Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KeoxGYE9C_pT-JCcbU2pHsy9svM.roa
File: KeoxGYE9C_pT-JCcbU2pHsy9svM.roa (raw, json)
Hash identifier: gtFdQje7yDqOYvAnVNBNAhu2hmX16NHoaHc3GPq5bZ0=
Subject key identifier: 29:EA:31:19:81:3D:0B:FA:53:F8:90:9C:6D:4D:A9:1E:CC:BD:B2:F3
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018CC56EC6F75E40F4899A68C6709DFC3863
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KeoxGYE9C_pT-JCcbU2pHsy9svM.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
109.94.144.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
37.251.200.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
192.64.44.0/23 maxlen: 24
94.24.64.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
37.251.176.0/20 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c6:f7:5e:40:f4:89:9a:68:c6:70:9d:fc:38:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29ea3119813d0bfa53f8909c6d4da91eccbdb2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:07:55:cc:00:f8:3f:4d:40:d9:26:a2:4d:
93:2d:e7:cf:d0:45:35:d4:f9:f7:56:1d:33:ae:02:
67:e0:6b:77:88:1d:7b:40:03:b2:20:d9:05:ac:cc:
fc:a3:36:64:f9:0a:90:43:a7:20:ce:64:df:e1:e6:
70:6a:7f:2d:bc:8f:dd:89:99:08:31:f9:eb:25:15:
88:c0:f2:06:d2:f1:92:da:a1:b4:9a:47:cd:73:8e:
7e:2f:62:80:91:7d:0b:93:b6:7a:2b:86:b5:33:ea:
05:d5:5d:77:dc:51:42:77:0d:6d:a4:a4:a4:fd:52:
55:fe:6a:99:0e:87:a1:59:67:b3:6d:3a:d0:88:9f:
52:7a:e5:ee:a0:58:39:38:87:89:a1:ef:3d:30:a7:
b0:7b:f4:17:a3:6a:e8:12:34:49:76:0a:e5:26:93:
38:8f:fb:4e:70:01:a8:a2:40:2f:4f:cd:d4:a6:7a:
54:b0:e0:79:ea:2f:6b:6d:aa:5a:53:61:18:20:c6:
01:97:f8:fa:9f:46:ea:81:4d:83:51:94:db:47:04:
71:74:9b:2d:f8:74:2f:67:dd:f2:67:05:a4:5b:87:
61:05:b0:e3:cc:96:03:59:58:60:ab:58:48:7a:b0:
6f:51:d6:c9:ef:7b:e6:fc:6b:d3:c9:5e:b9:ad:f2:
b2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:EA:31:19:81:3D:0B:FA:53:F8:90:9C:6D:4D:A9:1E:CC:BD:B2:F3
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/KeoxGYE9C_pT-JCcbU2pHsy9svM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
46.231.104.0/21
62.122.40.0/21
89.39.210.0/23
89.40.220.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
141.136.16.0/20
192.64.44.0/23
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
96:0e:5f:83:17:0c:5e:d0:f9:4a:6b:86:21:45:95:10:19:af:
2c:f4:30:d0:ec:37:d7:b6:ae:91:70:a9:84:9a:64:15:d0:c0:
2b:be:06:40:a3:76:bd:ae:e2:54:c9:6a:1c:64:39:6c:a0:fa:
34:c4:3e:52:ab:2a:da:1f:b5:2d:74:a0:7b:63:69:4e:fc:00:
5e:64:d6:0a:c6:ef:7d:99:02:62:7a:fb:17:06:a4:b8:aa:a4:
0c:f1:d8:ba:71:e6:09:19:51:b3:55:65:f3:d2:98:66:c5:99:
7c:f6:3f:8b:44:3e:9e:a8:4d:b7:f2:15:25:60:d1:29:c1:21:
cb:70:4a:c4:48:76:4e:0c:f0:3e:e6:e6:5f:4d:3e:ce:99:20:
d9:56:bf:32:51:2a:29:69:af:74:80:80:3c:4d:a8:07:c9:d7:
5d:a4:4f:79:93:2c:91:8b:a4:89:1e:8b:60:8d:13:26:e2:cc:
f1:f6:66:58:5e:dd:1e:22:f1:6d:18:9a:4f:8c:2a:c8:a7:0d:
83:e0:6f:43:bf:ef:3e:c3:4b:d6:a7:19:49:81:c0:df:9e:65:
b3:71:ee:60:37:cb:23:d6:7e:45:4e:3e:3c:ee:93:20:10:5a:
b7:21:a6:92:ae:4c:51:e2:b6:95:01:60:53:68:b4:06:72:ab:
14:29:9d:18
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzFbsb3XkD0iZpoxnCd/DhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWVhMzExOTgxM2QwYmZhNTNmODkwOWM2ZDRkYTkxZWNjYmRiMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojoHVcwA+D9NQNkmok2TLefP0EU1
1Pn3Vh0zrgJn4Gt3iB17QAOyINkFrMz8ozZk+QqQQ6cgzmTf4eZwan8tvI/diZkI
MfnrJRWIwPIG0vGS2qG0mkfNc45+L2KAkX0Lk7Z6K4a1M+oF1V133FFCdw1tpKSk
/VJV/mqZDoehWWezbTrQiJ9SeuXuoFg5OIeJoe89MKewe/QXo2roEjRJdgrlJpM4
j/tOcAGookAvT83UpnpUsOB56i9rbapaU2EYIMYBl/j6n0bqgU2DUZTbRwRxdJst
+HQvZ93yZwWkW4dhBbDjzJYDWVhgq1hIerBvUdbJ73vm/GvTyV65rfKyqwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCnqMRmBPQv6U/iQnG1NqR7MvbLzMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvS2VveEdZRTlDX3BULUpDY2JVMnBIc3k5c3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQEJfuwAwQD
JfvIAwQDJfvwAwQDLudoAwQDPnooAwQBWSfSAwQBWSjcAwQDXhhAAwQBXhoYAwQE
bV6QAwQEjYgQAwQBwEAsAwQD1Z+IMA0GCSqGSIb3DQEBCwUAA4IBAQCWDl+DFwxe
0PlKa4YhRZUQGa8s9DDQ7DfXtq6RcKmEmmQV0MArvgZAo3a9ruJUyWocZDlsoPo0
xD5SqyraH7UtdKB7Y2lO/ABeZNYKxu99mQJievsXBqS4qqQM8di6ceYJGVGzVWXz
0phmxZl89j+LRD6eqE238hUlYNEpwSHLcErESHZODPA+5uZfTT7OmSDZVr8yUSop
aa90gIA8TagHydddpE95kyyRi6SJHotgjRMm4szx9mZYXt0eIvFtGJpPjCrIpw2D
4G9Dv+8+w0vWpxlJgcDfnmWzce5gN8sj1n5FTj487pMgEFq3IaaSrkxR4raVAWBT
aLQGcqsUKZ0Y
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:01:40 2025 by rpki-client