Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GxyqnXf2T8M4kYX2u3wWRjdXaEc.roa
File: GxyqnXf2T8M4kYX2u3wWRjdXaEc.roa (raw, json)
Hash identifier: h8HEQAzwQkj7c6c/HYNjJtXw/m2bwq+YQVGjd1LDdi8=
Subject key identifier: 1B:1C:AA:9D:77:F6:4F:C3:38:91:85:F6:BB:7C:16:46:37:57:68:47
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206856B833D74A834B52E4264FDBD03B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GxyqnXf2T8M4kYX2u3wWRjdXaEc.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211252
IP address blocks: 193.233.177.0/24 maxlen: 24
193.233.179.0/24 maxlen: 24
193.233.187.0/24 maxlen: 24
193.233.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:56:b8:33:d7:4a:83:4b:52:e4:26:4f:db:d0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b1caa9d77f64fc3389185f6bb7c164637576847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:da:c0:d1:87:72:32:fb:fe:16:80:bc:90:
30:cf:31:55:bd:1f:da:16:4e:86:17:e7:d6:e6:52:
c2:e0:cd:dc:6f:6e:36:d9:81:d9:f4:9f:55:62:5d:
2f:76:5b:05:c7:2b:99:4d:77:dd:67:14:07:17:a1:
fd:11:54:72:d3:48:a7:b8:a8:7c:e0:8f:43:5a:24:
36:00:48:db:1f:10:7b:5b:a0:06:01:bb:e2:6f:ec:
f9:3b:45:81:cc:79:aa:4b:ec:84:d1:9d:74:10:f2:
95:3a:fb:bb:01:21:f9:33:ed:22:39:68:2c:1d:c6:
8c:a5:06:58:bc:7a:03:d5:70:29:26:41:15:e4:7f:
c0:ef:b2:97:9b:cb:26:d3:f3:3c:13:de:8e:da:c9:
52:16:ae:10:5a:36:2a:c5:91:80:38:fb:04:1a:c7:
9c:51:ed:48:56:ef:42:24:34:64:02:1f:d7:b9:58:
ec:89:ea:4d:b0:05:bd:06:d4:bb:00:07:b8:8c:e4:
d4:b9:b2:6f:06:02:74:9a:db:08:ec:d4:d6:8c:2c:
10:93:30:b4:cd:dc:b1:3e:da:fe:82:0d:94:a2:4f:
22:93:87:cf:45:eb:0b:7f:8b:5f:2b:b9:92:34:54:
66:46:78:c6:3d:fb:22:d5:ed:8f:c8:3b:b4:9d:2e:
dc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1C:AA:9D:77:F6:4F:C3:38:91:85:F6:BB:7C:16:46:37:57:68:47
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GxyqnXf2T8M4kYX2u3wWRjdXaEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.177.0/24
193.233.179.0/24
193.233.187.0-193.233.188.255
Signature Algorithm: sha256WithRSAEncryption
8e:86:24:17:ac:0f:69:dd:83:0e:63:ff:2d:9e:1c:fd:c7:66:
18:71:d0:40:6b:36:93:89:2e:80:c9:a4:80:eb:ec:ca:4f:97:
9d:6e:56:06:78:ee:85:ef:fe:80:e7:58:91:77:fb:94:09:84:
d8:54:bf:df:40:18:00:85:1f:0c:b7:3b:d3:f1:aa:94:6a:12:
1d:76:0c:9c:98:b5:7f:13:ae:83:f3:cc:f8:97:63:d5:95:21:
25:bc:c0:5f:c2:03:ce:59:f9:3f:88:35:2c:38:b6:6c:b4:74:
bc:95:8e:50:56:ae:ba:83:c4:90:ad:99:b7:32:53:7a:4c:59:
dc:ec:e5:e3:8c:10:34:42:1c:8f:d5:0a:a8:ba:66:cd:ca:a2:
6b:d7:21:cf:b9:34:f4:a5:97:c3:f2:e4:87:01:20:af:55:75:
53:87:3a:c7:88:19:7b:22:41:0c:b9:5f:74:d0:eb:d5:b8:ef:
9d:2f:9f:7e:e4:fc:0c:12:12:fd:65:c3:8f:e8:f1:b9:6f:b2:
48:03:0f:35:d0:75:f6:4e:8a:04:8d:dc:d0:24:ab:b8:19:bb:
18:6d:91:65:f9:8c:00:54:ed:d2:c7:61:a7:c9:4c:02:2a:4e:
7d:58:7d:06:bd:a5:b6:48:39:8c:24:9f:e8:9a:e2:47:3b:fd:
9b:2e:20:a7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQgaFa4M9dKg0tS5CZP29A7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjFjYWE5ZDc3ZjY0ZmMzMzg5MTg1ZjZiYjdjMTY0NjM3NTc2ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt7awNGHcjL7/haAvJAwzzFVvR/a
Fk6GF+fW5lLC4M3cb2422YHZ9J9VYl0vdlsFxyuZTXfdZxQHF6H9EVRy00inuKh8
4I9DWiQ2AEjbHxB7W6AGAbvib+z5O0WBzHmqS+yE0Z10EPKVOvu7ASH5M+0iOWgs
HcaMpQZYvHoD1XApJkEV5H/A77KXm8sm0/M8E96O2slSFq4QWjYqxZGAOPsEGsec
Ue1IVu9CJDRkAh/XuVjsiepNsAW9BtS7AAe4jOTUubJvBgJ0mtsI7NTWjCwQkzC0
zdyxPtr+gg2Uok8ik4fPResLf4tfK7mSNFRmRnjGPfsi1e2PyDu0nS7ckQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBscqp139k/DOJGF9rt8FkY3V2hHMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvR3h5cW5YZjJUOE00a1lYMnUzd1dSamRYYUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwemxAwQA
wemzMAwDBADB6bsDBADB6bwwDQYJKoZIhvcNAQELBQADggEBAI6GJBesD2ndgw5j
/y2eHP3HZhhx0EBrNpOJLoDJpIDr7MpPl51uVgZ47oXv/oDnWJF3+5QJhNhUv99A
GACFHwy3O9PxqpRqEh12DJyYtX8TroPzzPiXY9WVISW8wF/CA85Z+T+INSw4tmy0
dLyVjlBWrrqDxJCtmbcyU3pMWdzs5eOMEDRCHI/VCqi6Zs3KomvXIc+5NPSll8Py
5IcBIK9VdVOHOseIGXsiQQy5X3TQ69W4750vn37k/AwSEv1lw4/o8blvskgDDzXQ
dfZOigSN3NAkq7gZuxhtkWX5jABU7dLHYafJTAIqTn1YfQa9pbZIOYwkn+ia4kc7
/ZsuIKc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:28:48 2025 by rpki-client