Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3DTuyqH2bEpX_xl7nGQibfqBJ1U.roa
File: 3DTuyqH2bEpX_xl7nGQibfqBJ1U.roa (raw, json)
Hash identifier: FUZDrKmcEHU3cXyXiTSJg+l1wkh7HRW2HJC7SsLdJeU=
Subject key identifier: DC:34:EE:CA:A1:F6:6C:4A:57:FF:19:7B:9C:64:22:6D:FA:81:27:55
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 0186494C6217D9AF0E4D8F3CB8AA82EF34E6
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3DTuyqH2bEpX_xl7nGQibfqBJ1U.roa
Signing time: Mon 13 Feb 2023 05:43:07 +0000
ROA not before: Mon 13 Feb 2023 05:43:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25003
IP address blocks: 94.188.133.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.158.0/24 maxlen: 24
94.188.155.0/24 maxlen: 24
94.188.221.0/24 maxlen: 24
80.74.96.0/22 maxlen: 22
80.74.96.0/23 maxlen: 23
80.74.96.0/19 maxlen: 19
80.74.104.0/22 maxlen: 22
80.74.100.0/22 maxlen: 22
80.74.100.0/23 maxlen: 23
80.74.110.0/23 maxlen: 23
94.188.242.0/24 maxlen: 24
80.74.108.0/23 maxlen: 23
80.74.108.0/22 maxlen: 22
80.74.106.0/23 maxlen: 23
80.74.112.0/22 maxlen: 22
80.74.118.0/24 maxlen: 24
80.74.116.0/22 maxlen: 22
80.74.116.0/23 maxlen: 23
80.74.124.0/22 maxlen: 22
80.74.120.0/22 maxlen: 22
94.188.162.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.163.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.173.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.192.0/24 maxlen: 24
94.188.199.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
91.143.226.0/23 maxlen: 23
91.143.224.0/20 maxlen: 20
91.143.224.0/23 maxlen: 23
91.143.224.0/22 maxlen: 22
91.143.232.0/23 maxlen: 23
91.143.232.0/22 maxlen: 22
91.143.228.0/24 maxlen: 24
2a02:23b8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:4c:62:17:d9:af:0e:4d:8f:3c:b8:aa:82:ef:34:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:43:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc34eecaa1f66c4a57ff197b9c64226dfa812755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:47:4e:69:9c:c1:ad:cb:ba:88:15:dd:af:17:
40:0d:51:70:32:a6:01:6a:5b:7c:6b:b9:e8:13:33:
48:84:78:01:ce:0f:07:5e:55:31:68:1c:4b:4c:e5:
a2:05:8b:47:e7:61:68:2d:c2:27:53:46:79:7b:0d:
9d:c6:75:2b:91:b2:bd:4d:55:73:65:6c:2c:63:d6:
95:84:0a:53:ac:f5:50:ea:eb:77:89:7a:01:f7:d7:
a9:af:25:8a:80:c9:4d:31:50:0d:27:3b:4a:50:f9:
0d:e4:18:b8:f1:46:f1:fa:3e:30:cb:ad:16:cb:36:
2a:19:b8:2a:2c:f4:60:d5:e0:3e:64:3b:45:1c:a5:
1b:2d:3b:9a:ce:c5:a3:04:2d:39:95:02:60:c3:04:
b8:7b:0d:72:83:cc:3d:83:3f:a7:50:41:a3:ee:4e:
21:51:84:c2:05:a6:6a:a0:00:ea:f4:fe:0a:6d:24:
88:b9:ad:66:b2:57:56:57:52:13:53:7d:0b:4f:ee:
57:d6:7d:fe:3b:cf:fe:8e:97:26:d4:ec:ac:bf:51:
9f:3b:bc:cb:69:3f:3a:32:91:6c:b4:ff:e8:31:5a:
35:83:d2:98:5c:47:c7:6c:5d:a0:52:2e:b3:f6:81:
55:16:aa:9f:f8:6f:55:b0:65:16:f5:c8:36:78:0a:
fd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:34:EE:CA:A1:F6:6C:4A:57:FF:19:7B:9C:64:22:6D:FA:81:27:55
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3DTuyqH2bEpX_xl7nGQibfqBJ1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/19
91.143.224.0/20
94.188.133.0/24
94.188.140.0/24
94.188.155.0/24
94.188.158.0/24
94.188.161.0-94.188.163.255
94.188.165.0-94.188.166.255
94.188.173.0/24
94.188.175.0/24
94.188.178.0/24
94.188.192.0/24
94.188.197.0/24
94.188.199.0/24
94.188.221.0/24
94.188.242.0/24
IPv6:
2a02:23b8::/32
Signature Algorithm: sha256WithRSAEncryption
82:19:56:94:02:de:bb:29:4f:58:33:29:c6:e3:da:46:82:15:
f0:1a:e2:84:25:f8:f8:a7:62:d2:5b:05:c4:14:9b:04:69:fa:
b3:f8:2b:c1:49:8c:57:e4:56:96:9b:c3:59:87:a3:94:ed:b5:
92:35:4f:22:44:63:c5:da:96:8d:b4:8a:31:f4:b8:9f:02:55:
7f:0c:f3:ad:90:b9:54:92:a0:cb:6c:ac:97:35:3c:c1:b8:9b:
95:56:ed:09:cc:bc:4a:1c:70:60:55:6c:c5:22:bb:24:e3:90:
ec:9b:40:96:44:54:b6:06:90:05:b9:85:24:89:cd:e2:86:77:
9d:c4:a8:22:75:06:9c:be:cc:33:c5:7a:ec:bd:ff:3b:bc:f4:
51:25:d2:6b:51:64:59:e8:57:04:61:d7:54:b0:09:30:92:f9:
c7:8c:65:07:f8:e3:b5:cb:08:24:c1:96:5a:64:68:a2:8c:0c:
35:b0:a6:5e:41:73:8f:8e:15:7d:02:e8:94:c5:c0:b3:f1:08:
0d:0b:51:85:b5:9f:cd:27:c7:8c:b2:80:62:6f:ca:84:0f:2c:
4d:19:8c:65:d8:91:4a:23:1f:ac:67:e2:37:18:dd:5b:75:b2:
b3:97:47:fd:d2:13:0b:d4:22:ac:f7:90:c5:0f:b3:ba:83:49:
38:b2:b7:2a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYZJTGIX2a8OTY88uKqC7zTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU0MzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM0ZWVjYWExZjY2YzRhNTdmZjE5N2I5YzY0MjI2ZGZhODEyNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70dOaZzBrcu6iBXdrxdADVFwMqYB
alt8a7noEzNIhHgBzg8HXlUxaBxLTOWiBYtH52FoLcInU0Z5ew2dxnUrkbK9TVVz
ZWwsY9aVhApTrPVQ6ut3iXoB99epryWKgMlNMVANJztKUPkN5Bi48Ubx+j4wy60W
yzYqGbgqLPRg1eA+ZDtFHKUbLTuazsWjBC05lQJgwwS4ew1yg8w9gz+nUEGj7k4h
UYTCBaZqoADq9P4KbSSIua1msldWV1ITU30LT+5X1n3+O8/+jpcm1Oysv1GfO7zL
aT86MpFstP/oMVo1g9KYXEfHbF2gUi6z9oFVFqqf+G9VsGUW9cg2eAr9ZwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNw07sqh9mxKV/8Ze5xkIm36gSdVMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvM0RUdXlxSDJiRXBYX3hsN25HUWliZnFCSjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQFUEpg
AwQEW4/gAwQAXryFAwQAXryMAwQAXrybAwQAXryeMAwDBABevKEDBAJevKAwDAME
AF68pQMEAF68pgMEAF68rQMEAF68rwMEAF68sgMEAF68wAMEAF68xQMEAF68xwME
AF683QMEAF688jANBAIAAjAHAwUAKgIjuDANBgkqhkiG9w0BAQsFAAOCAQEAghlW
lALeuylPWDMpxuPaRoIV8BrihCX4+Kdi0lsFxBSbBGn6s/grwUmMV+RWlpvDWYej
lO21kjVPIkRjxdqWjbSKMfS4nwJVfwzzrZC5VJKgy2yslzU8wbiblVbtCcy8Shxw
YFVsxSK7JOOQ7JtAlkRUtgaQBbmFJInN4oZ3ncSoInUGnL7MM8V67L3/O7z0USXS
a1FkWehXBGHXVLAJMJL5x4xlB/jjtcsIJMGWWmRooowMNbCmXkFzj44VfQLolMXA
s/EIDQtRhbWfzSfHjLKAYm/KhA8sTRmMZdiRSiMfrGfiNxjdW3Wys5dH/dITC9Qi
rPeQxQ+zuoNJOLK3Kg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:31 2025 by rpki-client