Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/IBZyOXjqy7Qy47ip77G6jOokiyU.roa
File: IBZyOXjqy7Qy47ip77G6jOokiyU.roa (raw, json)
Hash identifier: C4M1lfR0lKvT2YJZRJ3PpAKQktCSOxAthA3c6zXhhGk=
Subject key identifier: 20:16:72:39:78:EA:CB:B4:32:E3:B8:A9:EF:B1:BA:8C:EA:24:8B:25
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 0182FF952DCA6A555CD8D0A6B1A0D4C7BBA5
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/IBZyOXjqy7Qy47ip77G6jOokiyU.roa
Signing time: Fri 02 Sep 2022 19:02:22 +0000
ROA not before: Fri 02 Sep 2022 19:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.94.144.0/20 maxlen: 24
84.247.4.0/22 maxlen: 24
192.109.205.0/24 maxlen: 24
213.159.136.0/21 maxlen: 24
185.200.204.0/22 maxlen: 24
193.17.225.0/24 maxlen: 24
88.135.96.0/20 maxlen: 24
37.251.176.0/20 maxlen: 24
84.247.40.0/22 maxlen: 24
89.40.220.0/23 maxlen: 24
86.106.152.0/22 maxlen: 24
86.104.20.0/22 maxlen: 24
176.223.172.0/22 maxlen: 24
94.24.24.0/22 maxlen: 24
195.128.136.0/24 maxlen: 24
86.104.248.0/22 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ff:95:2d:ca:6a:55:5c:d8:d0:a6:b1:a0:d4:c7:bb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Sep 2 19:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2016723978eacbb432e3b8a9efb1ba8cea248b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:4e:d5:09:47:b5:ae:cb:fa:54:8c:d5:c9:
51:9c:2c:e8:57:2e:49:10:41:cc:4b:0a:48:b2:ed:
ea:c0:2e:59:aa:65:c4:af:a3:0c:e2:b9:62:50:f9:
4c:ab:cd:cf:85:54:01:ef:65:48:2d:c2:13:36:ee:
d2:c2:e3:e8:7e:17:c4:8d:0c:e4:a1:f7:f2:93:67:
d2:6d:2e:9b:51:f9:61:0c:79:be:4c:3d:92:20:af:
4a:30:6b:fd:d4:9a:9b:28:ec:fe:83:f6:95:71:e4:
0d:72:28:36:4a:b2:77:8c:4b:ef:db:47:65:29:79:
92:10:78:b7:8b:af:fe:d5:cd:67:7d:62:7c:5c:82:
94:51:92:7c:08:14:c1:27:05:b4:ea:99:0e:26:be:
20:32:5c:b6:fe:15:77:8c:dc:c2:ff:8b:a9:cd:fe:
77:6a:82:0e:40:21:0d:ff:7b:3a:58:fd:43:15:83:
ab:9a:d0:8e:70:4f:6c:07:0d:df:9d:7a:a1:04:c0:
4c:c5:ef:79:38:af:8f:1d:84:84:fc:45:58:e4:66:
cc:ab:cb:89:21:f7:37:21:4c:e3:11:44:67:48:e7:
53:8c:fa:88:60:91:84:d9:a7:2a:84:ea:6f:8e:88:
23:91:3c:d3:06:49:b3:07:7a:81:f7:6d:7f:cc:60:
f5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:16:72:39:78:EA:CB:B4:32:E3:B8:A9:EF:B1:BA:8C:EA:24:8B:25
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/IBZyOXjqy7Qy47ip77G6jOokiyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
84.247.4.0/22
84.247.40.0/22
86.104.20.0/22
86.104.248.0/22
86.106.152.0/22
88.135.96.0/20
