Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MwMdCdZiw88PIcoaREGcewFImyY.roa
File: MwMdCdZiw88PIcoaREGcewFImyY.roa (raw, json)
Hash identifier: qCJgHYkE2/lq78h6rjn1KIQRo33Bfd+SjfmjVntVEjk=
Subject key identifier: 33:03:1D:09:D6:62:C3:CF:0F:21:CA:1A:44:41:9C:7B:01:48:9B:26
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01961473B7F3796926017166A447B92084CA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MwMdCdZiw88PIcoaREGcewFImyY.roa
Signing time: Tue 08 Apr 2025 08:10:50 +0000
ROA not before: Tue 08 Apr 2025 08:10:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 109.176.18.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:73:b7:f3:79:69:26:01:71:66:a4:47:b9:20:84:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 8 08:10:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33031d09d662c3cf0f21ca1a44419c7b01489b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b3:40:5a:81:19:d1:99:9f:e4:f6:26:45:ca:
bf:f6:e3:d2:7d:ea:f5:71:5b:e8:3d:49:f1:d5:c1:
f5:40:8e:a9:77:50:ea:90:8e:f0:5d:a9:45:f4:d0:
e6:9b:5d:ed:c9:96:08:1a:63:62:e2:c4:90:48:ca:
00:48:ec:23:7e:a6:f1:75:b3:dc:10:e2:da:30:66:
31:af:ed:06:f7:93:91:20:3a:a6:19:83:12:d3:e0:
50:19:6e:76:4d:a5:eb:8c:b7:08:90:6e:38:ca:5a:
19:5d:78:fb:27:6b:ac:f2:e2:4e:1a:f3:83:83:48:
5e:e8:33:0a:77:da:48:50:65:c1:92:32:17:ec:bd:
59:de:2b:a0:e7:b7:8d:7a:68:82:22:2e:73:62:44:
1c:09:47:5c:3b:25:9e:b7:ef:3f:a0:7e:5f:2e:eb:
57:48:df:2d:79:f0:b0:ce:5a:2d:53:01:fc:e5:08:
52:22:73:db:e8:2f:62:4d:47:0d:e7:88:a7:2f:78:
e2:f7:05:ef:81:a3:cd:d2:1e:0a:70:6b:af:08:e3:
1a:6b:99:5b:4c:e2:8f:aa:80:d8:b9:70:b3:2d:24:
7e:73:6a:19:35:c3:d1:67:3f:9c:7e:b7:77:ba:f3:
7c:a6:e1:a3:24:b8:40:14:ad:ae:f9:a3:c5:99:79:
b7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:03:1D:09:D6:62:C3:CF:0F:21:CA:1A:44:41:9C:7B:01:48:9B:26
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MwMdCdZiw88PIcoaREGcewFImyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.18.0/24
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:62:10:4c:73:66:0e:55:bd:32:ea:1c:63:93:4c:b6:c2:38:
55:27:a7:df:74:bb:10:0e:e0:6b:65:19:93:07:ef:50:e2:2a:
e2:e8:54:71:13:67:fd:4f:02:7e:85:0b:b0:66:24:ca:48:66:
42:b2:cd:7e:ab:fc:b0:bb:bc:03:34:6b:69:de:fb:41:7a:2b:
73:bb:4a:99:54:09:74:cd:e5:fc:1a:58:0f:dd:74:c4:25:39:
15:8e:f8:74:7f:58:17:63:1c:49:ea:82:43:96:57:54:5b:08:
43:25:a2:3a:02:cc:cf:17:d9:4e:23:40:dd:47:46:bf:a7:75:
84:40:1c:7d:dc:ea:fe:b8:db:02:cf:1d:b8:98:3a:ef:4a:c8:
ca:b9:09:ac:0c:d1:2e:1c:2c:c8:40:1b:93:e3:b5:7d:81:50:
7f:5c:41:f8:99:f3:59:aa:88:f5:a2:0d:bb:53:5f:5e:1a:11:
1d:d0:42:7c:64:2a:73:df:0c:ae:98:9c:a9:6a:37:e2:51:05:
00:1f:76:b4:0f:8c:ea:7b:69:69:d6:19:e2:52:7d:0a:54:63:
ce:48:13:9e:72:d0:3c:c7:59:3d:35:c8:04:21:f8:e0:5c:e9:
9b:b1:12:a7:db:30:7a:3b:9f:bf:dc:cd:c2:5e:64:36:66:b6:
a5:ff:27:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYUc7fzeWkmAXFmpEe5IITKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA4MDgxMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAzMWQwOWQ2NjJjM2NmMGYyMWNhMWE0NDQxOWM3YjAxNDg5YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7NAWoEZ0Zmf5PYmRcq/9uPSfer1
cVvoPUnx1cH1QI6pd1DqkI7wXalF9NDmm13tyZYIGmNi4sSQSMoASOwjfqbxdbPc
EOLaMGYxr+0G95ORIDqmGYMS0+BQGW52TaXrjLcIkG44yloZXXj7J2us8uJOGvOD
g0he6DMKd9pIUGXBkjIX7L1Z3iug57eNemiCIi5zYkQcCUdcOyWet+8/oH5fLutX
SN8tefCwzlotUwH85QhSInPb6C9iTUcN54inL3ji9wXvgaPN0h4KcGuvCOMaa5lb
TOKPqoDYuXCzLSR+c2oZNcPRZz+cfrd3uvN8puGjJLhAFK2u+aPFmXm3BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMDHQnWYsPPDyHKGkRBnHsBSJsmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTXdNZENkWml3ODhQSWNvYVJFR2Nld0ZJbXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbASAwQA
bbDQMA0GCSqGSIb3DQEBCwUAA4IBAQA+YhBMc2YOVb0y6hxjk0y2wjhVJ6ffdLsQ
DuBrZRmTB+9Q4iri6FRxE2f9TwJ+hQuwZiTKSGZCss1+q/ywu7wDNGtp3vtBeitz
u0qZVAl0zeX8GlgP3XTEJTkVjvh0f1gXYxxJ6oJDlldUWwhDJaI6AszPF9lOI0Dd
R0a/p3WEQBx93Or+uNsCzx24mDrvSsjKuQmsDNEuHCzIQBuT47V9gVB/XEH4mfNZ
qoj1og27U19eGhEd0EJ8ZCpz3wyumJypajfiUQUAH3a0D4zqe2lp1hniUn0KVGPO
SBOectA8x1k9NcgEIfjgXOmbsRKn2zB6O5+/3M3CXmQ2Zral/ycT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:16 2025 by rpki-client on console.sobornost.net