Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mt8Ih5PhV_asx3ZWGZufXHWnbLA.roa
File: mt8Ih5PhV_asx3ZWGZufXHWnbLA.roa (raw, json)
Hash identifier: QZe64WobZWKkA9bUzydXw2uXJmRaTnQtixnbhu9x+Po=
Subject key identifier: 9A:DF:08:87:93:E1:57:F6:AC:C7:76:56:19:9B:9F:5C:75:A7:6C:B0
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0195E92EC01B23DFEC7CCBB848A3D9A9573E
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mt8Ih5PhV_asx3ZWGZufXHWnbLA.roa
Signing time: Sun 30 Mar 2025 22:31:49 +0000
ROA not before: Sun 30 Mar 2025 22:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.36.0/24 maxlen: 24
86.110.42.0/24 maxlen: 24
86.110.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e9:2e:c0:1b:23:df:ec:7c:cb:b8:48:a3:d9:a9:57:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Mar 30 22:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9adf088793e157f6acc77656199b9f5c75a76cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f0:cf:a1:18:01:e7:03:8d:bc:28:85:a2:c7:
2d:1e:3a:de:f1:c9:02:a0:b7:8f:55:95:89:2c:70:
fd:01:65:da:34:be:5b:4d:1e:3c:44:1a:16:f7:06:
60:d5:70:ac:c8:df:57:ed:db:e2:96:a6:f4:b2:7d:
77:4f:db:78:20:85:e0:f9:09:1f:20:8c:e8:fc:a3:
a0:8e:e2:6c:e7:ce:a0:ec:99:d1:26:71:44:be:9f:
26:7a:4c:a3:34:30:2d:af:f0:91:07:e5:ed:64:43:
a5:e9:c1:39:a5:85:74:26:06:7c:5c:4f:54:dc:f4:
cd:b5:67:03:20:6f:e3:7d:38:3c:a9:2a:65:6b:e0:
f5:10:c2:ca:5e:f0:93:58:a6:34:79:97:41:ce:b2:
d2:e5:a3:ca:54:72:a1:45:cd:d2:a9:aa:49:7a:80:
41:7e:bf:ed:53:b9:6b:33:81:8a:52:87:ff:d4:d9:
98:af:19:11:d0:54:5f:9d:74:70:a3:ca:1e:6a:e5:
63:52:04:9d:c3:ef:21:f8:9a:4e:78:e0:d6:ee:cd:
22:0c:ce:e3:bf:3f:2f:41:0d:b1:d8:c5:e0:dd:c3:
b4:ff:75:0d:e9:4b:e3:92:49:0b:b6:ea:54:d8:49:
4d:77:c7:9f:e3:2a:8f:83:6f:4d:5f:3f:0e:5f:64:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DF:08:87:93:E1:57:F6:AC:C7:76:56:19:9B:9F:5C:75:A7:6C:B0
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mt8Ih5PhV_asx3ZWGZufXHWnbLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0/24
86.110.36.0/24
86.110.42.0/24
86.110.54.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7d:5b:48:8e:87:35:49:7f:1d:89:a6:db:3f:6a:ac:0f:6e:
96:84:50:72:e3:1e:24:bc:29:7b:91:0d:28:8a:9d:c9:9e:b7:
47:de:d1:d5:c9:ae:8d:c4:89:27:b7:f7:b3:6c:9a:5a:4d:96:
64:6d:cb:b4:5b:51:a8:04:39:6b:3c:43:3a:6a:94:b7:1e:e0:
fe:8d:19:8b:d5:74:78:de:5f:c7:bd:0f:5c:40:af:08:dc:ce:
67:8a:5b:7b:82:05:dd:87:45:45:fb:6a:fc:df:ad:5f:f6:f9:
09:e0:a8:b7:36:e1:1b:38:f3:30:23:5c:c4:d2:ce:58:bd:23:
3e:22:d7:c1:5d:e2:c6:ce:95:39:4f:97:72:55:50:3f:03:92:
2b:dc:71:5a:09:c8:c0:ad:20:73:4a:73:f7:7f:96:c8:33:31:
4e:c7:55:d8:e5:08:0c:54:dc:5a:9c:73:83:7d:f8:15:05:53:
eb:c9:44:a2:cb:dd:e7:e7:ec:9a:ab:54:79:c4:64:67:ca:b2:
cf:78:0d:bb:af:8d:8f:37:06:86:39:b9:14:8f:f9:87:90:69:
6e:1a:7e:b1:a5:01:76:12:76:cd:1d:76:cd:96:94:25:40:a0:
bf:06:f7:6f:f8:0b:89:be:5c:31:89:f6:93:fb:ff:1c:55:c4:
90:44:19:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXpLsAbI9/sfMu4SKPZqVc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMzMwMjIzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRmMDg4NzkzZTE1N2Y2YWNjNzc2NTYxOTliOWY1Yzc1YTc2Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvDPoRgB5wONvCiFosctHjre8ckC
oLePVZWJLHD9AWXaNL5bTR48RBoW9wZg1XCsyN9X7dvilqb0sn13T9t4IIXg+Qkf
IIzo/KOgjuJs586g7JnRJnFEvp8mekyjNDAtr/CRB+XtZEOl6cE5pYV0JgZ8XE9U
3PTNtWcDIG/jfTg8qSpla+D1EMLKXvCTWKY0eZdBzrLS5aPKVHKhRc3SqapJeoBB
fr/tU7lrM4GKUof/1NmYrxkR0FRfnXRwo8oeauVjUgSdw+8h+JpOeODW7s0iDM7j
vz8vQQ2x2MXg3cO0/3UN6UvjkkkLtupU2ElNd8ef4yqPg29NXz8OX2RbQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJrfCIeT4Vf2rMd2Vhmbn1x1p2ywMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvbXQ4SWg1UGhWX2FzeDNaV0dadWZYSFduYkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVm4hAwQA
Vm4kAwQAVm4qAwQAVm42MA0GCSqGSIb3DQEBCwUAA4IBAQBjfVtIjoc1SX8diabb
P2qsD26WhFBy4x4kvCl7kQ0oip3JnrdH3tHVya6NxIknt/ezbJpaTZZkbcu0W1Go
BDlrPEM6apS3HuD+jRmL1XR43l/HvQ9cQK8I3M5nilt7ggXdh0VF+2r8361f9vkJ
4Ki3NuEbOPMwI1zE0s5YvSM+ItfBXeLGzpU5T5dyVVA/A5Ir3HFaCcjArSBzSnP3
f5bIMzFOx1XY5QgMVNxanHODffgVBVPryUSiy93n5+yaq1R5xGRnyrLPeA27r42P
NwaGObkUj/mHkGluGn6xpQF2EnbNHXbNlpQlQKC/Bvdv+AuJvlwxifaT+/8cVcSQ
RBlg
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:49:40 2025 by rpki-client on console.sobornost.net