Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/P_CMQsMPPeGHyNNzpts4lx89bvQ.roa
File: P_CMQsMPPeGHyNNzpts4lx89bvQ.roa (raw, json)
Hash identifier: lUqd8TOQC9bkc3c/AKmp9rny6PCdK7wFP0SMSxnydzg=
Subject key identifier: 3F:F0:8C:42:C3:0F:3D:E1:87:C8:D3:73:A6:DB:38:97:1F:3D:6E:F4
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 0188A40E2C1FD46C0524A645A7EF5EA64425
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/P_CMQsMPPeGHyNNzpts4lx89bvQ.roa
Signing time: Sat 10 Jun 2023 06:46:12 +0000
ROA not before: Sat 10 Jun 2023 06:46:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
94.24.64.0/21 maxlen: 24
89.46.248.0/22 maxlen: 24
37.251.176.0/20 maxlen: 24
91.245.216.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
86.104.248.0/22 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:0e:2c:1f:d4:6c:05:24:a6:45:a7:ef:5e:a6:44:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jun 10 06:46:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ff08c42c30f3de187c8d373a6db38971f3d6ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0d:2d:47:86:ce:86:26:85:fb:74:be:5e:e3:
78:9f:70:db:c8:9f:fc:e7:a6:d0:f4:f3:17:ec:d9:
e7:9e:24:7f:cb:07:b1:65:11:29:2a:a1:70:f8:ea:
4a:59:95:90:7f:47:ea:3b:c8:c6:e1:55:ce:80:82:
10:85:d4:98:3c:68:b8:12:ad:5c:d6:d2:2f:bd:0e:
24:e4:7a:f1:fc:2f:17:da:eb:41:aa:31:dd:22:e9:
08:07:bd:52:1d:29:dd:d2:e6:3c:c7:0b:42:94:0d:
ee:17:41:29:19:d4:72:20:cf:ff:7e:f5:ab:9b:57:
01:c5:02:0b:34:fe:44:a2:73:5b:e4:e1:71:49:4d:
f4:ce:e8:05:78:d8:26:ec:90:bb:a7:92:fb:7a:22:
bb:1a:1c:76:90:5f:bd:21:3a:5b:04:8a:89:56:17:
d9:35:6c:7c:a5:0f:95:13:6b:95:9e:fc:df:3a:13:
90:77:c4:a1:3a:0f:de:65:3e:9c:7e:ba:37:62:d4:
e0:85:bf:35:dd:54:6a:98:27:be:47:66:a7:30:2a:
5e:eb:0a:66:8f:0f:20:31:54:e2:a6:4b:fe:a8:01:
56:81:b2:e0:4b:3c:69:d4:c9:c5:e3:85:e5:04:56:
39:00:f6:60:08:90:b0:79:47:b2:e1:15:a2:2e:b0:
49:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F0:8C:42:C3:0F:3D:E1:87:C8:D3:73:A6:DB:38:97:1F:3D:6E:F4
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/P_CMQsMPPeGHyNNzpts4lx89bvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
86.104.248.0/22
89.39.210.0/23
89.40.220.0/23
89.46.248.0/22
91.227.240.0/23
91.245.216.0/23
94.24.64.0/21
94.26.24.0/23
141.136.16.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:c9:c5:f0:d2:54:51:ae:d6:e4:45:18:cf:74:09:84:34:fa:
f6:67:87:5a:04:5f:02:81:e5:5c:e5:0b:37:da:eb:c7:60:7f:
41:c1:c2:a5:37:09:58:b9:e0:65:fc:6e:1a:dd:c3:5d:1f:d0:
9a:79:6c:31:30:1d:cf:3b:32:f5:30:ad:2f:5a:6c:ce:ef:ad:
c5:55:5b:32:b0:4b:2f:f2:b7:c1:53:47:b5:27:35:63:d9:ab:
c7:2a:33:fc:f9:1b:9c:cb:45:b1:01:d2:ba:7e:19:2f:45:4b:
df:91:9e:b1:a2:0b:29:a2:34:ce:dc:25:ba:f7:10:70:ce:ba:
0e:44:e0:3a:56:20:0a:96:89:09:f3:34:73:d5:be:e9:6d:87:
1b:6b:41:b6:95:a7:0e:bd:3f:bb:0e:c9:96:8d:26:19:0e:6e:
82:84:bb:6b:00:ce:43:11:61:81:98:e8:fb:60:0d:27:7b:09:
03:12:d2:d0:96:0e:09:08:ec:94:5d:69:6c:d8:f3:d0:b8:d3:
b8:3b:ff:ac:43:20:02:99:72:e0:8e:a0:08:ef:e6:9a:e8:e0:
45:6a:6a:4a:38:be:c8:94:c8:e7:5e:41:7f:bd:4b:fb:0c:79:
36:ea:df:03:d1:fa:65:04:4c:1a:35:bf:26:c6:08:c2:b5:3c:
a3:b6:36:d8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYikDiwf1GwFJKZFp+9epkQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwNjEwMDY0NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmYwOGM0MmMzMGYzZGUxODdjOGQzNzNhNmRiMzg5NzFmM2Q2ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A0tR4bOhiaF+3S+XuN4n3DbyJ/8
56bQ9PMX7NnnniR/ywexZREpKqFw+OpKWZWQf0fqO8jG4VXOgIIQhdSYPGi4Eq1c
1tIvvQ4k5Hrx/C8X2utBqjHdIukIB71SHSnd0uY8xwtClA3uF0EpGdRyIM//fvWr
m1cBxQILNP5EonNb5OFxSU30zugFeNgm7JC7p5L7eiK7Ghx2kF+9ITpbBIqJVhfZ
NWx8pQ+VE2uVnvzfOhOQd8ShOg/eZT6cfro3YtTghb813VRqmCe+R2anMCpe6wpm
jw8gMVTipkv+qAFWgbLgSzxp1MnF44XlBFY5APZgCJCweUey4RWiLrBJVQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFD/wjELDDz3hh8jTc6bbOJcfPW70MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvUF9DTVFzTVBQZUdIeU5OenB0czRseDg5YnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQEJfuwAwQC
Vmj4AwQBWSfSAwQBWSjcAwQCWS74AwQBW+PwAwQBW/XYAwQDXhhAAwQBXhoYAwQE
jYgQMA0GCSqGSIb3DQEBCwUAA4IBAQBsycXw0lRRrtbkRRjPdAmENPr2Z4daBF8C
geVc5Qs32uvHYH9BwcKlNwlYueBl/G4a3cNdH9CaeWwxMB3POzL1MK0vWmzO763F
VVsysEsv8rfBU0e1JzVj2avHKjP8+Rucy0WxAdK6fhkvRUvfkZ6xogspojTO3CW6
9xBwzroOROA6ViAKlokJ8zRz1b7pbYcba0G2lacOvT+7DsmWjSYZDm6ChLtrAM5D
EWGBmOj7YA0newkDEtLQlg4JCOyUXWls2PPQuNO4O/+sQyACmXLgjqAI7+aa6OBF
ampKOL7IlMjnXkF/vUv7DHk26t8D0fplBEwaNb8mxgjCtTyjtjbY
-----END CERTIFICATE-----
Generated at Mon May 12 13:26:57 2025 by rpki-client