Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS133210.roa
File: AS133210.roa (raw, json)
Hash identifier: CFja3+Tm5FaH4FqpziJ38UxaokN0IWkg5WTjxR/O4Ug=
Subject key identifier: 2D:9E:0B:5D:A3:D0:12:88:60:F4:2D:55:C5:6B:88:AB:9A:21:90:A3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1BEBA7D2FDBC019168760782FE6CE5D1C325DE3B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS133210.roa
Signing time: Tue 18 Mar 2025 08:04:39 +0000
ROA not before: Tue 18 Mar 2025 07:59:39 +0000
ROA not after: Tue 17 Mar 2026 08:04:39 +0000
asID: 133210
IP address blocks: 82.21.215.0/24 maxlen: 24
82.21.231.0/24 maxlen: 24
82.22.229.0/24 maxlen: 24
82.24.222.0/24 maxlen: 24
82.26.228.0/24 maxlen: 24
82.29.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:eb:a7:d2:fd:bc:01:91:68:76:07:82:fe:6c:e5:d1:c3:25:de:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 18 07:59:39 2025 GMT
Not After : Mar 17 08:04:39 2026 GMT
Subject: CN=2D9E0B5DA3D0128860F42D55C56B88AB9A2190A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:91:4e:20:72:2e:85:bc:03:6f:d6:ea:b3:64:
83:7f:c6:57:ca:f2:2c:09:05:cc:96:32:5d:b5:e9:
9e:77:af:f0:bb:41:67:58:94:d9:b2:32:69:5a:25:
e3:e7:f4:6e:39:78:1f:9f:7f:83:ee:4c:d2:d2:f1:
b8:d1:d1:66:fa:f6:e6:1a:fa:4f:d3:a7:ec:f4:86:
44:9e:0d:c4:49:6e:8d:73:a0:04:be:84:4c:40:97:
cd:48:6e:cb:d0:cb:b5:18:d2:dd:59:5d:e4:88:f6:
32:34:e9:b5:82:13:bc:e7:b5:5b:da:91:0e:d2:bd:
42:e5:a1:81:ed:54:0c:86:05:6d:ef:4a:8c:b7:2f:
f3:bb:84:69:e2:3e:68:89:9b:eb:2a:05:6e:a7:32:
38:bb:14:87:db:c6:38:9f:e4:e0:1e:9a:37:5b:2b:
08:ea:37:8f:55:17:c0:07:ed:15:a3:2f:36:34:83:
21:2a:ea:b3:2f:f1:6c:63:c0:37:4a:7c:3a:9b:dc:
af:1a:2c:e1:6a:ea:d7:b5:2d:dd:94:b7:05:db:af:
81:26:6b:a5:db:50:12:16:1c:a4:91:14:07:42:86:
dd:c5:a1:18:72:7b:25:a7:07:53:c3:03:de:b6:c5:
83:21:91:34:55:56:17:38:5d:d2:2d:1b:54:d0:d3:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9E:0B:5D:A3:D0:12:88:60:F4:2D:55:C5:6B:88:AB:9A:21:90:A3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS133210.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.215.0/24
82.21.231.0/24
82.22.229.0/24
82.24.222.0/24
82.26.228.0/24
82.29.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b8:d2:67:ae:90:cd:06:10:94:72:92:eb:7e:d3:82:3e:23:
d2:b1:36:57:0d:77:8b:a9:d4:23:04:ef:f6:07:38:fd:55:d5:
84:14:82:13:66:c7:10:02:c2:2e:01:39:41:74:92:48:2b:32:
06:c0:9f:c0:a3:2b:44:38:32:41:c5:c7:fe:b8:9a:72:6b:00:
70:46:a2:7b:1e:74:90:6e:65:09:33:d3:32:f7:cb:1d:18:65:
57:16:68:1f:ef:47:e8:a6:62:8e:6b:43:ba:62:5b:9e:d1:48:
b3:11:e0:04:cd:b9:a6:30:a4:37:47:b5:2b:71:8b:e3:c0:fd:
c4:19:3e:d0:fc:70:2a:35:6d:9f:4f:d2:84:72:ac:b3:ba:44:
12:d7:d5:83:86:0f:38:45:48:31:be:a0:59:f7:94:b2:b4:51:
44:00:fb:a6:48:c1:b2:f1:fb:72:bf:05:45:0b:5b:ab:3b:73:
1e:99:c8:8f:8c:ae:69:09:0f:26:ec:6d:03:e7:17:2c:9b:a6:
ad:67:49:a1:03:78:9f:e6:72:3a:16:cb:83:fc:a0:2c:79:7d:
0a:22:55:a9:4b:44:63:35:43:3f:f7:e8:13:a5:07:8f:a4:c1:
14:2c:9f:62:a9:56:3a:fc:60:6d:a1:b0:81:76:43:35:4a:48:
75:c3:23:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUG+un0v28AZFodgeC/mzl0cMl3jswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTgwNzU5MzlaFw0yNjAzMTcwODA0MzlaMDMxMTAvBgNV
BAMTKDJEOUUwQjVEQTNEMDEyODg2MEY0MkQ1NUM1NkI4OEFCOUEyMTkwQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPkU4gci6FvANv1uqzZIN/xlfK
8iwJBcyWMl216Z53r/C7QWdYlNmyMmlaJePn9G45eB+ff4PuTNLS8bjR0Wb69uYa
+k/Tp+z0hkSeDcRJbo1zoAS+hExAl81IbsvQy7UY0t1ZXeSI9jI06bWCE7zntVva
kQ7SvULloYHtVAyGBW3vSoy3L/O7hGniPmiJm+sqBW6nMji7FIfbxjif5OAemjdb
KwjqN49VF8AH7RWjLzY0gyEq6rMv8WxjwDdKfDqb3K8aLOFq6te1Ld2UtwXbr4Em
a6XbUBIWHKSRFAdCht3FoRhyeyWnB1PDA962xYMhkTRVVhc4XdItG1TQ0zeJAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQULZ4LXaPQEohg9C1VxWuIq5ohkKMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTMzMjEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUhXX
AwQAUhXnAwQAUhblAwQAUhjeAwQAUhrkAwQAUh3fMA0GCSqGSIb3DQEBCwUAA4IB
AQAOuNJnrpDNBhCUcpLrftOCPiPSsTZXDXeLqdQjBO/2Bzj9VdWEFIITZscQAsIu
ATlBdJJIKzIGwJ/AoytEODJBxcf+uJpyawBwRqJ7HnSQbmUJM9My98sdGGVXFmgf
70fopmKOa0O6Ylue0UizEeAEzbmmMKQ3R7UrcYvjwP3EGT7Q/HAqNW2fT9KEcqyz
ukQS19WDhg84RUgxvqBZ95SytFFEAPumSMGy8ftyvwVFC1urO3MemciPjK5pCQ8m
7G0D5xcsm6atZ0mhA3if5nI6FsuD/KAseX0KIlWpS0RjNUM/9+gTpQePpMEULJ9i
qVY6/GBtobCBdkM1Skh1wyMF
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:01:49 2025 by rpki-client