:52:16:c2:da:93:9f:cf:be:75:ac:
95:59:fa:da:b9:b9:53:11:73:b2:fd:d4:83:ad:90:d8:73:50:
36:0f:87:2b:cc:40:8e:56:d0:58:2b:96:d4:0f:da:da:eb:db:
15:c6:b4:76:79:1a:14:e8:ce:d5:6b:b4:1d:68:cf:9d:9e:91:
a4:5e:b8:f5:f7:c1:3e:e3:8a:ee:79:92:be:3f:52:b9:1c:2a:
bc:77:d0:a5:c5:ac:c7:8e:f6:f0:b9:a0:dd:a8:b4:9f:59:3f:
a3:ec:1d:c6:9d:f5:e2:03:a5:2b:b9:2f:6a:ec:1d:9d:62:f9:
5d:77:0a:1c:c6:24:0f:ca:dd:d2:39:30:c4:c0:e5:0f:62:f8:
a8:b4:63:20:b3:c1:14:6a:da:5e:b7:ab:0c:92:1b:4e:e8:77:
c7:5e:5b:fd:5c:9a:62:39:1b:1e:91:f0:f9:29:ed:ab:d0:e2:
3d:6b:38:7f:0b:89:90:35:c0:53:5a:6d:cf:fa:21:ed:13:a9:
3f:28:e1:e4:4e:17:96:63:89:ff:d5:cb:df:3d:f9:87:7a:63:
9f:5a:41:1e:8a:6d:76:22:39:4e:e1:4e:15:8f:2d:29:12:07:
b9:ee:f0:ee:ff:5e:e7:5e:86:f7:c3:3c:ee:49:52:3f:73:bd:
2e:bf:5b:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRACwRwn1cAO8iIMGml8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmUwMzdmY2I0Y2VmODJhZmI1MTM5MTM4YzMxODcyMDU0MzhjYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwvBB9IVkJ86QBa9qPtLJKCRp7Fs
AYNVZGm9FRmijlWCTSqqVv4LAzVPWYdvCa/U8Ql1ljBbUZHSveI6UXU7mog4boPW
VMIuOHgZzYhIcEo8K8RBD+WttSGWGOvp35lWZ4Aa7CZ1YUgABXm32geBD80KUQgN
x6agoo0HcTKHwzr5Kslkk4MnG/TmrYVKERFK96NPD4hlcpveFzwQ/BEqSVmijUkU
eDgfaNvKYoj7aSkQabDJaBdmYFg/XI0k+5BgjZVYSWybpgcMuHLJdg+zUWVqMjjD
Co8iqNxNpCCTeCUnXpG6LoN+WHrcdB61Gyq8M21I3G5CE0sQ3HSlIB77NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/gN/y0zvgq+1E5E4wxhyBUOMuqMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSC1BM19MVE8tQ3I3VVRrVGpER0hJRlE0eTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNXMA0G
CSqGSIb3DQEBCwUAA4IBAQAI7/3+01Rf11IWwtqTn8++dayVWfraublTEXOy/dSD
rZDYc1A2D4crzECOVtBYK5bUD9ra69sVxrR2eRoU6M7Va7QdaM+dnpGkXrj198E+
44rueZK+P1K5HCq8d9ClxazHjvbwuaDdqLSfWT+j7B3GnfXiA6UruS9q7B2dYvld
dwocxiQPyt3SOTDEwOUPYviotGMgs8EUatpet6sMkhtO6HfHXlv9XJpiORsekfD5
Ke2r0OI9azh/C4mQNcBTWm3P+iHtE6k/KOHkTheWY4n/1cvfPfmHemOfWkEeim12
IjlO4U4Vjy0pEge57vDu/17nXob3wzzuSVI/c70uv1v8
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:07:11 2025 by rpki-client