Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/MSDHR_z1F6FqWBNXSkxPnj1ablA.roa
File: MSDHR_z1F6FqWBNXSkxPnj1ablA.roa (raw, json)
Hash identifier: RJ4vnptjVrEEWuf/sAemu9W0c/8mcf0S1SNfmGPwZ+g=
Subject key identifier: 31:20:C7:47:FC:F5:17:A1:6A:58:13:57:4A:4C:4F:9E:3D:5A:6E:50
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 01961F0DFB0B74DB72E59F510FB1B47D6D2E
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/MSDHR_z1F6FqWBNXSkxPnj1ablA.roa
Signing time: Thu 10 Apr 2025 09:35:31 +0000
ROA not before: Thu 10 Apr 2025 09:35:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14061
IP address blocks: 5.42.203.0/24 maxlen: 24
5.101.96.0/20 maxlen: 24
37.139.0.0/19 maxlen: 22
46.101.0.0/16 maxlen: 22
80.240.128.0/20 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
146.185.128.0/19 maxlen: 22
146.185.160.0/19 maxlen: 22
167.172.0.0/16 maxlen: 22
178.62.0.0/16 maxlen: 22
178.128.0.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
185.14.184.0/22 maxlen: 22
188.166.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
2a03:b0c0::/32 maxlen: 48
2a12:1840::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:0d:fb:0b:74:db:72:e5:9f:51:0f:b1:b4:7d:6d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Apr 10 09:35:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3120c747fcf517a16a5813574a4c4f9e3d5a6e50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fe:ea:e0:a3:45:0a:f3:f1:24:d9:3d:8f:59:
b1:a3:0f:22:3f:03:e9:0b:17:1d:bc:66:0e:ce:51:
31:ca:dc:a0:27:63:89:33:a4:3b:c8:b5:de:87:62:
6f:1b:6c:77:e0:ab:19:5c:b2:61:73:88:f6:b2:84:
c9:f9:f6:c3:bb:b4:73:e5:cd:b0:23:35:36:f2:cc:
d5:87:40:e2:22:e7:0d:40:83:59:7b:aa:96:eb:58:
d9:50:fb:d8:0c:70:d2:ab:12:9a:26:99:c1:46:24:
45:c9:74:f8:99:78:c4:a1:0b:35:5c:32:6f:4d:8f:
4c:d4:11:69:77:70:ab:ea:1e:64:86:71:65:4b:99:
ae:a0:31:38:22:27:1d:6a:2e:1e:64:42:04:c0:09:
a4:22:5e:2f:2e:b3:ce:24:d9:cf:36:cd:f5:62:05:
5b:50:2c:74:2b:dc:b7:0f:03:15:bf:24:ba:7d:99:
e5:12:7f:e6:9a:05:e8:93:eb:ff:bc:e6:b2:0b:0e:
5a:90:da:c1:19:70:52:6e:fa:46:59:6d:84:24:d9:
ed:48:0f:ed:d5:e5:20:ee:8c:f4:ea:bd:69:c9:ef:
dc:70:5f:8b:f7:ce:ca:cc:92:72:d5:1f:63:19:79:
7e:ab:d2:e0:49:e9:c0:8f:9c:90:d5:93:66:cd:19:
db:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:20:C7:47:FC:F5:17:A1:6A:58:13:57:4A:4C:4F:9E:3D:5A:6E:50
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/MSDHR_z1F6FqWBNXSkxPnj1ablA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.203.0/24
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
2a12:1840::/29
Signature Algorithm: sha256WithRSAEncryption
b2:09:48:df:9d:db:ec:22:5a:2b:c7:91:f7:76:f4:af:bf:0a:
58:fa:72:f1:6c:92:92:b4:cd:36:3c:c6:df:58:11:cd:32:73:
8c:55:8e:3f:f7:10:22:5a:31:3f:82:4f:43:70:87:e4:7d:cb:
6a:f1:0d:49:9b:f3:2e:4e:c4:dc:ab:2c:35:9c:e4:93:7f:3f:
5d:c8:05:fb:8f:87:5d:b4:42:d2:96:8c:d2:73:35:2d:13:f5:
89:9b:ce:9b:1e:bc:37:3f:24:23:7e:05:01:d4:d9:ff:7e:d5:
eb:cd:55:2a:cc:3d:a1:95:1c:78:0d:b6:2f:fd:64:77:ed:ae:
5d:50:9f:d3:ee:a6:37:f4:63:a3:9e:89:bb:11:3a:9d:07:db:
76:be:3d:af:4c:2f:97:24:60:5a:ad:76:88:22:24:97:3a:11:
af:4c:ea:19:4d:ce:89:23:f5:95:b0:8f:3c:f6:b4:cf:bd:ff:
2d:6c:d8:16:35:ce:43:5f:55:b4:29:77:9f:02:2b:1b:99:a8:
04:2d:3a:3a:22:20:3a:6d:d9:b6:6b:5d:9e:72:8f:69:c1:ba:
3a:44:89:2e:b1:22:74:5c:3c:77:39:3b:56:2e:9c:6e:52:a0:
37:42:02:55:cb:9c:9a:d5:7a:6a:4a:ab:b9:19:af:01:99:a4:
58:b1:68:90
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZYfDfsLdNty5Z9RD7G0fW0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjUwNDEwMDkzNTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIwYzc0N2ZjZjUxN2ExNmE1ODEzNTc0YTRjNGY5ZTNkNWE2ZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f7q4KNFCvPxJNk9j1mxow8iPwPp
CxcdvGYOzlExytygJ2OJM6Q7yLXeh2JvG2x34KsZXLJhc4j2soTJ+fbDu7Rz5c2w
IzU28szVh0DiIucNQINZe6qW61jZUPvYDHDSqxKaJpnBRiRFyXT4mXjEoQs1XDJv
TY9M1BFpd3Cr6h5khnFlS5muoDE4Iicdai4eZEIEwAmkIl4vLrPOJNnPNs31YgVb
UCx0K9y3DwMVvyS6fZnlEn/mmgXok+v/vOayCw5akNrBGXBSbvpGWW2EJNntSA/t
1eUg7oz06r1pye/ccF+L987KzJJy1R9jGXl+q9LgSenAj5yQ1ZNmzRnbdwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFDEgx0f89RehalgTV0pMT549Wm5QMB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvTVNESFJfejFGNkZxV0JOWFNreFBuajFhYmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBVBAIAATBPAwQABSrLAwQE
BWVgAwQFJYsAAwMALmUDBARQ8IADBARSxAADBAZfVQADBAaSuYADAwCnrAMDALI+
AwMAsoADBAK5DrgDAwC8pgMEB7zigDAUBAIAAjAOAwUAKgOwwAMFAyoSGEAwDQYJ
KoZIhvcNAQELBQADggEBALIJSN+d2+wiWivHkfd29K+/Clj6cvFskpK0zTY8xt9Y
Ec0yc4xVjj/3ECJaMT+CT0Nwh+R9y2rxDUmb8y5OxNyrLDWc5JN/P13IBfuPh120
QtKWjNJzNS0T9YmbzpsevDc/JCN+BQHU2f9+1evNVSrMPaGVHHgNti/9ZHftrl1Q
n9Pupjf0Y6OeibsROp0H23a+Pa9ML5ckYFqtdogiJJc6Ea9M6hlNzokj9ZWwjzz2
tM+9/y1s2BY1zkNfVbQpd58CKxuZqAQtOjoiIDpt2bZrXZ5yj2nBujpEiS6xInRc
PHc5O1YunG5SoDdCAlXLnJrVempKq7kZrwGZpFixaJA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net