Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/9MbNbtQABP9U_0F-h3jhUU2hOvU.roa
File: 9MbNbtQABP9U_0F-h3jhUU2hOvU.roa (raw, json)
Hash identifier: bPRzA8GscDv4yA1GtONhlEJ6UE3hvYpE/orSdHQ3Hbc=
Subject key identifier: F4:C6:CD:6E:D4:00:04:FF:54:FF:41:7E:87:78:E1:51:4D:A1:3A:F5
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 03D4EFEE
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/9MbNbtQABP9U_0F-h3jhUU2hOvU.roa
Signing time: Mon 09 May 2022 17:21:58 +0000
ROA not before: Mon 09 May 2022 17:21:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 31.11.40.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
37.251.176.0/20 maxlen: 24
37.251.200.0/21 maxlen: 24
46.19.104.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
141.136.16.0/20 maxlen: 24
37.251.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64286702 (0x3d4efee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: May 9 17:21:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4c6cd6ed40004ff54ff417e8778e1514da13af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cf:d0:04:00:ce:14:0b:d0:99:33:5b:81:7d:
49:4f:c8:d8:03:70:4c:0a:73:16:6b:56:6a:df:cf:
f8:a8:66:83:3a:4f:2a:e4:96:34:dd:43:01:17:b0:
c0:86:a2:9e:cc:14:3c:1c:fb:2e:0a:fe:25:14:f5:
47:17:06:8f:ca:8f:c4:2f:80:36:b2:57:60:be:d2:
9f:91:27:c5:28:05:f1:93:1a:11:c4:2e:55:af:69:
b6:cd:08:61:24:77:75:02:2f:d9:ba:15:7f:fa:5f:
d8:55:a2:48:97:b4:15:3c:97:33:99:8c:ae:ce:0e:
ba:14:4c:ee:eb:73:20:6b:55:e6:d1:e2:19:0b:38:
c0:a0:98:84:c9:51:51:63:f8:cb:a7:04:97:88:11:
3a:5e:81:b2:59:38:26:ab:93:d9:42:97:ad:15:21:
24:ae:d0:e8:47:ad:7b:d4:aa:65:b2:72:cb:56:ab:
13:cc:f7:2e:22:f7:c3:ee:d2:29:17:b5:44:82:42:
7e:1d:a4:90:a8:75:35:00:f2:fc:44:73:ce:ef:71:
cf:7b:0f:64:65:6a:80:99:4e:d2:77:c6:52:ce:ea:
e9:e9:be:9e:d9:9d:fa:2d:a3:20:ce:76:46:f1:9e:
36:cd:c1:c3:0d:5e:d8:4f:83:3c:9b:63:a9:35:8a:
64:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C6:CD:6E:D4:00:04:FF:54:FF:41:7E:87:78:E1:51:4D:A1:3A:F5
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/9MbNbtQABP9U_0F-h3jhUU2hOvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.40.0/21
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
46.19.104.0/21
46.231.104.0/21
62.122.40.0/21
141.136.16.0/20
Signature Algorithm: sha256WithRSAEncryption
89:e6:4b:95:d6:2a:fc:a4:78:f4:20:f7:69:f0:9b:c6:74:52:
55:41:a1:44:34:23:76:e3:22:e0:e0:a0:6b:c0:3f:b1:5b:8c:
eb:54:ef:7b:2b:70:b9:3d:fd:c5:e6:c5:ef:13:9a:d8:d4:5d:
d6:a5:5b:33:7d:f1:43:b7:e8:b8:45:14:50:82:f6:51:8b:76:
df:5c:63:32:f1:5c:ba:e4:e2:d1:ee:c5:ec:15:89:48:05:4c:
16:a3:84:76:25:24:39:62:5a:12:33:49:64:f4:1c:d4:86:6c:
54:1d:7f:84:18:d4:59:dc:87:f8:eb:db:02:e0:b7:57:6c:7e:
57:23:2a:8e:ae:db:db:c6:d4:dd:4f:9c:dd:61:b9:f5:1c:c3:
c3:47:a6:bf:60:dd:fa:9f:77:10:fc:5b:25:64:56:34:fa:fd:
a2:27:84:ec:7c:18:5f:25:91:20:42:43:4e:b8:f4:c6:2d:21:
c9:d9:4c:57:54:d0:a0:7e:27:57:80:63:e7:a3:a0:3d:bb:ea:
eb:ce:54:46:f2:fe:a8:ac:bb:f1:da:7f:e4:09:80:5b:fb:eb:
5b:7a:d6:de:32:db:49:fd:63:f5:af:1f:4b:53:c4:97:10:85:
df:ff:de:89:54:5c:16:fa:5d:33:2d:c1:78:f4:59:e8:7e:27:
81:41:69:a9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEA9Tv7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YmU4Y2M4ZjVhZjFlNzM2MmQ0NTRmM2RkOTFhODI5NTI5MTlkYjYxMB4XDTIyMDUw
OTE3MjE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRjNmNkNmVkNDAw
MDRmZjU0ZmY0MTdlODc3OGUxNTE0ZGExM2FmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTP0AQAzhQL0JkzW4F9SU/I2ANwTApzFmtWat/P+KhmgzpP
KuSWNN1DARewwIainswUPBz7Lgr+JRT1RxcGj8qPxC+ANrJXYL7Sn5EnxSgF8ZMa
EcQuVa9pts0IYSR3dQIv2boVf/pf2FWiSJe0FTyXM5mMrs4OuhRM7utzIGtV5tHi
GQs4wKCYhMlRUWP4y6cEl4gROl6Bslk4JquT2UKXrRUhJK7Q6Eete9SqZbJyy1ar
E8z3LiL3w+7SKRe1RIJCfh2kkKh1NQDy/ERzzu9xz3sPZGVqgJlO0nfGUs7q6em+
ntmd+i2jIM52RvGeNs3Bww1e2E+DPJtjqTWKZNECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBT0xs1u1AAE/1T/QX6HeOFRTaE69TAfBgNVHSMEGDAWgBTb6MyPWvHnNi1F
Tz3ZGoKVKRnbYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzItak1qMXJ4NXpZdFJVODkyUnFDbFNrWjIyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYTU3M2ZlLTZlMGUtNGJmZi05OWZjLTI2MjFkNWM5OWNhYi8x
LzlNYk5idFFBQlA5VV8wRi1oM2poVVUyaE92VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YTU3M2ZlLTZlMGUtNGJmZi05OWZjLTI2MjFkNWM5OWNhYi8xLzItak1qMXJ4NXpZ
dFJVODkyUnFDbFNrWjIyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAx8LKAMEBCX7sAMEAyX7yAMEAyX7
8AMEAy4TaAMEAy7naAMEAz56KAMEBI2IEDANBgkqhkiG9w0BAQsFAAOCAQEAieZL
ldYq/KR49CD3afCbxnRSVUGhRDQjduMi4OCga8A/sVuM61TveytwuT39xebF7xOa
2NRd1qVbM33xQ7fouEUUUIL2UYt231xjMvFcuuTi0e7F7BWJSAVMFqOEdiUkOWJa
EjNJZPQc1IZsVB1/hBjUWdyH+OvbAuC3V2x+VyMqjq7b28bU3U+c3WG59RzDw0em
v2Dd+p93EPxbJWRWNPr9oieE7HwYXyWRIEJDTrj0xi0hydlMV1TQoH4nV4Bj56Og
Pbvq685URvL+qKy78dp/5AmAW/vrW3rW3jLbSf1j9a8fS1PElxCF3//eiVRcFvpd
My3BePRZ6H4ngUFpqQ==
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:56:53 2025 by rpki-client