Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/851ef6-97b0-463b-8cb3-2d03e4b15376/1/y-E-PXxWEsOY0t-CNIYHlKMej88.roa
File: y-E-PXxWEsOY0t-CNIYHlKMej88.roa (raw, json)
Hash identifier: QNeJc6vbbiXAxzP87jKhBqJ6elXGK2aYraaBqZERu3k=
Subject key identifier: CB:E1:3E:3D:7C:56:12:C3:98:D2:DF:82:34:86:07:94:A3:1E:8F:CF
Certificate issuer: /CN=743a2a1d4382a25ac3eeaff41d403f4d859e52fe
Certificate serial: 1F3387A1
Authority key identifier: 74:3A:2A:1D:43:82:A2:5A:C3:EE:AF:F4:1D:40:3F:4D:85:9E:52:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dDoqHUOColrD7q_0HUA_TYWeUv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/851ef6-97b0-463b-8cb3-2d03e4b15376/1/y-E-PXxWEsOY0t-CNIYHlKMej88.roa
Signing time: Sat 01 Jan 2022 08:02:10 +0000
ROA not before: Sat 01 Jan 2022 08:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20904
IP address blocks: 84.240.64.0/20 maxlen: 20
84.240.64.0/19 maxlen: 19
84.240.80.0/20 maxlen: 20
149.126.176.0/21 maxlen: 21
84.240.96.0/19 maxlen: 19
149.126.180.0/24 maxlen: 24
188.64.0.0/21 maxlen: 21
185.25.76.0/23 maxlen: 23
185.25.76.0/22 maxlen: 22
185.25.78.0/24 maxlen: 24
185.25.79.0/24 maxlen: 24
37.35.80.0/21 maxlen: 21
185.67.80.0/22 maxlen: 22
37.35.86.0/24 maxlen: 24
80.75.96.0/20 maxlen: 20
93.174.192.0/21 maxlen: 21
80.75.104.0/24 maxlen: 24
80.75.106.0/24 maxlen: 24
46.254.212.0/22 maxlen: 22
46.254.208.0/22 maxlen: 22
46.254.208.0/21 maxlen: 21
2a00:74a0::/32 maxlen: 32
2a00:1a58::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 523470753 (0x1f3387a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743a2a1d4382a25ac3eeaff41d403f4d859e52fe
Validity
Not Before: Jan 1 08:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbe13e3d7c5612c398d2df8234860794a31e8fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9e:28:30:d0:98:bc:4d:a7:2d:4b:df:78:d9:
9d:08:67:8c:e9:25:a5:d4:0a:05:76:0f:7d:5d:53:
37:8d:05:fc:5b:39:69:7b:c2:18:f9:49:64:34:90:
d1:80:de:d3:3b:59:74:87:5d:bd:01:b2:0b:e2:da:
c4:b8:e3:9e:0f:9f:6e:08:c7:0a:c5:9f:54:e3:dd:
f1:87:13:17:81:5c:9c:8b:c9:eb:4e:6e:43:57:59:
14:f1:8d:09:de:ba:51:3e:60:ce:2c:f9:47:1b:d7:
5c:cf:55:0a:86:f9:8a:c9:9c:e1:55:58:10:6e:dd:
5c:26:2a:d5:48:d4:c6:bd:ca:2b:98:de:8d:ce:c4:
4e:49:ee:7f:cb:93:10:e0:86:1e:42:7b:25:38:cb:
23:6f:66:79:cd:b3:ff:4b:49:ba:f5:46:06:c1:5a:
33:0d:ef:7b:68:b9:2f:40:de:1f:45:c9:6d:60:03:
5b:86:1d:f4:ea:dc:34:2d:ca:60:0d:0c:26:b2:e3:
00:b4:d7:76:41:e6:4e:df:87:e5:d7:82:b2:4d:77:
e9:88:5b:99:41:1f:b2:e7:0f:ae:94:cc:b0:17:70:
2f:b4:c9:54:5c:00:92:28:d7:ee:6b:91:0a:e6:94:
fd:72:92:29:80:cd:43:f6:c3:90:9d:ec:23:be:8b:
e9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E1:3E:3D:7C:56:12:C3:98:D2:DF:82:34:86:07:94:A3:1E:8F:CF
X509v3 Authority Key Identifier:
keyid:74:3A:2A:1D:43:82:A2:5A:C3:EE:AF:F4:1D:40:3F:4D:85:9E:52:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dDoqHUOColrD7q_0HUA_TYWeUv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/851ef6-97b0-463b-8cb3-2d03e4b15376/1/y-E-PXxWEsOY0t-CNIYHlKMej88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/851ef6-97b0-463b-8cb3-2d03e4b15376/1/dDoqHUOColrD7q_0HUA_TYWeUv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.80.0/21
