Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/SOSv9-Yq6HA2JWqGVHGuR4kADOw.roa
File: SOSv9-Yq6HA2JWqGVHGuR4kADOw.roa (raw, json)
Hash identifier: IZttvGHduXYctCK73sOb20oQwq726c+dISkHwEaY5YM=
Subject key identifier: 48:E4:AF:F7:E6:2A:E8:70:36:25:6A:86:54:71:AE:47:89:00:0C:EC
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 0189D31CACA68DF46CEFA1B15D44E774DFF2
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/SOSv9-Yq6HA2JWqGVHGuR4kADOw.roa
Signing time: Tue 08 Aug 2023 03:06:58 +0000
ROA not before: Tue 08 Aug 2023 03:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210176
IP address blocks: 94.24.64.0/21 maxlen: 24
109.94.144.0/20 maxlen: 24
89.39.210.0/23 maxlen: 24
46.231.104.0/21 maxlen: 24
37.251.176.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
86.104.248.0/22 maxlen: 24
91.227.240.0/23 maxlen: 24
37.251.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:1c:ac:a6:8d:f4:6c:ef:a1:b1:5d:44:e7:74:df:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Aug 8 03:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48e4aff7e62ae87036256a865471ae4789000cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:9d:25:61:78:41:2d:44:7a:b3:06:d8:de:
2f:e8:c6:81:c9:1f:f9:08:bf:d1:6e:6f:cf:bd:da:
71:45:f7:00:af:19:9e:5b:ef:b0:d3:54:be:31:00:
80:b2:fe:1a:9e:15:d7:ce:41:12:fa:39:50:18:b5:
15:55:cd:32:78:97:db:17:67:9d:fa:e3:a9:ad:c3:
8b:81:ac:73:01:34:8c:84:d1:10:12:f6:e2:e3:69:
a3:92:c4:b2:94:ea:b9:81:6c:67:8e:b9:a7:45:55:
75:cf:31:db:c2:42:04:29:af:a6:e7:04:b4:31:bf:
a7:d0:58:6a:1f:54:f9:9f:cf:6f:c9:c0:98:ac:e9:
3e:e7:af:9b:31:ee:77:21:1d:11:84:e7:ae:6a:57:
8f:99:82:6e:e4:bd:94:22:b1:9c:94:26:0c:bb:ac:
a8:a5:b6:65:a6:01:6b:cc:e6:03:eb:5f:36:ab:28:
d7:9c:5d:00:74:b6:43:a5:06:d4:74:cc:f6:0c:e0:
ed:b5:57:66:65:fb:b9:57:a5:77:52:a9:bd:b2:07:
63:47:1f:42:6b:dc:71:08:a1:01:8c:be:79:94:53:
20:5a:cb:20:a0:72:c1:09:c2:bc:12:13:6b:a3:ed:
c9:e6:cb:21:9f:4c:62:5e:cb:ec:30:d7:f6:33:11:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E4:AF:F7:E6:2A:E8:70:36:25:6A:86:54:71:AE:47:89:00:0C:EC
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/SOSv9-Yq6HA2JWqGVHGuR4kADOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.240.0/21
46.231.104.0/21
86.104.248.0/22
89.39.210.0/23
89.40.220.0/23
91.227.240.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
141.136.16.0/20
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
23:08:9f:f0:06:56:4d:1e:52:bc:c7:be:e2:5e:eb:dd:9d:f8:
a7:3e:b6:18:09:ca:a5:33:cc:73:5c:df:5e:cc:6a:76:aa:8c:
70:c0:25:c3:3b:5e:86:47:7f:10:0f:19:48:b0:03:3b:7d:88:
2b:13:51:d4:fe:55:da:bc:07:88:24:31:f1:84:aa:05:9b:39:
99:ac:4e:6a:79:9e:42:76:8d:96:c3:9c:84:fa:ad:17:0f:50:
d8:e0:95:d0:77:9b:96:49:bc:74:3c:16:98:0c:88:27:23:4e:
2e:9a:c0:8d:8c:d3:45:d7:96:09:14:6f:44:55:50:0e:d6:f0:
e0:1b:af:39:7b:fd:a8:17:75:14:b2:0b:5b:ec:89:64:87:56:
41:d5:c8:c4:36:c4:12:6d:89:63:8b:10:18:99:94:8f:81:2e:
56:d9:44:a5:34:c6:99:37:2d:6e:60:0a:68:94:82:ae:bd:bf:
32:0a:34:b7:90:c8:32:19:b1:41:15:14:a4:15:54:f9:cf:29:
36:8b:44:45:25:a5:ce:de:4b:5d:e1:05:cd:17:ae:de:9e:62:
e0:e5:11:88:f9:ed:bd:fe:49:12:ae:a2:df:78:69:78:9e:6e:
b1:78:72:ee:f8:af:ac:45:cb:a8:3a:89:48:fd:98:35:75:ec:
d4:6e:1d:85
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYnTHKymjfRs76GxXUTndN/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwODA4MDMwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU0YWZmN2U2MmFlODcwMzYyNTZhODY1NDcxYWU0Nzg5MDAwY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk+dJWF4QS1EerMG2N4v6MaByR/5
CL/Rbm/PvdpxRfcArxmeW++w01S+MQCAsv4anhXXzkES+jlQGLUVVc0yeJfbF2ed
+uOprcOLgaxzATSMhNEQEvbi42mjksSylOq5gWxnjrmnRVV1zzHbwkIEKa+m5wS0
Mb+n0FhqH1T5n89vycCYrOk+56+bMe53IR0RhOeualePmYJu5L2UIrGclCYMu6yo
pbZlpgFrzOYD6182qyjXnF0AdLZDpQbUdMz2DODttVdmZfu5V6V3Uqm9sgdjRx9C
a9xxCKEBjL55lFMgWssgoHLBCcK8EhNro+3J5sshn0xiXsvsMNf2MxHi7wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEjkr/fmKuhwNiVqhlRxrkeJAAzsMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvU09TdjktWXE2SEEySldxR1ZIR3VSNGtBRE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQEJfuwAwQD
JfvwAwQDLudoAwQCVmj4AwQBWSfSAwQBWSjcAwQBW+PwAwQDXhhAAwQBXhoYAwQE
bV6QAwQEjYgQAwQD1Z+IMA0GCSqGSIb3DQEBCwUAA4IBAQAjCJ/wBlZNHlK8x77i
XuvdnfinPrYYCcqlM8xzXN9ezGp2qoxwwCXDO16GR38QDxlIsAM7fYgrE1HU/lXa
vAeIJDHxhKoFmzmZrE5qeZ5Cdo2Ww5yE+q0XD1DY4JXQd5uWSbx0PBaYDIgnI04u
msCNjNNF15YJFG9EVVAO1vDgG685e/2oF3UUsgtb7Ilkh1ZB1cjENsQSbYljixAY
mZSPgS5W2USlNMaZNy1uYApolIKuvb8yCjS3kMgyGbFBFRSkFVT5zyk2i0RFJaXO
3ktd4QXNF67enmLg5RGI+e29/kkSrqLfeGl4nm6xeHLu+K+sRcuoOolI/Zg1dezU
bh2F
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:40:44 2025 by rpki-client