Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TuKHkrJdxNJ-p5OPnzZcwDP-Iik.roa
File: TuKHkrJdxNJ-p5OPnzZcwDP-Iik.roa (raw, json)
Hash identifier: Ys4dYqqt8et0eCHEPgICNHnAlrjVD1txJRTS0YNYhMU=
Subject key identifier: 4E:E2:87:92:B2:5D:C4:D2:7E:A7:93:8F:9F:36:5C:C0:33:FE:22:29
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019539C0AC2A1176EF3F852E4AD28E1FDBFD
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TuKHkrJdxNJ-p5OPnzZcwDP-Iik.roa
Signing time: Mon 24 Feb 2025 20:58:02 +0000
ROA not before: Mon 24 Feb 2025 20:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 193.233.21.0/24 maxlen: 24
193.233.132.0/24 maxlen: 24
193.233.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:39:c0:ac:2a:11:76:ef:3f:85:2e:4a:d2:8e:1f:db:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 24 20:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ee28792b25dc4d27ea7938f9f365cc033fe2229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:75:bc:a2:02:aa:1e:ef:06:0d:c4:34:4d:4b:
c8:f4:ef:75:d6:52:a8:d2:79:17:8e:83:89:18:2d:
ce:b9:d0:c5:b1:9b:bb:88:c2:31:53:1b:5c:c7:a9:
f2:75:dc:2a:30:fd:a3:97:27:df:c5:ee:19:27:67:
bb:1e:2f:8b:25:bc:99:69:84:e1:e2:8b:80:43:06:
44:ab:d5:6f:73:9b:05:cc:f0:7f:0e:1d:cf:c8:6e:
46:41:6f:e8:c5:9f:62:28:dd:9f:e7:9a:43:f9:78:
0d:17:80:2a:e7:18:a3:df:4d:da:51:7f:e5:98:a2:
21:6a:eb:d0:55:5e:a6:59:ea:79:7a:86:e4:8c:85:
5d:d3:e8:d9:1a:07:38:eb:a0:02:b6:7f:db:29:05:
07:0c:58:3e:9c:33:61:38:06:ff:13:d7:b5:62:0c:
ce:c4:de:8a:10:5f:3d:a5:c6:d9:b2:d3:bb:09:f9:
61:0a:7f:1e:2e:23:00:7c:a9:d7:7b:e6:ed:3f:47:
83:96:e8:6c:7c:72:ee:09:a9:b8:64:2c:cf:8a:4f:
84:67:af:16:5f:44:5d:57:7d:bc:2a:dc:f8:fc:b3:
58:85:e4:ff:3d:b4:55:ac:66:bc:b4:cc:cd:f7:67:
fb:5a:0e:92:2f:b5:45:71:3e:12:4e:77:77:09:22:
66:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E2:87:92:B2:5D:C4:D2:7E:A7:93:8F:9F:36:5C:C0:33:FE:22:29
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TuKHkrJdxNJ-p5OPnzZcwDP-Iik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.21.0/24
193.233.132.0/24
193.233.255.0/24
Signature Algorithm: sha256WithRSAEncryption
56:dc:ad:15:f3:6a:2d:be:25:bd:15:b6:02:59:4c:25:68:94:
65:df:fd:ff:60:6d:9b:0b:7c:cb:42:d9:99:23:57:37:9f:b7:
52:10:00:7f:42:0c:6e:da:7d:96:c2:02:36:7c:ab:d3:0b:1c:
5a:b3:5e:90:1b:2e:45:02:2e:b5:84:8a:37:62:c6:57:18:18:
e0:f6:6b:5b:4d:2d:81:88:5f:4d:28:f7:e9:6c:ef:97:2f:4e:
fa:68:ac:17:6c:82:b0:9d:bd:48:b4:f3:cb:d6:45:38:4a:17:
cb:7d:13:69:7a:13:3c:44:e8:b1:e7:a4:df:04:db:fb:4a:d8:
fe:23:9d:84:48:a3:9e:47:ef:07:8a:c3:f6:63:c2:14:40:6d:
3d:69:e0:27:c0:01:6b:96:39:c5:9e:b1:26:de:ed:b3:b8:bf:
f1:02:3d:52:9a:ef:b7:60:60:64:da:47:61:d3:cf:6f:95:00:
97:8b:d5:9b:b1:44:d6:ed:e4:6d:43:d9:c5:de:4b:8a:9f:83:
87:2a:79:f5:cf:78:25:22:8e:5a:1d:1e:ea:d3:21:6a:eb:48:
29:f1:ad:45:44:34:0b:94:86:f7:9c:68:d0:c5:b6:ee:6d:97:
a3:54:55:3b:0f:68:7a:28:ee:44:c7:d1:5d:b4:57:a8:28:49:
5d:92:2b:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU5wKwqEXbvP4UuStKOH9v9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMjI0MjA1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUyODc5MmIyNWRjNGQyN2VhNzkzOGY5ZjM2NWNjMDMzZmUyMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3W8ogKqHu8GDcQ0TUvI9O911lKo
0nkXjoOJGC3OudDFsZu7iMIxUxtcx6nyddwqMP2jlyffxe4ZJ2e7Hi+LJbyZaYTh
4ouAQwZEq9Vvc5sFzPB/Dh3PyG5GQW/oxZ9iKN2f55pD+XgNF4Aq5xij303aUX/l
mKIhauvQVV6mWep5eobkjIVd0+jZGgc466ACtn/bKQUHDFg+nDNhOAb/E9e1YgzO
xN6KEF89pcbZstO7CflhCn8eLiMAfKnXe+btP0eDluhsfHLuCam4ZCzPik+EZ68W
X0RdV328Ktz4/LNYheT/PbRVrGa8tMzN92f7Wg6SL7VFcT4STnd3CSJmfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE7ih5KyXcTSfqeTj582XMAz/iIpMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVHVLSGtySmR4TkotcDVPUG56WmN3RFAtSWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwekVAwQA
wemEAwQAwen/MA0GCSqGSIb3DQEBCwUAA4IBAQBW3K0V82otviW9FbYCWUwlaJRl
3/3/YG2bC3zLQtmZI1c3n7dSEAB/Qgxu2n2WwgI2fKvTCxxas16QGy5FAi61hIo3
YsZXGBjg9mtbTS2BiF9NKPfpbO+XL076aKwXbIKwnb1ItPPL1kU4ShfLfRNpehM8
ROix56TfBNv7Stj+I52ESKOeR+8HisP2Y8IUQG09aeAnwAFrljnFnrEm3u2zuL/x
Aj1Smu+3YGBk2kdh089vlQCXi9WbsUTW7eRtQ9nF3kuKn4OHKnn1z3glIo5aHR7q
0yFq60gp8a1FRDQLlIb3nGjQxbbubZejVFU7D2h6KO5Ex9FdtFeoKEldkivG
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:14:07 2025 by rpki-client