Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/EZ2-AY_xFPMMjDU1U0z-S_t0PS4.roa
File: EZ2-AY_xFPMMjDU1U0z-S_t0PS4.roa (raw, json)
Hash identifier: VZpP0n6Texhjf5vUXbSWG9AgTdWnmPjNZ2xsvYd3tpo=
Subject key identifier: 11:9D:BE:01:8F:F1:14:F3:0C:8C:35:35:53:4C:FE:4B:FB:74:3D:2E
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018C633E3A88806EF120CA191B64888B260A
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/EZ2-AY_xFPMMjDU1U0z-S_t0PS4.roa
Signing time: Wed 13 Dec 2023 12:54:31 +0000
ROA not before: Wed 13 Dec 2023 12:54:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
109.94.144.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
37.251.200.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
192.64.44.0/23 maxlen: 24
94.24.64.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
37.251.176.0/20 maxlen: 24
91.245.216.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:3e:3a:88:80:6e:f1:20:ca:19:1b:64:88:8b:26:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Dec 13 12:54:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=119dbe018ff114f30c8c3535534cfe4bfb743d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b4:43:54:98:59:70:a6:16:42:a8:0f:e8:11:
ea:f3:2d:4f:93:2f:75:2b:87:6e:2b:c4:2c:65:78:
f0:c4:ce:5a:d8:ae:9a:09:73:36:69:d3:61:a2:fb:
a7:52:5c:a6:c7:4b:5a:9a:b7:15:a5:da:b9:d8:ee:
e4:6a:4c:68:70:b0:8a:65:84:79:1f:66:6f:6c:2b:
b2:c4:4b:fd:da:cf:f4:bf:40:ae:b8:2c:59:b0:a3:
c3:9c:6d:88:d6:bf:9c:81:c3:6c:f0:20:6b:cb:4c:
39:8f:af:29:aa:a5:6e:4d:4c:7a:79:fb:23:dc:5e:
8a:9f:6c:d7:93:00:cb:2d:e4:e5:d2:42:f7:93:33:
62:0d:c4:40:bc:99:45:76:41:de:7b:eb:ea:89:bf:
5d:cb:93:61:9a:84:ef:f2:e5:b4:c9:cb:ef:4e:83:
5d:f7:e8:a3:01:78:62:ce:12:60:36:50:32:6c:08:
22:49:be:fd:4c:23:ef:f0:27:70:14:4f:d8:54:cc:
c9:fb:23:f0:48:eb:03:25:a0:c4:e0:e6:49:97:00:
33:49:ac:fc:cb:14:19:38:0d:11:89:b4:0a:39:0b:
17:66:98:10:f2:a5:a4:33:8b:f1:40:dc:72:7d:34:
4c:4a:e2:e2:71:8b:db:d8:dd:bd:a1:32:68:fc:ab:
50:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9D:BE:01:8F:F1:14:F3:0C:8C:35:35:53:4C:FE:4B:FB:74:3D:2E
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/EZ2-AY_xFPMMjDU1U0z-S_t0PS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
46.231.104.0/21
62.122.40.0/21
89.39.210.0/23
89.40.220.0/23
91.245.216.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
141.136.16.0/20
192.64.44.0/23
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:87:cc:67:b4:a4:3d:08:df:37:a0:05:f1:40:2a:9f:21:56:
1d:e2:1b:51:0a:ce:0e:c5:85:ba:e4:af:93:6a:56:63:bd:ca:
04:94:b1:5a:e4:25:33:78:3b:40:35:0b:b6:fb:eb:97:1c:87:
c6:96:78:3c:0f:d0:99:d3:83:b3:b7:b9:c3:77:6c:5c:28:4c:
10:55:e7:ff:48:11:8f:92:12:75:9a:ac:a8:47:d0:74:f9:91:
d1:46:f1:dc:05:10:4f:5d:6a:47:b2:42:1e:ab:6a:f9:8e:a2:
3f:f0:a7:57:c6:3f:80:38:15:e2:a0:30:37:a9:28:92:7b:a1:
4b:d9:65:bd:d0:f2:b7:30:97:d7:9d:90:af:84:bb:45:4d:c1:
db:47:b9:cf:36:15:ef:f4:9b:84:d2:73:c0:ce:95:0c:ad:0c:
10:83:5d:a5:d8:58:e0:4d:42:ae:65:b1:f1:b3:17:a9:00:21:
e3:9d:fb:95:e4:ca:3a:ca:5c:56:1e:a9:1f:65:a1:14:d4:79:
8a:d2:52:b3:be:3a:68:77:9c:0f:e1:27:f1:ef:5c:b1:0b:3c:
73:a1:07:3a:97:b0:4e:3b:63:b9:0b:cb:b1:66:35:42:19:f3:
72:03:88:f8:7e:b6:a2:8f:8d:a0:15:07:08:0e:e8:7d:a2:51:
43:f7:65:6a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYxjPjqIgG7xIMoZG2SIiyYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMxMjEzMTI1NDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTlkYmUwMThmZjExNGYzMGM4YzM1MzU1MzRjZmU0YmZiNzQzZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLRDVJhZcKYWQqgP6BHq8y1Pky91
K4duK8QsZXjwxM5a2K6aCXM2adNhovunUlymx0tamrcVpdq52O7kakxocLCKZYR5
H2ZvbCuyxEv92s/0v0CuuCxZsKPDnG2I1r+cgcNs8CBry0w5j68pqqVuTUx6efsj
3F6Kn2zXkwDLLeTl0kL3kzNiDcRAvJlFdkHee+vqib9dy5NhmoTv8uW0ycvvToNd
9+ijAXhizhJgNlAybAgiSb79TCPv8CdwFE/YVMzJ+yPwSOsDJaDE4OZJlwAzSaz8
yxQZOA0RibQKOQsXZpgQ8qWkM4vxQNxyfTRMSuLicYvb2N29oTJo/KtQzwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBGdvgGP8RTzDIw1NVNM/kv7dD0uMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvRVoyLUFZX3hGUE1NakRVMVUwei1TX3QwUFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQEJfuwAwQD
JfvIAwQDJfvwAwQDLudoAwQDPnooAwQBWSfSAwQBWSjcAwQBW/XYAwQDXhhAAwQB
XhoYAwQEbV6QAwQEjYgQAwQBwEAsAwQD1Z+IMA0GCSqGSIb3DQEBCwUAA4IBAQBc
h8xntKQ9CN83oAXxQCqfIVYd4htRCs4OxYW65K+TalZjvcoElLFa5CUzeDtANQu2
++uXHIfGlng8D9CZ04Ozt7nDd2xcKEwQVef/SBGPkhJ1mqyoR9B0+ZHRRvHcBRBP
XWpHskIeq2r5jqI/8KdXxj+AOBXioDA3qSiSe6FL2WW90PK3MJfXnZCvhLtFTcHb
R7nPNhXv9JuE0nPAzpUMrQwQg12l2FjgTUKuZbHxsxepACHjnfuV5Mo6ylxWHqkf
ZaEU1HmK0lKzvjpod5wP4Sfx71yxCzxzoQc6l7BOO2O5C8uxZjVCGfNyA4j4frai
j42gFQcIDuh9olFD92Vq
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:02:01 2025 by rpki-client