Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lGVvzcyQR5_tVGJarp8DrxipBGU.roa
File: lGVvzcyQR5_tVGJarp8DrxipBGU.roa (raw, json)
Hash identifier: RBqV45fAhWgiv7CptrHh3VDrxYOzUlsC+IYHENz6enU=
Subject key identifier: 94:65:6F:CD:CC:90:47:9F:ED:54:62:5A:AE:9F:03:AF:18:A9:04:65
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206834FF1B7B15C5A24DC3A944E11321
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lGVvzcyQR5_tVGJarp8DrxipBGU.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 193.233.110.0/23 maxlen: 24
193.233.116.0/23 maxlen: 24
193.233.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:34:ff:1b:7b:15:c5:a2:4d:c3:a9:44:e1:13:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94656fcdcc90479fed54625aae9f03af18a90465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dd:d8:87:18:3f:57:38:d6:f7:b2:85:45:a0:
b3:76:1f:c3:4f:16:70:5a:2e:f2:fc:34:34:8f:25:
f6:b2:1c:fd:f4:15:84:ab:07:46:53:9d:7d:17:51:
66:df:84:85:c7:08:91:36:00:32:77:99:7e:97:65:
dc:48:15:ed:75:6b:3a:ac:f0:a5:c1:ef:39:a6:67:
cd:73:62:57:33:d5:57:8d:61:0a:8b:76:9d:18:64:
83:c2:8f:05:85:92:3d:42:ba:d5:14:38:1b:51:81:
46:04:6a:04:8d:b0:8e:5e:a0:2e:a8:1e:47:34:14:
18:41:7c:88:3a:d4:a7:a7:ba:20:fd:f8:ea:cd:00:
ae:96:37:e4:4a:4b:c7:95:81:22:01:eb:c3:68:79:
22:4b:28:f8:39:e9:0f:bf:c2:57:95:4a:ab:a3:d0:
86:85:75:e0:eb:02:d8:81:1d:15:62:fe:21:e0:79:
86:99:80:e7:a3:89:cd:97:12:51:92:3d:f1:17:e3:
0d:bc:dd:ec:98:8b:c5:d5:3e:cf:ee:aa:07:e9:3a:
e3:76:0b:6e:4d:63:66:25:bf:77:8b:7a:b2:c3:a3:
6c:87:ae:e8:3e:5b:b8:2f:e7:fb:3c:b2:0f:ad:cd:
a5:62:7f:b9:7c:92:6b:ee:85:68:28:23:05:90:65:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:65:6F:CD:CC:90:47:9F:ED:54:62:5A:AE:9F:03:AF:18:A9:04:65
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/lGVvzcyQR5_tVGJarp8DrxipBGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.110.0/23
193.233.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:1f:76:3b:ef:e5:45:28:1f:20:97:b8:62:71:63:91:5d:46:
87:71:c3:28:6c:ac:6e:04:d9:6c:86:71:09:02:78:a5:8d:c9:
e3:6a:e3:ac:b2:b7:a9:6c:59:64:e0:02:22:f7:c8:b2:51:eb:
d6:f8:ff:d2:dc:2e:93:05:af:04:f9:6c:eb:9e:63:83:e1:b1:
99:70:f0:88:68:bf:ef:13:37:92:ee:6c:d1:01:54:ac:d1:7a:
4a:7b:56:97:36:d5:db:c0:8d:81:1a:85:ce:17:f6:e1:cc:4f:
aa:15:fb:71:be:4a:e3:f7:81:fb:62:00:dc:28:08:52:07:00:
3e:c1:50:24:49:1b:57:01:18:71:41:ad:76:0b:c1:c2:ae:b0:
40:fc:93:a9:b2:7a:bd:6d:3f:b8:2d:cf:5b:22:14:09:15:97:
9f:1a:cc:71:9c:c3:5b:b8:2e:14:88:e1:87:16:d2:31:06:1b:
ee:db:db:fd:74:86:d2:99:ba:94:73:f8:44:b2:a8:3c:d7:9e:
1d:58:0f:d2:39:ba:de:f3:65:13:e3:f0:b8:7a:0a:11:d3:bc:
58:95:5b:ba:f4:d1:fd:cc:ec:14:5b:47:7a:6d:04:3d:69:b0:
c3:13:88:c2:fe:57:62:fa:86:54:69:6d:b9:32:f0:03:f8:c8:
69:c2:3e:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaDT/G3sVxaJNw6lE4RMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY1NmZjZGNjOTA0NzlmZWQ1NDYyNWFhZTlmMDNhZjE4YTkwNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d3Yhxg/VzjW97KFRaCzdh/DTxZw
Wi7y/DQ0jyX2shz99BWEqwdGU519F1Fm34SFxwiRNgAyd5l+l2XcSBXtdWs6rPCl
we85pmfNc2JXM9VXjWEKi3adGGSDwo8FhZI9QrrVFDgbUYFGBGoEjbCOXqAuqB5H
NBQYQXyIOtSnp7og/fjqzQCuljfkSkvHlYEiAevDaHkiSyj4OekPv8JXlUqro9CG
hXXg6wLYgR0VYv4h4HmGmYDno4nNlxJRkj3xF+MNvN3smIvF1T7P7qoH6Trjdgtu
TWNmJb93i3qyw6Nsh67oPlu4L+f7PLIPrc2lYn+5fJJr7oVoKCMFkGUMyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJRlb83MkEef7VRiWq6fA68YqQRlMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbEdWdnpjeVFSNV90VkdKYXJwOERyeGlwQkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBweluAwQC
wel0MA0GCSqGSIb3DQEBCwUAA4IBAQB7H3Y77+VFKB8gl7hicWORXUaHccMobKxu
BNlshnEJAniljcnjauOssrepbFlk4AIi98iyUevW+P/S3C6TBa8E+WzrnmOD4bGZ
cPCIaL/vEzeS7mzRAVSs0XpKe1aXNtXbwI2BGoXOF/bhzE+qFftxvkrj94H7YgDc
KAhSBwA+wVAkSRtXARhxQa12C8HCrrBA/JOpsnq9bT+4Lc9bIhQJFZefGsxxnMNb
uC4UiOGHFtIxBhvu29v9dIbSmbqUc/hEsqg8154dWA/SObre82UT4/C4egoR07xY
lVu69NH9zOwUW0d6bQQ9abDDE4jC/ldi+oZUaW25MvAD+Mhpwj78
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:05:24 2025 by rpki-client