89.40.220.0/23
91.227.240.0/23
94.24.24.0/22
109.94.144.0/20
176.223.172.0/22
185.200.204.0/22
192.109.205.0/24
193.17.225.0/24
195.128.136.0/24
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:eb:4f:c5:1d:f4:a0:a1:21:70:69:91:a1:34:20:72:a1:42:
2f:ca:bf:17:27:21:d9:3b:2d:85:44:e6:44:b6:c7:61:66:67:
9a:30:b1:24:c6:ec:e2:b1:01:47:09:8c:9d:91:20:b5:48:75:
25:09:28:67:aa:1d:37:f4:5f:56:3f:fc:7a:5a:97:79:3e:b9:
70:49:f2:b3:ca:f0:da:2a:95:3f:dd:a1:6d:70:02:5c:6c:35:
b9:fc:03:45:69:80:f3:ad:31:10:0d:25:bd:6d:d2:a8:98:0f:
8a:c5:27:e4:2a:1a:b4:62:75:5a:72:94:e3:81:83:04:54:ca:
89:0c:a1:b2:82:8b:73:5c:01:49:f3:7d:d6:7c:60:e9:2b:eb:
0c:2e:c4:8d:89:d3:a9:f3:40:18:06:dd:8e:8b:25:75:95:26:
76:4f:eb:e8:60:ce:c1:af:66:5a:82:24:22:8a:31:07:ac:62:
ca:c4:16:41:c3:e3:6c:89:ed:1b:0b:6d:6b:93:60:07:19:85:
f6:cc:1b:84:9e:01:d0:f3:83:d3:bf:f3:9b:b8:31:7d:8a:63:
1f:ba:c7:0c:25:f5:ee:74:eb:84:64:d6:f8:4c:4d:a5:a6:24:
e3:82:80:3b:d2:8a:ca:05:d3:68:8f:93:36:be:6c:c5:97:f1:
e2:11:5f:bc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYL/lS3KalVc2NCmsaDUx7ulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjIwOTAyMTkwMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDE2NzIzOTc4ZWFjYmI0MzJlM2I4YTllZmIxYmE4Y2VhMjQ4YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRdO1QlHta7L+lSM1clRnCzoVy5J
EEHMSwpIsu3qwC5ZqmXEr6MM4rliUPlMq83PhVQB72VILcITNu7SwuPofhfEjQzk
offyk2fSbS6bUflhDHm+TD2SIK9KMGv91JqbKOz+g/aVceQNcig2SrJ3jEvv20dl
KXmSEHi3i6/+1c1nfWJ8XIKUUZJ8CBTBJwW06pkOJr4gMly2/hV3jNzC/4upzf53
aoIOQCEN/3s6WP1DFYOrmtCOcE9sBw3fnXqhBMBMxe95OK+PHYSE/EVY5GbMq8uJ
Ifc3IUzjEURnSOdTjPqIYJGE2acqhOpvjogjkTzTBkmzB3qB921/zGD1TQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCAWcjl46su0MuO4qe+xuozqJIslMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvSUJaeU9YanF5N1F5NDdpcDc3RzZqT29raXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQEJfuwAwQC
VPcEAwQCVPcoAwQCVmgUAwQCVmj4AwQCVmqYAwQEWIdgAwQBWSjcAwQBW+PwAwQC
XhgYAwQEbV6QAwQCsN+sAwQCucjMAwQAwG3NAwQAwRHhAwQAw4CIAwQD1Z+IMA0G
CSqGSIb3DQEBCwUAA4IBAQCL60/FHfSgoSFwaZGhNCByoUIvyr8XJyHZOy2FROZE
tsdhZmeaMLEkxuzisQFHCYydkSC1SHUlCShnqh039F9WP/x6Wpd5PrlwSfKzyvDa
KpU/3aFtcAJcbDW5/ANFaYDzrTEQDSW9bdKomA+KxSfkKhq0YnVacpTjgYMEVMqJ
DKGygotzXAFJ833WfGDpK+sMLsSNidOp80AYBt2OiyV1lSZ2T+voYM7Br2ZagiQi
ijEHrGLKxBZBw+Nsie0bC21rk2AHGYX2zBuEngHQ84PTv/ObuDF9imMfuscMJfXu
dOuEZNb4TE2lpiTjgoA70orKBdNoj5M2vmzFl/HiEV+8
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:55:58 2025 by rpki-client