Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/XZUkkjfK1svUa6feBEevTKvtEcA.roa
File: XZUkkjfK1svUa6feBEevTKvtEcA.roa (raw, json)
Hash identifier: wyVf5zW45oYKuYL+LlUqTk3eWYEVvuJxk1VRagHAyy0=
Subject key identifier: 5D:95:24:92:37:CA:D6:CB:D4:6B:A7:DE:04:47:AF:4C:AB:ED:11:C0
Certificate issuer: /CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Certificate serial: 0194266BD89F86174D2F5EE5888458081EA7
Authority key identifier: EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/XZUkkjfK1svUa6feBEevTKvtEcA.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21040
IP address blocks: 37.203.248.0/21 maxlen: 21
37.203.248.0/22 maxlen: 22
37.203.252.0/22 maxlen: 22
84.20.56.0/21 maxlen: 21
84.20.56.0/22 maxlen: 22
84.20.60.0/22 maxlen: 22
109.205.200.0/21 maxlen: 21
109.205.200.0/24 maxlen: 24
109.205.201.0/24 maxlen: 24
109.205.202.0/24 maxlen: 24
109.205.203.0/24 maxlen: 24
109.205.204.0/22 maxlen: 22
185.19.120.0/22 maxlen: 22
185.19.120.0/23 maxlen: 23
185.19.122.0/23 maxlen: 23
185.71.16.0/22 maxlen: 22
185.71.16.0/23 maxlen: 23
185.71.18.0/23 maxlen: 23
185.71.112.0/22 maxlen: 22
185.71.112.0/23 maxlen: 23
185.71.114.0/23 maxlen: 23
185.178.120.0/22 maxlen: 22
185.178.120.0/23 maxlen: 23
213.196.128.0/18 maxlen: 18
213.196.128.0/24 maxlen: 24
213.196.129.0/24 maxlen: 24
213.196.130.0/24 maxlen: 24
213.196.131.0/24 maxlen: 24
213.196.132.0/24 maxlen: 24
213.196.133.0/24 maxlen: 24
213.196.135.0/24 maxlen: 24
213.196.136.0/24 maxlen: 24
213.196.137.0/24 maxlen: 24
213.196.138.0/24 maxlen: 24
213.196.140.0/24 maxlen: 24
213.196.141.0/24 maxlen: 24
213.196.142.0/24 maxlen: 24
213.196.143.0/24 maxlen: 24
213.196.144.0/24 maxlen: 24
213.196.145.0/24 maxlen: 24
213.196.146.0/24 maxlen: 24
213.196.147.0/24 maxlen: 24
213.196.151.0/24 maxlen: 24
213.196.152.0/24 maxlen: 24
213.196.153.0/24 maxlen: 24
213.196.154.0/24 maxlen: 24
213.196.155.0/24 maxlen: 24
213.196.156.0/24 maxlen: 24
213.196.158.0/24 maxlen: 24
213.196.159.0/24 maxlen: 24
213.196.160.0/24 maxlen: 24
213.196.161.0/24 maxlen: 24
213.196.162.0/24 maxlen: 24
213.196.174.0/23 maxlen: 23
213.196.184.0/22 maxlen: 22
213.196.188.0/22 maxlen: 22
2a02:24e8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d8:9f:86:17:4d:2f:5e:e5:88:84:58:08:1e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8c33a8a6201d40a60220bd639b5d352212673e
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d95249237cad6cbd46ba7de0447af4cabed11c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ae:9d:d2:37:f1:60:4e:e5:1c:9c:d8:46:e6:
a0:f8:2b:bf:a1:93:28:bd:70:10:17:cb:cc:27:b9:
a4:bc:83:f6:75:cc:ba:e7:41:2f:cf:a8:77:31:28:
60:d2:0b:3a:2a:6c:75:7f:8b:a9:d0:00:7a:1b:ca:
8a:18:c7:3b:04:39:e1:4b:34:12:95:b6:15:fe:45:
8a:6c:fd:a6:9f:08:36:a7:63:a8:9c:a2:21:b3:b2:
b5:3a:6b:c8:be:bd:ad:5b:93:36:7b:5c:51:81:3f:
4a:cb:d9:a0:de:05:fd:ef:65:5e:49:04:48:8a:22:
ae:10:31:f7:4f:90:5f:0d:fd:77:4c:2e:01:1d:99:
88:51:3f:44:a0:00:94:e0:af:36:77:e4:ae:a0:06:
24:e9:cf:ce:4e:9b:dc:45:d2:ce:a1:26:7b:aa:c1:
40:a5:38:7d:ee:a9:e5:bd:e6:f3:97:a6:fa:ad:82:
24:2a:11:78:67:5e:ab:07:6c:38:2d:26:c4:a4:e0:
9f:dd:e1:1b:d0:df:7d:e5:ee:26:3d:eb:9c:8a:eb:
ed:06:84:5f:1d:5c:12:39:72:11:4c:ab:72:2f:cb:
91:4d:18:3f:13:52:f0:25:e1:2c:e0:e1:32:64:dc:
