Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lvMhmqwORR1iTuvuo4HtPWtLuiE.roa
File: lvMhmqwORR1iTuvuo4HtPWtLuiE.roa (raw, json)
Hash identifier: OOMCLN9RUgGQH5tD2Yh2PjqTFzqeUI9MMSQRzFGKrT8=
Subject key identifier: 96:F3:21:9A:AC:0E:45:1D:62:4E:EB:EE:A3:81:ED:3D:6B:4B:BA:21
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019522C2BE34B9D3A25CB7F3953DAF532A4F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lvMhmqwORR1iTuvuo4HtPWtLuiE.roa
Signing time: Thu 20 Feb 2025 09:49:02 +0000
ROA not before: Thu 20 Feb 2025 09:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51821
IP address blocks: 193.234.102.0/23 maxlen: 23
194.103.133.0/24 maxlen: 24
194.103.192.0/24 maxlen: 24
194.103.198.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:c2:be:34:b9:d3:a2:5c:b7:f3:95:3d:af:53:2a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 20 09:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96f3219aac0e451d624eebeea381ed3d6b4bba21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:ee:95:22:5c:0d:31:32:18:34:3a:b7:67:
d6:81:73:5d:33:2f:f3:af:8e:00:e9:43:e6:32:8f:
f1:56:fb:af:4e:1f:37:43:f1:a4:ff:27:31:43:e3:
45:57:a8:6e:df:95:ee:ca:cb:36:e6:ad:21:b5:60:
f5:3b:6b:50:65:d0:50:dd:86:e1:ad:c9:12:0e:49:
1e:09:63:eb:55:97:38:d6:a1:6a:76:e6:0d:4e:c6:
28:de:06:77:ef:25:d8:45:96:e6:9c:37:0d:c4:63:
e3:a5:5e:e0:08:f8:ac:f0:15:0d:c4:e6:a3:ac:b7:
a2:b8:bf:8b:b5:fb:de:9e:70:37:5d:20:25:81:2c:
62:d7:42:cc:c7:27:59:bc:19:da:b7:e5:15:8a:59:
3a:9e:ef:ce:fd:03:a9:95:4e:ce:a0:2a:18:c9:4c:
45:38:56:9d:56:e9:68:fe:a6:14:9a:71:07:69:63:
e4:c5:2b:42:9a:89:5e:7b:6b:9a:b7:79:30:b9:90:
33:d2:7f:0d:66:ea:d5:55:15:47:30:f8:13:4c:31:
38:84:78:d6:0e:13:00:0c:30:d9:8e:43:fe:94:a1:
3c:78:e9:cc:7d:53:b1:e2:91:d1:de:12:c6:53:b8:
6b:54:fd:7a:e4:4b:e4:08:05:c5:99:02:5f:48:c0:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F3:21:9A:AC:0E:45:1D:62:4E:EB:EE:A3:81:ED:3D:6B:4B:BA:21
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lvMhmqwORR1iTuvuo4HtPWtLuiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.102.0/23
194.103.133.0/24
194.103.192.0/24
194.103.198.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:89:77:d1:f1:f9:45:cc:21:b1:56:01:9b:f6:67:e6:ea:7d:
0c:f6:cf:a9:52:50:f5:d9:55:b1:e0:55:b9:c0:40:54:bd:c4:
7f:86:dc:95:68:e3:ff:ed:c8:dd:32:f0:30:7c:8c:de:42:81:
0d:f9:8e:66:6b:6f:e6:ed:47:cc:fa:25:ed:4a:fe:83:8f:03:
27:be:64:1d:70:e7:6c:ab:c1:40:e3:14:f8:fc:bc:7a:91:e5:
01:33:4d:07:5c:6e:28:72:b1:0e:ac:c8:03:d5:f4:f1:68:f0:
23:50:40:4f:af:3d:eb:22:c6:b1:83:4a:4b:1a:76:06:6c:26:
65:11:ec:76:18:f5:b0:aa:3a:ba:ce:82:19:b9:be:e4:ae:6d:
b3:24:4d:13:bc:3c:df:aa:79:8d:6c:df:57:b2:d1:48:f3:92:
85:a4:20:d9:62:6d:e2:da:e8:8e:7c:56:56:38:46:6a:ec:f8:
e9:29:3b:76:6d:92:fb:8a:54:a6:40:c6:b9:10:f6:f9:4f:e7:
12:c7:3b:67:e2:5c:06:7f:5c:7e:1f:25:2b:d4:27:69:61:18:
43:1a:30:0e:48:d4:af:97:fd:7f:06:78:60:78:97:41:bd:e0:
5a:b9:47:6a:06:ff:ca:fe:43:b2:a8:8d:09:c3:36:26:17:95:
c2:95:06:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUiwr40udOiXLfzlT2vUypPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjIwMDk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYzMjE5YWFjMGU0NTFkNjI0ZWViZWVhMzgxZWQzZDZiNGJiYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDDulSJcDTEyGDQ6t2fWgXNdMy/z
r44A6UPmMo/xVvuvTh83Q/Gk/ycxQ+NFV6hu35Xuyss25q0htWD1O2tQZdBQ3Ybh
rckSDkkeCWPrVZc41qFqduYNTsYo3gZ37yXYRZbmnDcNxGPjpV7gCPis8BUNxOaj
rLeiuL+LtfvennA3XSAlgSxi10LMxydZvBnat+UVilk6nu/O/QOplU7OoCoYyUxF
OFadVulo/qYUmnEHaWPkxStCmolee2uat3kwuZAz0n8NZurVVRVHMPgTTDE4hHjW
DhMADDDZjkP+lKE8eOnMfVOx4pHR3hLGU7hrVP165EvkCAXFmQJfSMCSHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJbzIZqsDkUdYk7r7qOB7T1rS7ohMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbHZNaG1xd09SUjFpVHV2dW80SHRQV3RMdWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwepmAwQA
wmeFAwQAwmfAAwQBwmfGMA0GCSqGSIb3DQEBCwUAA4IBAQA9iXfR8flFzCGxVgGb
9mfm6n0M9s+pUlD12VWx4FW5wEBUvcR/htyVaOP/7cjdMvAwfIzeQoEN+Y5ma2/m
7UfM+iXtSv6DjwMnvmQdcOdsq8FA4xT4/Lx6keUBM00HXG4ocrEOrMgD1fTxaPAj
UEBPrz3rIsaxg0pLGnYGbCZlEex2GPWwqjq6zoIZub7krm2zJE0TvDzfqnmNbN9X
stFI85KFpCDZYm3i2uiOfFZWOEZq7PjpKTt2bZL7ilSmQMa5EPb5T+cSxztn4lwG
f1x+HyUr1CdpYRhDGjAOSNSvl/1/BnhgeJdBveBauUdqBv/K/kOyqI0JwzYmF5XC
lQZp
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:50:51 2025 by rpki-client