Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MBUAIuGztmcOvi49QVMI3ZKQHZY.roa
File: MBUAIuGztmcOvi49QVMI3ZKQHZY.roa (raw, json)
Hash identifier: Hw57M+gd4D8UxZ5OXeoSMLeWWas39Ei31bunhMTrLhg=
Subject key identifier: 30:15:00:22:E1:B3:B6:67:0E:BE:2E:3D:41:53:08:DD:92:90:1D:96
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420683AE9383CEB178273675861536442
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MBUAIuGztmcOvi49QVMI3ZKQHZY.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 193.233.88.0/24 maxlen: 24
193.233.89.0/24 maxlen: 24
193.233.90.0/24 maxlen: 24
193.233.91.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3a:e9:38:3c:eb:17:82:73:67:58:61:53:64:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30150022e1b3b6670ebe2e3d415308dd92901d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:f2:18:09:24:37:bf:78:d2:68:3a:08:87:
51:be:96:e5:7a:56:d4:08:96:cf:62:4e:96:5c:79:
8e:4b:8d:fc:da:b9:8c:bb:eb:94:75:de:ba:8d:0e:
dd:ce:06:93:94:f4:bc:40:6f:74:86:6b:9c:e0:91:
5a:e1:fe:d9:23:b1:e0:4a:44:1f:47:b6:ef:f8:15:
7a:1c:74:f1:e3:59:25:c2:07:c2:fd:64:ef:5f:b8:
dd:d7:cb:27:54:16:c5:ec:f9:34:b6:5d:a9:dc:f3:
57:2c:53:4f:ce:58:83:29:90:11:8d:d0:14:92:2a:
91:7b:dc:3a:12:12:68:d1:49:98:59:0c:5c:2f:c0:
f9:e7:4c:14:81:1a:6e:1d:ee:e8:d4:e1:38:a6:9c:
a7:58:b3:6d:59:dc:0a:c3:27:60:2f:d9:c3:30:69:
fb:7e:77:51:7e:6f:29:15:fc:80:29:2d:d8:f1:90:
6f:9a:cd:78:df:fa:4b:2d:f0:84:54:51:2d:e0:2a:
32:64:77:4e:5e:87:9b:df:40:12:b0:b8:76:3a:9e:
9e:c4:f7:d0:9d:2b:aa:71:d7:d6:f6:6a:4a:3e:bc:
09:04:b1:68:88:94:fd:6f:16:0a:15:cb:de:a5:5d:
08:12:1d:8d:ff:5c:48:9f:fc:77:59:a3:b5:a3:93:
64:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:15:00:22:E1:B3:B6:67:0E:BE:2E:3D:41:53:08:DD:92:90:1D:96
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/MBUAIuGztmcOvi49QVMI3ZKQHZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.88.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
95:fa:de:d0:f1:eb:73:de:1a:40:ce:c3:f0:02:4e:16:73:26:
71:b4:5e:0b:90:a4:5f:6a:e1:d2:d3:39:da:9c:85:5c:68:ef:
b3:f6:ad:58:c5:f1:e4:ae:d1:3c:2a:2d:e7:24:ea:30:86:1b:
c9:33:fa:58:70:bd:1a:1c:20:c6:13:44:41:e0:9c:62:72:ae:
9b:b5:64:c7:04:1b:ba:b3:5d:b7:5a:72:ee:82:56:11:b0:21:
55:0d:c2:10:b8:87:f9:ab:8c:de:ce:ba:51:13:84:dc:08:68:
ff:15:03:cc:16:18:54:03:6f:96:15:93:58:21:b2:fe:14:fe:
59:54:f2:70:d8:37:64:28:86:51:b3:49:05:02:cb:e7:c8:33:
6d:68:49:df:2b:62:4e:d3:f3:14:4a:27:36:3f:6c:e7:52:4f:
07:29:42:51:12:4f:38:e9:ae:82:43:02:c0:ad:dc:24:a9:c7:
42:1d:e6:c6:01:d7:e7:5a:09:c8:51:6e:59:1b:83:2d:81:2e:
f4:c8:21:ad:2e:86:c0:cf:8c:00:fb:6b:1b:ef:3f:96:e8:71:
7b:8c:a0:ae:52:33:90:30:30:b8:64:40:49:b5:75:fa:f1:30:
a7:39:fe:bf:a7:ba:5d:b1:c7:d8:35:a1:11:60:8d:10:a8:5c:
30:ff:7f:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaDrpODzrF4JzZ1hhU2RCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE1MDAyMmUxYjNiNjY3MGViZTJlM2Q0MTUzMDhkZDkyOTAxZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui/yGAkkN7940mg6CIdRvpblelbU
CJbPYk6WXHmOS4382rmMu+uUdd66jQ7dzgaTlPS8QG90hmuc4JFa4f7ZI7HgSkQf
R7bv+BV6HHTx41klwgfC/WTvX7jd18snVBbF7Pk0tl2p3PNXLFNPzliDKZARjdAU
kiqRe9w6EhJo0UmYWQxcL8D550wUgRpuHe7o1OE4ppynWLNtWdwKwydgL9nDMGn7
fndRfm8pFfyAKS3Y8ZBvms143/pLLfCEVFEt4CoyZHdOXoeb30ASsLh2Op6exPfQ
nSuqcdfW9mpKPrwJBLFoiJT9bxYKFcvepV0IEh2N/1xIn/x3WaO1o5NkAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAVACLhs7ZnDr4uPUFTCN2SkB2WMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTUJVQUl1R3p0bWNPdmk0OVFWTUkzWktRSFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwelYAwQC
wen4MA0GCSqGSIb3DQEBCwUAA4IBAQCV+t7Q8etz3hpAzsPwAk4WcyZxtF4LkKRf
auHS0znanIVcaO+z9q1YxfHkrtE8Ki3nJOowhhvJM/pYcL0aHCDGE0RB4Jxicq6b
tWTHBBu6s123WnLuglYRsCFVDcIQuIf5q4zezrpRE4TcCGj/FQPMFhhUA2+WFZNY
IbL+FP5ZVPJw2DdkKIZRs0kFAsvnyDNtaEnfK2JO0/MUSic2P2znUk8HKUJREk84
6a6CQwLArdwkqcdCHebGAdfnWgnIUW5ZG4MtgS70yCGtLobAz4wA+2sb7z+W6HF7
jKCuUjOQMDC4ZEBJtXX68TCnOf6/p7pdscfYNaERYI0QqFww/39p
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:03:32 2025 by rpki-client