Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/IoLs6K5pJ3D8fcoqZgKXFvAi72I.roa
File: IoLs6K5pJ3D8fcoqZgKXFvAi72I.roa (raw, json)
Hash identifier: wUo6dFVLsnI0JZu3xRYhlTEp3ziFMVUFIW9HgqsKRBI=
Subject key identifier: 22:82:EC:E8:AE:69:27:70:FC:7D:CA:2A:66:02:97:16:F0:22:EF:62
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01951A061B66F5B46D2327BAF0637BAEE911
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/IoLs6K5pJ3D8fcoqZgKXFvAi72I.roa
Signing time: Tue 18 Feb 2025 17:06:02 +0000
ROA not before: Tue 18 Feb 2025 17:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.1.0/24 maxlen: 24
193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.22.0/23 maxlen: 24
193.232.25.0/24 maxlen: 24
193.232.26.0/24 maxlen: 24
193.232.27.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.30.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:06:1b:66:f5:b4:6d:23:27:ba:f0:63:7b:ae:e9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Feb 18 17:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2282ece8ae692770fc7dca2a66029716f022ef62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:14:3f:90:3c:ec:9f:91:98:4a:4a:1a:fb:aa:
49:a1:3f:e1:76:f0:1a:ef:08:4d:c5:59:4c:e0:1f:
0b:7e:13:db:75:aa:cb:3f:0c:0b:8e:f6:ee:0d:84:
72:5c:89:26:6c:72:64:36:a6:48:2c:ed:cc:c4:7e:
92:b3:1b:7c:9a:82:8a:93:40:0a:22:a8:20:1f:6f:
22:d5:72:1f:3d:d6:0f:1a:b1:fe:da:26:a5:31:e6:
de:2d:97:69:09:0a:8c:92:31:1b:ad:3a:2c:fc:73:
27:04:e7:f9:33:1f:19:60:dd:2b:66:e7:4c:25:a9:
76:3b:8a:e7:69:77:d5:a4:cf:b7:f1:68:e4:ba:b9:
cd:d2:87:e6:38:d8:18:b5:99:5f:88:d2:ad:23:8c:
01:f1:cc:6f:8d:52:d9:64:52:6c:f9:e6:b1:32:5d:
d0:77:81:8e:e6:3e:95:95:38:c3:2e:9e:ba:7f:b2:
cd:e5:ad:56:e2:5d:39:6a:93:34:82:11:e7:f3:14:
c2:1f:dc:fb:b7:b5:7b:4f:fe:65:af:61:52:c9:9c:
b6:96:ea:11:68:06:06:a7:7e:da:0c:64:f8:22:1e:
44:f9:98:b2:11:85:fa:86:26:7f:3e:51:b0:56:99:
18:61:e7:b8:37:6a:78:67:c7:7e:43:f6:da:55:45:
61:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:82:EC:E8:AE:69:27:70:FC:7D:CA:2A:66:02:97:16:F0:22:EF:62
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/IoLs6K5pJ3D8fcoqZgKXFvAi72I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.1.0-193.232.4.255
193.232.6.0/24
193.232.8.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.22.0/23
193.232.25.0-193.232.28.255
193.232.30.0/23
193.232.192.0-193.232.197.255
193.232.207.0/24
193.232.212.0/24
193.232.218.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:b2:18:d0:c8:67:d6:eb:bd:8e:30:2d:77:12:10:78:40:d1:
e9:e7:33:4f:6f:fb:9e:81:39:c6:a7:36:01:e2:48:69:67:80:
1e:d2:de:c0:4c:49:6e:fd:a8:9f:25:c0:70:e5:d0:54:3d:a9:
af:ec:c0:1b:22:97:39:37:a5:0c:fe:18:90:14:ba:fd:9f:a7:
36:39:6a:ee:88:bb:a8:33:20:b3:24:c1:46:48:33:0b:49:c3:
75:18:da:a5:76:bc:2a:bd:d6:cd:a6:5d:b9:93:65:0d:c5:57:
f3:b2:e4:94:66:12:9f:66:d7:e3:97:66:5d:3e:3b:43:9b:66:
c6:b7:08:fa:ad:15:db:bd:6f:7a:d2:a3:5e:17:ab:c4:08:68:
ac:6a:9e:2b:4f:56:aa:4e:f6:9f:b2:f0:86:d0:ae:5e:86:14:
b4:3c:27:42:22:33:a2:51:1a:c7:25:97:8a:79:67:f4:45:00:
d1:8c:22:9d:cc:83:51:bc:ef:d6:a7:90:13:ce:99:d1:0d:8b:
ec:bb:e9:bd:69:8f:77:de:64:12:57:33:aa:62:41:8f:7d:46:
8a:30:4b:74:8c:bb:48:24:e0:ec:fa:71:19:12:ec:0e:2b:ef:
59:83:05:89:ca:32:1e:24:06:26:3a:25:ac:e6:5c:d4:86:b2:
83:bc:c8:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZUaBhtm9bRtIye68GN7rukRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMjE4MTcwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgyZWNlOGFlNjkyNzcwZmM3ZGNhMmE2NjAyOTcxNmYwMjJlZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hQ/kDzsn5GYSkoa+6pJoT/hdvAa
7whNxVlM4B8LfhPbdarLPwwLjvbuDYRyXIkmbHJkNqZILO3MxH6Ssxt8moKKk0AK
IqggH28i1XIfPdYPGrH+2ialMebeLZdpCQqMkjEbrTos/HMnBOf5Mx8ZYN0rZudM
Jal2O4rnaXfVpM+38WjkurnN0ofmONgYtZlfiNKtI4wB8cxvjVLZZFJs+eaxMl3Q
d4GO5j6VlTjDLp66f7LN5a1W4l05apM0ghHn8xTCH9z7t7V7T/5lr2FSyZy2luoR
aAYGp37aDGT4Ih5E+ZiyEYX6hiZ/PlGwVpkYYee4N2p4Z8d+Q/baVUVhmQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCKC7OiuaSdw/H3KKmYClxbwIu9iMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvSW9MczZLNXBKM0Q4ZmNvcVpnS1hGdkFpNzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAMAwQAwegB
AwQAwegEAwQAwegGMAwDBAPB6AgDBAHB6AwDBADB6BEDBADB6BMDBAHB6BYwDAME
AMHoGQMEAMHoHAMEAcHoHjAMAwQGwejAAwQBwejEAwQAwejPAwQAwejUAwQBweja
MA0GCSqGSIb3DQEBCwUAA4IBAQAqshjQyGfW672OMC13EhB4QNHp5zNPb/uegTnG
pzYB4khpZ4Ae0t7ATElu/aifJcBw5dBUPamv7MAbIpc5N6UM/hiQFLr9n6c2OWru
iLuoMyCzJMFGSDMLScN1GNqldrwqvdbNpl25k2UNxVfzsuSUZhKfZtfjl2ZdPjtD
m2bGtwj6rRXbvW960qNeF6vECGisap4rT1aqTvafsvCG0K5ehhS0PCdCIjOiURrH
JZeKeWf0RQDRjCKdzINRvO/Wp5ATzpnRDYvsu+m9aY933mQSVzOqYkGPfUaKMEt0
jLtIJODs+nEZEuwOK+9ZgwWJyjIeJAYmOiWs5lzUhrKDvMg1
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:49:17 2025 by rpki-client