Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tXOdCcyABtLA1zHcHOyovgBxxnE.roa
File: tXOdCcyABtLA1zHcHOyovgBxxnE.roa (raw, json)
Hash identifier: n7NrXvO8CWkuw4Tfa2tRdon1LmYGF3G1LH5dltB95yw=
Subject key identifier: B5:73:9D:09:CC:80:06:D2:C0:D7:31:DC:1C:EC:A8:BE:00:71:C6:71
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018A4FA71592190A113D2DE0C8ED7CA64B8A
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tXOdCcyABtLA1zHcHOyovgBxxnE.roa
Signing time: Fri 01 Sep 2023 07:31:04 +0000
ROA not before: Fri 01 Sep 2023 07:31:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
109.94.144.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
37.251.200.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
192.64.44.0/23 maxlen: 24
94.24.64.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
89.46.248.0/22 maxlen: 24
37.251.176.0/20 maxlen: 24
91.245.216.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
141.136.16.0/20 maxlen: 24
91.227.240.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:a7:15:92:19:0a:11:3d:2d:e0:c8:ed:7c:a6:4b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Sep 1 07:31:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5739d09cc8006d2c0d731dc1ceca8be0071c671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ac:7b:f7:02:0e:ea:3c:74:3d:da:c5:5d:5d:
36:92:50:00:fe:50:b7:85:71:5a:b2:b7:45:38:3b:
ae:5d:81:84:ef:03:1a:fb:c5:0d:ca:90:6a:e5:4c:
90:d6:62:c7:26:88:e0:03:81:6b:ca:13:4c:64:87:
f8:1e:14:42:aa:90:32:4d:aa:ba:38:bc:71:aa:0f:
7e:b2:03:0f:99:02:ea:ed:e5:88:f6:a0:f3:57:98:
67:a2:f3:b8:09:a3:51:ca:37:ce:7d:8f:d9:2a:a2:
ae:67:ac:e8:b8:05:ff:f9:5b:5f:f5:ab:43:73:ac:
81:7e:9e:36:f6:1b:25:ae:c5:d9:69:93:6d:32:32:
42:7e:75:ef:aa:0e:8f:df:49:c3:00:0d:d7:e8:bb:
37:00:8e:9b:41:95:9e:ef:b7:1b:d2:f4:fe:15:59:
f6:18:0e:b3:0f:b6:9f:80:ab:88:65:08:75:bb:79:
66:ee:97:e1:0c:3a:f5:57:d1:ff:81:d4:28:c6:5d:
23:f7:0d:62:eb:29:c3:8b:88:d4:aa:ad:94:f1:a5:
7d:03:11:71:92:dc:b7:d2:77:a4:0a:d2:f1:aa:31:
0e:de:9c:eb:c3:6c:c3:5a:1d:ed:85:0f:98:37:35:
23:db:41:f2:9a:af:2e:b2:c2:0d:d8:12:87:42:cf:
f7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:73:9D:09:CC:80:06:D2:C0:D7:31:DC:1C:EC:A8:BE:00:71:C6:71
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/tXOdCcyABtLA1zHcHOyovgBxxnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
46.231.104.0/21
62.122.40.0/21
89.39.210.0/23
89.40.220.0/23
89.46.248.0/22
91.227.240.0/23
91.245.216.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
141.136.16.0/20
192.64.44.0/23
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
78:84:1a:08:92:1a:e4:dc:a0:28:f6:8d:73:ab:a6:33:49:25:
60:04:69:45:dc:0f:09:80:83:cc:4a:cd:d0:da:4f:a8:fc:4c:
f2:94:58:e2:62:a1:2e:7b:f3:c0:23:7f:b3:2a:cd:32:03:40:
7e:55:fc:ce:96:b4:61:f8:55:e1:54:1b:63:be:b0:f4:0b:82:
04:0d:01:57:6c:1a:61:47:fe:0d:d1:39:f0:b1:b9:ed:40:41:
8f:8d:f0:66:43:60:bf:7e:71:c2:0e:59:4f:85:e1:2c:a9:34:
2f:ad:d3:e1:86:e4:eb:b3:98:49:7c:b6:6b:f8:a0:0c:ff:de:
74:5d:45:25:cd:5e:5a:85:2c:04:13:2c:f3:f5:13:2a:e5:ff:
4c:bc:6b:02:f0:0e:8f:97:81:ce:04:18:fe:fe:6c:ac:d7:15:
32:2d:db:f1:e6:f7:42:ba:c9:6c:33:d6:66:8f:3b:37:24:78:
96:da:93:a2:fe:4f:bf:a8:c6:a3:1e:55:9c:35:e8:6a:5f:9e:
ec:00:ea:1b:46:58:09:19:9a:f4:42:f7:b4:50:25:33:44:c7:
d7:b3:c1:77:94:19:77:6e:1d:3b:8e:99:6d:ed:3d:78:8a:67:
b5:54:42:32:2c:db:72:11:1c:e7:33:b7:d1:8c:7e:26:b4:06:
22:6d:18:7e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYpPpxWSGQoRPS3gyO18pkuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwOTAxMDczMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTczOWQwOWNjODAwNmQyYzBkNzMxZGMxY2VjYThiZTAwNzFjNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgax79wIO6jx0PdrFXV02klAA/lC3
hXFasrdFODuuXYGE7wMa+8UNypBq5UyQ1mLHJojgA4FryhNMZIf4HhRCqpAyTaq6
OLxxqg9+sgMPmQLq7eWI9qDzV5hnovO4CaNRyjfOfY/ZKqKuZ6zouAX/+Vtf9atD
c6yBfp429hslrsXZaZNtMjJCfnXvqg6P30nDAA3X6Ls3AI6bQZWe77cb0vT+FVn2
GA6zD7afgKuIZQh1u3lm7pfhDDr1V9H/gdQoxl0j9w1i6ynDi4jUqq2U8aV9AxFx
kty30nekCtLxqjEO3pzrw2zDWh3thQ+YNzUj20Hymq8ussIN2BKHQs/3JQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLVznQnMgAbSwNcx3BzsqL4AccZxMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvdFhPZENjeUFCdExBMXpIY0hPeW92Z0J4eG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQEJfuwAwQD
JfvIAwQDJfvwAwQDLudoAwQDPnooAwQBWSfSAwQBWSjcAwQCWS74AwQBW+PwAwQB
W/XYAwQDXhhAAwQBXhoYAwQEbV6QAwQEjYgQAwQBwEAsAwQD1Z+IMA0GCSqGSIb3
DQEBCwUAA4IBAQB4hBoIkhrk3KAo9o1zq6YzSSVgBGlF3A8JgIPMSs3Q2k+o/Ezy
lFjiYqEue/PAI3+zKs0yA0B+VfzOlrRh+FXhVBtjvrD0C4IEDQFXbBphR/4N0Tnw
sbntQEGPjfBmQ2C/fnHCDllPheEsqTQvrdPhhuTrs5hJfLZr+KAM/950XUUlzV5a
hSwEEyzz9RMq5f9MvGsC8A6Pl4HOBBj+/mys1xUyLdvx5vdCuslsM9Zmjzs3JHiW
2pOi/k+/qMajHlWcNehqX57sAOobRlgJGZr0Qve0UCUzRMfXs8F3lBl3bh07jplt
7T14ime1VEIyLNtyERznM7fRjH4mtAYibRh+
-----END CERTIFICATE-----
Generated at Mon May 12 14:28:02 2025 by rpki-client