Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H3J2OZoeF2qnthPavqvNfa97wA4.roa
File: H3J2OZoeF2qnthPavqvNfa97wA4.roa (raw, json)
Hash identifier: sn2EmKZdBWwy7eWDJdgYAkZfmogDCU0aWL/azgmTw7E=
Subject key identifier: 1F:72:76:39:9A:1E:17:6A:A7:B6:13:DA:BE:AB:CD:7D:AF:7B:C0:0E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D254B597764534444DC9CEFD38FD6B813
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H3J2OZoeF2qnthPavqvNfa97wA4.roa
Signing time: Sat 20 Jan 2024 05:15:11 +0000
ROA not before: Sat 20 Jan 2024 05:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:25:4b:59:77:64:53:44:44:dc:9c:ef:d3:8f:d6:b8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 05:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f7276399a1e176aa7b613dabeabcd7daf7bc00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:83:f2:40:0d:c2:45:d4:97:36:f8:18:36:9e:
50:9a:15:b0:3c:2d:95:be:f8:19:80:b6:7b:a8:41:
df:5e:fc:3b:21:78:87:9c:55:00:88:8d:ad:f9:10:
08:78:e9:1c:85:b2:c7:24:97:da:0f:36:95:7e:df:
b4:1e:3d:72:ef:16:1c:3e:7d:3d:47:48:21:c4:d0:
a5:24:79:2a:54:e2:6d:62:72:dc:23:76:9a:28:98:
73:b2:4a:f1:c8:35:3f:cc:4e:b5:c6:3c:c3:e6:b8:
06:45:40:ba:84:20:e6:42:54:68:eb:b8:87:8d:ca:
87:1c:1c:f7:18:a2:5c:a8:75:47:27:65:8a:6b:aa:
83:74:fc:a3:66:3d:eb:0f:2e:af:ed:9a:e8:e2:15:
6e:0c:14:33:fc:fa:ee:cc:8f:7f:31:1a:ae:0f:53:
fb:b8:61:8c:11:9b:eb:d9:02:05:2f:c2:8e:f2:1d:
2d:9c:95:b2:55:4c:6f:f3:40:b0:54:21:6f:ac:45:
73:54:92:68:1b:ec:11:cd:c1:3a:06:a1:90:16:91:
63:86:82:d6:f6:6e:8a:ec:af:5a:37:c0:81:14:bd:
69:11:e4:56:29:d8:7b:fc:9a:0b:c3:dd:24:7f:29:
a6:02:67:a6:2e:a3:68:75:2d:89:fe:1b:aa:29:ec:
6d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:72:76:39:9A:1E:17:6A:A7:B6:13:DA:BE:AB:CD:7D:AF:7B:C0:0E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/H3J2OZoeF2qnthPavqvNfa97wA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:4d:28:2d:6d:6e:3b:da:41:06:95:b0:9e:09:36:0c:2e:2a:
f9:c1:8c:b1:e0:a9:61:27:bc:a7:f0:28:54:8e:11:cf:0a:bc:
55:90:8a:cf:68:83:6b:ca:fd:03:bd:71:31:ec:00:e1:34:f3:
78:12:5a:8c:e7:09:5f:fa:d1:94:b9:b4:47:76:f0:59:63:85:
6f:1e:b6:25:c0:96:33:f6:c3:f7:fb:4f:69:c5:43:b3:55:4e:
9f:e0:b7:63:35:1d:0e:5d:73:7c:4e:75:92:b4:23:65:66:4d:
84:d8:48:0d:f5:c3:f4:61:88:5c:ec:fb:93:7c:58:a0:78:11:
47:0e:b8:49:ab:4a:e6:f5:ef:90:e0:59:a1:ba:41:44:7c:b8:
31:b5:57:c5:06:35:6f:a9:f5:28:9e:8c:0b:a7:f3:5e:58:91:
de:0b:78:0e:90:f2:d4:4a:5d:74:51:9f:0a:e5:79:8f:d0:ff:
0e:19:a1:63:1b:ce:7a:f7:c9:af:2f:7d:93:64:f4:c0:0e:55:
03:d6:15:d7:d4:a4:62:fb:f2:d6:d9:7d:8f:26:41:42:fb:e0:
9e:3a:5b:fb:2b:00:94:63:b1:a1:99:72:d7:a5:7e:a9:c7:ba:
6f:b8:ef:25:47:51:7f:4e:61:45:3b:54:9a:b3:ef:c9:a4:1a:
ed:1b:cf:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0lS1l3ZFNERNyc79OP1rgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMDUxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjcyNzYzOTlhMWUxNzZhYTdiNjEzZGFiZWFiY2Q3ZGFmN2JjMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4PyQA3CRdSXNvgYNp5QmhWwPC2V
vvgZgLZ7qEHfXvw7IXiHnFUAiI2t+RAIeOkchbLHJJfaDzaVft+0Hj1y7xYcPn09
R0ghxNClJHkqVOJtYnLcI3aaKJhzskrxyDU/zE61xjzD5rgGRUC6hCDmQlRo67iH
jcqHHBz3GKJcqHVHJ2WKa6qDdPyjZj3rDy6v7Zro4hVuDBQz/PruzI9/MRquD1P7
uGGMEZvr2QIFL8KO8h0tnJWyVUxv80CwVCFvrEVzVJJoG+wRzcE6BqGQFpFjhoLW
9m6K7K9aN8CBFL1pEeRWKdh7/JoLw90kfymmAmemLqNodS2J/huqKext3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB9ydjmaHhdqp7YT2r6rzX2ve8AOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSDNKMk9ab2VGMnFudGhQYXZxdk5mYTk3d0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGFNKC1tbjvaQQaVsJ4J
NgwuKvnBjLHgqWEnvKfwKFSOEc8KvFWQis9og2vK/QO9cTHsAOE083gSWoznCV/6
0ZS5tEd28FljhW8etiXAljP2w/f7T2nFQ7NVTp/gt2M1HQ5dc3xOdZK0I2VmTYTY
SA31w/RhiFzs+5N8WKB4EUcOuEmrSub175DgWaG6QUR8uDG1V8UGNW+p9SiejAun
815Ykd4LeA6Q8tRKXXRRnwrleY/Q/w4ZoWMbznr3ya8vfZNk9MAOVQPWFdfUpGL7
8tbZfY8mQUL74J46W/srAJRjsaGZctelfqnHum+47yVHUX9OYUU7VJqz78mkGu0b
zwk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:02:24 2025 by rpki-client