Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/MCvxtXhDv-4sOFSG3-70es9IbCc.roa
File: MCvxtXhDv-4sOFSG3-70es9IbCc.roa (raw, json)
Hash identifier: zG6t5oGWGri6Roj7Zds9875D3+Pp2Gk1iyyfA9Fh0BU=
Subject key identifier: 30:2B:F1:B5:78:43:BF:EE:2C:38:54:86:DF:EE:F4:7A:CF:48:6C:27
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 0194221FAA7419BF61F2A2B489AE842E29DC
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/MCvxtXhDv-4sOFSG3-70es9IbCc.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57910
IP address blocks: 31.214.176.0/20 maxlen: 24
37.10.72.0/21 maxlen: 24
37.152.88.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
87.117.96.0/20 maxlen: 24
91.132.116.0/22 maxlen: 24
95.214.0.0/22 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:aa:74:19:bf:61:f2:a2:b4:89:ae:84:2e:29:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=302bf1b57843bfee2c385486dfeef47acf486c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:84:59:f8:a8:27:69:21:97:6b:14:d0:b6:82:
31:07:08:51:64:81:ab:ff:b3:d5:c2:cf:e5:b4:95:
36:f4:13:a1:a8:09:e2:67:0d:c8:df:24:8f:07:08:
30:ff:4a:5a:c4:14:91:2d:6a:50:b7:c1:4b:04:e0:
84:d5:02:56:d9:e9:20:fa:8a:35:c6:1c:46:81:73:
be:5b:6f:4a:99:af:29:2f:a7:d2:5d:cb:ff:05:2a:
11:f8:29:6b:26:08:6b:8c:dc:6f:57:2f:38:f9:98:
a9:96:6c:f1:e7:43:91:ab:5b:91:12:16:b1:23:e1:
e4:91:c1:16:05:89:a1:3f:e6:0e:b7:16:ab:12:4e:
48:7f:28:fd:0a:cd:c1:b6:db:51:aa:ad:22:cd:3f:
9a:a1:e6:ef:da:e1:44:93:4e:30:6c:41:21:55:c7:
26:03:ef:4b:37:e4:88:2d:e5:81:6e:ce:a6:c1:a1:
b9:e7:87:1c:b2:c2:42:42:b4:e7:3b:c1:06:d5:82:
91:95:16:35:62:d0:e3:f8:82:eb:04:c7:b6:47:2f:
0a:1d:39:95:87:fb:ee:d2:e2:db:08:49:7c:ab:92:
52:e9:d3:a2:4c:be:2f:10:49:56:c8:5f:f8:e9:6a:
a8:85:ec:88:a1:4b:5b:c6:05:ab:35:97:ce:fa:ca:
95:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2B:F1:B5:78:43:BF:EE:2C:38:54:86:DF:EE:F4:7A:CF:48:6C:27
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/MCvxtXhDv-4sOFSG3-70es9IbCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.176.0/20
37.10.72.0/21
37.152.88.0/21
45.149.228.0/22
46.18.72.0/21
87.117.96.0/20
91.132.116.0/22
95.214.0.0/22
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
19:d3:58:3a:f2:72:82:54:7c:3e:1a:5e:6c:0f:32:d9:ec:22:
ec:54:18:6d:a3:7b:ee:08:c8:fb:5f:d1:9f:1e:65:f4:c9:27:
9f:e3:94:7f:b2:3b:ae:8a:e8:5c:58:bf:bc:a0:0e:99:60:42:
0c:8a:e2:0b:d5:1f:83:1f:17:3d:1a:a5:78:75:a0:fb:57:84:
30:3f:8e:87:45:bf:6e:6c:29:ee:0a:23:41:57:72:48:9a:ea:
0d:7b:fb:96:30:fd:18:51:b6:7b:a0:5b:6a:a3:a2:5f:c0:a6:
31:b6:c8:f5:08:8a:e2:3e:87:09:4f:59:45:3b:0e:30:3c:46:
1a:7d:d1:3d:ca:28:3c:02:9a:3c:15:ed:a5:1a:77:6a:d0:33:
69:a3:b8:1d:0c:6e:be:79:1f:66:fd:0d:7f:e2:95:95:73:7b:
a8:55:cb:42:5d:32:bd:0a:57:43:0d:df:34:bc:e9:e0:6e:3f:
09:ef:6d:c6:dc:82:c6:00:5a:f0:30:e7:2c:d5:e5:e3:06:92:
94:d7:18:2d:9b:46:56:f3:59:1f:3b:37:0c:b8:05:b8:9a:1a:
96:a5:f6:93:52:0b:cc:20:b2:dd:64:53:55:87:18:fd:1b:bb:
65:eb:7e:df:12:87:bd:81:2d:82:b3:af:6e:19:6a:0e:90:fe:
37:c8:b7:d6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZQiH6p0Gb9h8qK0ia6ELincMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJiZjFiNTc4NDNiZmVlMmMzODU0ODZkZmVlZjQ3YWNmNDg2YzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4RZ+KgnaSGXaxTQtoIxBwhRZIGr
/7PVws/ltJU29BOhqAniZw3I3ySPBwgw/0paxBSRLWpQt8FLBOCE1QJW2ekg+oo1
xhxGgXO+W29Kma8pL6fSXcv/BSoR+ClrJghrjNxvVy84+Ziplmzx50ORq1uREhax
I+HkkcEWBYmhP+YOtxarEk5Ifyj9Cs3BtttRqq0izT+aoebv2uFEk04wbEEhVccm
A+9LN+SILeWBbs6mwaG554ccssJCQrTnO8EG1YKRlRY1YtDj+ILrBMe2Ry8KHTmV
h/vu0uLbCEl8q5JS6dOiTL4vEElWyF/46WqoheyIoUtbxgWrNZfO+sqVHQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFDAr8bV4Q7/uLDhUht/u9HrPSGwnMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvTUN2eHRYaER2LTRzT0ZTRzMtNzBlczlJYkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQEH9aw
AwQDJQpIAwQDJZhYAwQCLZXkAwQDLhJIAwQEV3VgAwQCW4R0AwQCX9YAAwQDbUUw
AwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQBwn+eAwQBwn+iMBsEAgAC
MBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEBABnTWDry
coJUfD4aXmwPMtnsIuxUGG2je+4IyPtf0Z8eZfTJJ5/jlH+yO66K6FxYv7ygDplg
QgyK4gvVH4MfFz0apXh1oPtXhDA/jodFv25sKe4KI0FXckia6g17+5Yw/RhRtnug
W2qjol/ApjG2yPUIiuI+hwlPWUU7DjA8Rhp90T3KKDwCmjwV7aUad2rQM2mjuB0M
br55H2b9DX/ilZVze6hVy0JdMr0KV0MN3zS86eBuPwnvbcbcgsYAWvAw5yzV5eMG
kpTXGC2bRlbzWR87Nwy4BbiaGpal9pNSC8wgst1kU1WHGP0bu2Xrft8Sh72BLYKz
r24Zag6Q/jfIt9Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net