Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/O9ZKW5vDKL4rFq_-Yi40iL1K5MQ.roa
File: O9ZKW5vDKL4rFq_-Yi40iL1K5MQ.roa (raw, json)
Hash identifier: 41FLyBMc6iwV9+rokKjbJt+SO+rGesVydyXTZJzqFtI=
Subject key identifier: 3B:D6:4A:5B:9B:C3:28:BE:2B:16:AF:FE:62:2E:34:88:BD:4A:E4:C4
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 0189B025FE6DB34A367BE383F989706F9A47
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/O9ZKW5vDKL4rFq_-Yi40iL1K5MQ.roa
Signing time: Tue 01 Aug 2023 08:10:27 +0000
ROA not before: Tue 01 Aug 2023 08:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
109.94.144.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
94.24.64.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
89.46.248.0/22 maxlen: 24
37.251.176.0/20 maxlen: 24
91.245.216.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
86.104.248.0/22 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:25:fe:6d:b3:4a:36:7b:e3:83:f9:89:70:6f:9a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Aug 1 08:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bd64a5b9bc328be2b16affe622e3488bd4ae4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a2:8e:fe:71:d4:89:fe:7d:ad:a3:43:a0:77:
92:24:f9:59:54:0b:6e:a8:54:71:56:93:7f:6e:db:
68:2d:21:c1:ec:e0:4f:5a:19:ad:46:6c:b0:28:dc:
9c:e6:e4:18:7d:11:20:dd:3b:48:25:d6:42:44:35:
2e:12:9e:35:b7:23:68:d4:02:cb:17:44:ba:0c:28:
49:37:2c:81:09:be:18:82:2a:03:e5:5e:d4:3d:85:
93:fe:1b:6c:cd:00:65:ed:73:f7:7f:35:29:62:0c:
88:fc:cf:41:ff:45:a2:e6:65:93:f4:ad:95:11:ad:
cb:8c:28:bb:52:6b:79:c0:46:ac:45:0c:ba:79:e8:
d0:c2:b5:48:7b:b7:a9:89:44:1f:4b:d6:eb:43:88:
23:43:c2:33:6c:81:af:1c:04:e2:4c:0b:1c:ea:70:
85:77:ed:a8:ca:55:8e:1d:ad:0c:58:18:d1:5f:43:
30:33:80:1e:62:35:97:fc:df:85:c0:9a:c4:4d:ea:
4e:f0:2e:f5:b1:b2:bb:58:67:39:e1:41:a5:42:3a:
c5:69:30:c9:4d:9b:b3:a9:4e:35:af:ca:21:b0:79:
d2:e0:60:a6:27:7e:56:ea:ab:83:2f:f4:39:a8:ae:
34:58:d8:7a:65:c8:63:d8:cb:ba:1c:af:fe:b6:13:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:4A:5B:9B:C3:28:BE:2B:16:AF:FE:62:2E:34:88:BD:4A:E4:C4
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/O9ZKW5vDKL4rFq_-Yi40iL1K5MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.240.0/21
46.231.104.0/21
62.122.40.0/21
86.104.248.0/22
89.39.210.0/23
89.40.220.0/23
89.46.248.0/22
91.227.240.0/23
91.245.216.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
141.136.16.0/20
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
05:f2:0c:07:cb:4f:5b:ca:5a:70:2f:91:d1:e7:db:ba:29:2a:
b4:d7:a7:92:09:68:8e:f9:ae:bb:a6:16:2d:04:43:1e:14:00:
e9:7f:ed:23:83:98:d3:fc:2b:8d:19:23:d4:ad:ec:cc:15:5d:
d6:1d:6d:04:f9:5d:d1:ec:c6:db:5c:bd:a3:01:11:87:2e:cf:
9c:54:ad:f7:97:3e:96:f1:db:04:3c:ed:a6:05:6a:ac:92:c3:
8a:40:7e:da:a8:35:9e:08:d1:bc:8f:e9:0a:0f:47:ec:63:ed:
81:d2:1d:fd:79:f4:4f:67:b9:ce:7f:fa:ce:70:ad:b9:47:95:
2c:50:cd:03:e3:c9:6d:09:28:af:a0:ee:b5:df:87:e0:4c:32:
0a:1f:bb:3b:2d:b0:a6:44:0f:aa:43:69:9f:51:fe:d1:f1:70:
4a:c7:c8:dc:83:96:85:88:5d:35:13:6c:73:20:2c:d9:01:16:
60:d0:1d:73:cd:bd:df:dd:07:35:42:51:f4:3f:28:69:c3:54:
d6:f4:45:9e:e7:d9:96:ce:e4:5c:85:13:de:d4:ed:dd:46:69:
a3:da:0e:78:47:f9:4b:b7:44:cb:bb:7c:c8:90:56:93:97:83:
15:bc:aa:80:b3:c2:07:d2:a0:46:bf:e9:8a:a8:22:59:50:fb:
85:5a:69:9f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYmwJf5ts0o2e+OD+Ylwb5pHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwODAxMDgxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ2NGE1YjliYzMyOGJlMmIxNmFmZmU2MjJlMzQ4OGJkNGFlNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaKO/nHUif59raNDoHeSJPlZVAtu
qFRxVpN/bttoLSHB7OBPWhmtRmywKNyc5uQYfREg3TtIJdZCRDUuEp41tyNo1ALL
F0S6DChJNyyBCb4YgioD5V7UPYWT/htszQBl7XP3fzUpYgyI/M9B/0Wi5mWT9K2V
Ea3LjCi7Umt5wEasRQy6eejQwrVIe7epiUQfS9brQ4gjQ8IzbIGvHATiTAsc6nCF
d+2oylWOHa0MWBjRX0MwM4AeYjWX/N+FwJrETepO8C71sbK7WGc54UGlQjrFaTDJ
TZuzqU41r8ohsHnS4GCmJ35W6quDL/Q5qK40WNh6Zchj2Mu6HK/+thPMYwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDvWSlubwyi+Kxav/mIuNIi9SuTEMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvTzlaS1c1dkRLTDRyRnFfLVlpNDBpTDFLNU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQEJfuwAwQD
JfvwAwQDLudoAwQDPnooAwQCVmj4AwQBWSfSAwQBWSjcAwQCWS74AwQBW+PwAwQB
W/XYAwQDXhhAAwQBXhoYAwQEbV6QAwQEjYgQAwQD1Z+IMA0GCSqGSIb3DQEBCwUA
A4IBAQAF8gwHy09bylpwL5HR59u6KSq016eSCWiO+a67phYtBEMeFADpf+0jg5jT
/CuNGSPUrezMFV3WHW0E+V3R7MbbXL2jARGHLs+cVK33lz6W8dsEPO2mBWqsksOK
QH7aqDWeCNG8j+kKD0fsY+2B0h39efRPZ7nOf/rOcK25R5UsUM0D48ltCSivoO61
34fgTDIKH7s7LbCmRA+qQ2mfUf7R8XBKx8jcg5aFiF01E2xzICzZARZg0B1zzb3f
3Qc1QlH0Pyhpw1TW9EWe59mWzuRchRPe1O3dRmmj2g54R/lLt0TLu3zIkFaTl4MV
vKqAs8IH0qBGv+mKqCJZUPuFWmmf
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:46:45 2025 by rpki-client