46.254.208.0/21
80.75.96.0/20
84.240.64.0/18
93.174.192.0/21
149.126.176.0/21
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
Signature Algorithm: sha256WithRSAEncryption
b7:4d:14:d4:25:7e:6c:47:fc:08:85:b6:67:b2:23:bb:bc:75:
5b:fe:81:00:4c:91:3f:34:8d:4e:60:cc:b2:f9:25:58:eb:5b:
32:ea:94:88:4b:74:af:3f:f5:33:48:9a:53:3c:5b:04:9b:f4:
70:57:74:95:80:91:f9:d8:70:62:b0:81:18:7a:4a:40:a0:c4:
f3:cb:57:b3:aa:42:1b:69:8f:2f:9d:8b:83:a0:07:cd:52:e4:
0f:a5:af:3f:6c:36:5d:d8:43:91:43:58:d5:92:42:51:58:53:
83:42:ea:0f:ff:e9:d6:e3:55:0e:39:bf:35:7c:47:c6:67:7f:
e4:f7:45:bb:df:45:fb:6e:2b:cf:3f:28:dd:32:c4:a0:20:b9:
a9:8a:86:12:c1:0d:d0:d2:54:7b:93:f7:51:37:5e:b7:f7:a5:
54:95:fe:17:ec:80:b1:73:f5:8a:23:00:52:3f:95:28:08:54:
4e:58:17:87:56:0c:7e:d9:ab:cc:52:ac:06:d2:0a:65:b9:5d:
28:2b:04:98:10:4a:46:20:eb:6d:24:7c:15:58:84:9f:86:7a:
d5:05:e0:da:a8:70:d8:53:cc:9e:a6:b8:fb:c3:e3:45:29:c3:
72:54:7d:97:fb:05:9d:ae:cf:9a:21:09:e3:e0:0c:a5:29:3d:
f4:4b:7a:00
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEHzOHoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNhMmExZDQzODJhMjVhYzNlZWFmZjQxZDQwM2Y0ZDg1OWU1MmZlMB4XDTIyMDEw
MTA4MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JlMTNlM2Q3YzU2
MTJjMzk4ZDJkZjgyMzQ4NjA3OTRhMzFlOGZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2eKDDQmLxNpy1L33jZnQhnjOklpdQKBXYPfV1TN40F/Fs5
aXvCGPlJZDSQ0YDe0ztZdIddvQGyC+LaxLjjng+fbgjHCsWfVOPd8YcTF4FcnIvJ
605uQ1dZFPGNCd66UT5gziz5RxvXXM9VCob5ismc4VVYEG7dXCYq1UjUxr3KK5je
jc7ETknuf8uTEOCGHkJ7JTjLI29mec2z/0tJuvVGBsFaMw3ve2i5L0DeH0XJbWAD
W4Yd9OrcNC3KYA0MJrLjALTXdkHmTt+H5deCsk136YhbmUEfsucPrpTMsBdwL7TJ
VFwAkijX7muRCuaU/XKSKYDNQ/bDkJ3sI76L6acCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBTL4T49fFYSw5jS34I0hgeUox6PzzAfBgNVHSMEGDAWgBR0OiodQ4KiWsPu
r/QdQD9NhZ5S/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2REb3FIVU9Db2xyRDdxXzBIVUFfVFlXZVV2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvODUxZWY2LTk3YjAtNDYzYi04Y2IzLTJkMDNlNGIxNTM3Ni8x
L3ktRS1QWHhXRXNPWTB0LUNOSVlIbEtNZWo4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ODUxZWY2LTk3YjAtNDYzYi04Y2IzLTJkMDNlNGIxNTM3Ni8xL2REb3FIVU9Db2xy
RDdxXzBIVUFfVFlXZVV2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEAyUjUAMEAy7+0AMEBFBLYAMEBlTw
QAMEA12uwAMEA5V+sAMEArkZTAMEArlDUAMEA7xAADAUBAIAAjAOAwUAKgAaWAMF
ACoAdKAwDQYJKoZIhvcNAQELBQADggEBALdNFNQlfmxH/AiFtmeyI7u8dVv+gQBM
kT80jU5gzLL5JVjrWzLqlIhLdK8/9TNImlM8WwSb9HBXdJWAkfnYcGKwgRh6SkCg
xPPLV7OqQhtpjy+di4OgB81S5A+lrz9sNl3YQ5FDWNWSQlFYU4NC6g//6dbjVQ45
vzV8R8Znf+T3RbvfRftuK88/KN0yxKAguamKhhLBDdDSVHuT91E3Xrf3pVSV/hfs
gLFz9YojAFI/lSgIVE5YF4dWDH7Zq8xSrAbSCmW5XSgrBJgQSkYg620kfBVYhJ+G
etUF4NqocNhTzJ6muPvD40Upw3JUfZf7BZ2uz5ohCePgDKUpPfRLegA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:04 2025 by rpki-client