0c:c3:5c:b2:2f:88:1b:61:90:f0:8e:b8:98:8e:68:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:95:24:92:37:CA:D6:CB:D4:6B:A7:DE:04:47:AF:4C:AB:ED:11:C0
X509v3 Authority Key Identifier:
keyid:EF:8C:33:A8:A6:20:1D:40:A6:02:20:BD:63:9B:5D:35:22:12:67:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74wzqKYgHUCmAiC9Y5tdNSISZz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/XZUkkjfK1svUa6feBEevTKvtEcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/bfbe5f-97c8-4347-8a8c-e01bb48863a9/1/74wzqKYgHUCmAiC9Y5tdNSISZz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.248.0/21
84.20.56.0/21
109.205.200.0/21
185.19.120.0/22
185.71.16.0/22
185.71.112.0/22
185.178.120.0/22
213.196.128.0/18
IPv6:
2a02:24e8::/29
Signature Algorithm: sha256WithRSAEncryption
3d:99:df:85:d9:e8:93:f9:ca:65:f7:50:aa:28:fc:8b:a2:e8:
4f:22:69:85:80:9c:08:5b:4a:09:11:95:61:75:ba:04:86:f2:
53:24:ee:29:d2:d9:ef:ca:63:e9:c1:39:12:62:3a:f2:5d:cc:
9d:2c:a9:7f:89:6e:48:3f:8e:b6:3a:68:77:00:b1:71:18:4a:
d7:99:b1:19:47:2d:f3:80:51:4a:2b:2e:f2:5f:e7:ab:a3:f5:
bb:56:ae:1a:7c:b2:fa:3b:47:6f:8a:61:c9:a4:59:5c:73:c0:
b3:45:5c:ed:3b:64:d8:9e:37:1f:3b:76:76:4a:b1:1a:9e:cc:
12:30:52:cb:d8:34:ce:64:11:1d:49:44:b7:86:79:0d:a1:de:
70:59:6b:e7:ec:15:28:3a:2d:c5:ea:99:80:36:c8:8f:bf:bb:
70:68:36:ce:7e:ee:1c:b1:a9:fa:ac:51:38:b9:bf:92:40:56:
06:db:10:2c:5c:b0:a5:1e:0b:3a:81:55:2c:f8:a8:97:c5:b4:
b2:7e:1f:7e:00:d9:0d:09:87:a7:be:4f:b4:e5:91:48:9d:9a:
b8:74:3b:a7:31:2d:25:94:5e:24:f9:54:a2:9c:65:26:29:91:
5e:fd:e0:e3:df:51:9e:c9:f6:d9:12:6a:79:0c:1d:2a:88:02:
dc:a9:fc:6d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQma9ifhhdNL17liIRYCB6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOGMzM2E4YTYyMDFkNDBhNjAyMjBiZDYzOWI1ZDM1MjIx
MjY3M2UwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk1MjQ5MjM3Y2FkNmNiZDQ2YmE3ZGUwNDQ3YWY0Y2FiZWQxMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7q6d0jfxYE7lHJzYRuag+Cu/oZMo
vXAQF8vMJ7mkvIP2dcy650Evz6h3MShg0gs6Kmx1f4up0AB6G8qKGMc7BDnhSzQS
lbYV/kWKbP2mnwg2p2OonKIhs7K1OmvIvr2tW5M2e1xRgT9Ky9mg3gX972VeSQRI
iiKuEDH3T5BfDf13TC4BHZmIUT9EoACU4K82d+SuoAYk6c/OTpvcRdLOoSZ7qsFA
pTh97qnlvebzl6b6rYIkKhF4Z16rB2w4LSbEpOCf3eEb0N995e4mPeuciuvtBoRf
HVwSOXIRTKtyL8uRTRg/E1LwJeEs4OEyZNwMw1yyL4gbYZDwjriYjmgK7QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFF2VJJI3ytbL1Gun3gRHr0yr7RHAMB8GA1UdIwQY
MBaAFO+MM6imIB1ApgIgvWObXTUiEmc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMt
ZTAxYmI0ODg2M2E5LzEvWFpVa2tqZksxc3ZVYTZmZUJFZXZUS3Z0RWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iZmJlNWYtOTdjOC00MzQ3LThhOGMtZTAxYmI0ODg2M2E5
LzEvNzR3enFLWWdIVUNtQWlDOVk1dGROU0lTWno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJcv4AwQD
VBQ4AwQDbc3IAwQCuRN4AwQCuUcQAwQCuUdwAwQCubJ4AwQG1cSAMA0EAgACMAcD
BQMqAiToMA0GCSqGSIb3DQEBCwUAA4IBAQA9md+F2eiT+cpl91CqKPyLouhPImmF
gJwIW0oJEZVhdboEhvJTJO4p0tnvymPpwTkSYjryXcydLKl/iW5IP462Omh3ALFx
GErXmbEZRy3zgFFKKy7yX+ero/W7Vq4afLL6O0dvimHJpFlcc8CzRVztO2TYnjcf
O3Z2SrEanswSMFLL2DTOZBEdSUS3hnkNod5wWWvn7BUoOi3F6pmANsiPv7twaDbO
fu4csan6rFE4ub+SQFYG2xAsXLClHgs6gVUs+KiXxbSyfh9+ANkNCYenvk+05ZFI
nZq4dDunMS0llF4k+VSinGUmKZFe/eDj31GeyfbZEmp5DB0qiALcqfxt
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:36 2025 by rpki-client