Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2JhXptnvhueVQmeHn25cz0kurHI.roa
File: 2JhXptnvhueVQmeHn25cz0kurHI.roa (raw, json)
Hash identifier: 8SozpyusIiaDiWUG+p4VEYgVUXO18QzNYiLErT92LEQ=
Subject key identifier: D8:98:57:A6:D9:EF:86:E7:95:42:67:87:9F:6E:5C:CF:49:2E:AC:72
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 019428238EBC29C780837871E22461F968C4
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2JhXptnvhueVQmeHn25cz0kurHI.roa
Signing time: Thu 02 Jan 2025 17:50:06 +0000
ROA not before: Thu 02 Jan 2025 17:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 194.151.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:8e:bc:29:c7:80:83:78:71:e2:24:61:f9:68:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d89857a6d9ef86e7954267879f6e5ccf492eac72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:b3:0a:96:10:88:70:8a:43:0a:43:d3:5b:
fb:b5:10:7b:b2:07:54:fc:27:c5:c7:c9:ec:66:c2:
29:9e:95:eb:52:b2:a3:b3:1e:dc:f7:ca:44:99:77:
b4:20:ce:a5:5c:46:d0:ac:2e:c2:89:0f:66:4d:23:
53:a6:d5:d7:49:53:5f:10:0c:d9:3d:d7:7c:13:24:
8f:f0:de:02:96:a0:7c:03:41:1e:03:ef:b8:c8:e5:
2b:6a:c1:bc:df:f3:d9:81:5f:f9:54:32:72:f6:f8:
b1:b0:cc:0e:0e:9a:89:b0:3e:16:9a:3c:8d:5a:83:
cf:a3:ab:2e:91:43:95:a6:81:23:d2:53:f2:56:f2:
7f:72:18:eb:f5:ef:ee:a0:2b:d1:6d:b4:96:9a:41:
06:df:81:5e:ee:34:56:d0:a9:ba:a1:d6:d2:79:14:
38:7e:18:59:a2:d7:0b:97:04:f3:89:62:fd:96:ed:
60:3f:bf:1d:ec:e0:9c:da:4c:14:a8:9d:33:b3:13:
c5:cf:a0:84:bd:de:3a:73:5a:56:1d:95:c1:a2:1d:
03:47:62:a5:35:8c:e3:33:8f:cb:fe:c7:3d:79:a4:
f6:56:9a:09:70:6d:a2:af:a9:ad:bc:ff:55:51:13:
81:75:d9:49:fc:a2:72:c4:b6:6e:6c:6c:b0:74:d1:
c7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:98:57:A6:D9:EF:86:E7:95:42:67:87:9F:6E:5C:CF:49:2E:AC:72
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/2JhXptnvhueVQmeHn25cz0kurHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.151.203.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b5:6d:88:a3:0c:93:88:1a:c3:5a:4e:02:ff:db:4f:7a:70:
c1:ed:c5:e7:36:ad:69:d1:d8:b3:da:6d:d4:77:57:f4:29:de:
40:da:87:2a:f8:32:d7:d8:68:b2:9e:eb:ef:55:e0:45:f1:f7:
6c:c9:62:c9:5a:a3:7f:79:41:14:dd:86:d3:c0:5f:ff:df:39:
2a:21:b5:8c:81:f6:a6:30:da:8e:e4:78:27:a9:a9:05:a7:42:
90:8a:6d:32:bb:07:8c:6d:20:0b:41:d5:23:e5:c1:08:9f:41:
0e:53:e4:b9:5c:c3:39:68:04:ec:4c:6c:d1:81:51:48:88:9b:
76:d6:89:30:30:5b:3e:c6:cd:fe:01:37:fc:6c:bd:a2:77:80:
ec:a9:3d:7d:4b:9f:70:01:96:22:a6:71:59:12:6b:90:ba:b8:
17:a9:ca:86:f0:30:4f:d0:e7:7d:61:e5:85:99:4c:50:eb:aa:
05:3e:b9:69:31:4a:e6:ee:eb:fd:5f:89:e9:01:ad:36:55:a4:
89:d6:f1:6b:16:7c:ae:68:cd:7a:64:b1:55:04:26:31:e7:1a:
e5:e2:cc:1a:ce:9c:8d:e1:cc:f3:f3:a0:cb:96:44:09:ea:c5:
a5:7e:00:42:de:51:e7:6f:02:82:9b:ec:c2:29:37:e4:89:a9:
97:43:7e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI468KceAg3hx4iRh+WjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk4NTdhNmQ5ZWY4NmU3OTU0MjY3ODc5ZjZlNWNjZjQ5MmVhYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEezCpYQiHCKQwpD01v7tRB7sgdU
/CfFx8nsZsIpnpXrUrKjsx7c98pEmXe0IM6lXEbQrC7CiQ9mTSNTptXXSVNfEAzZ
Pdd8EySP8N4ClqB8A0EeA++4yOUrasG83/PZgV/5VDJy9vixsMwODpqJsD4WmjyN
WoPPo6sukUOVpoEj0lPyVvJ/chjr9e/uoCvRbbSWmkEG34Fe7jRW0Km6odbSeRQ4
fhhZotcLlwTziWL9lu1gP78d7OCc2kwUqJ0zsxPFz6CEvd46c1pWHZXBoh0DR2Kl
NYzjM4/L/sc9eaT2VpoJcG2ir6mtvP9VUROBddlJ/KJyxLZubGywdNHHwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiYV6bZ74bnlUJnh59uXM9JLqxyMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvMkpoWHB0bnZodWVWUW1lSG4yNWN6MGt1ckhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpfLMA0G
CSqGSIb3DQEBCwUAA4IBAQBTtW2IowyTiBrDWk4C/9tPenDB7cXnNq1p0diz2m3U
d1f0Kd5A2ocq+DLX2GiynuvvVeBF8fdsyWLJWqN/eUEU3YbTwF//3zkqIbWMgfam
MNqO5HgnqakFp0KQim0yuweMbSALQdUj5cEIn0EOU+S5XMM5aATsTGzRgVFIiJt2
1okwMFs+xs3+ATf8bL2id4DsqT19S59wAZYipnFZEmuQurgXqcqG8DBP0Od9YeWF
mUxQ66oFPrlpMUrm7uv9X4npAa02VaSJ1vFrFnyuaM16ZLFVBCYx5xrl4swazpyN
4czz86DLlkQJ6sWlfgBC3lHnbwKCm+zCKTfkiamXQ34Q
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:16 2025 by rpki-client