Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/MW_XTzv670w7yHZaqcLcLC-4RP4.roa
File: MW_XTzv670w7yHZaqcLcLC-4RP4.roa (raw, json)
Hash identifier: Q3TgnJoLo5ueJohGmYg5Li9qa76QR93ky622rzd6M1k=
Subject key identifier: 31:6F:D7:4F:3B:FA:EF:4C:3B:C8:76:5A:A9:C2:DC:2C:2F:B8:44:FE
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 01941F8C461E79BD32D79197DBD919D59F60
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/MW_XTzv670w7yHZaqcLcLC-4RP4.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34245
IP address blocks: 85.91.0.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
87.192.220.0/23 maxlen: 24
87.198.0.0/16 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.32.0/19 maxlen: 24
87.232.64.0/18 maxlen: 24
87.232.128.0/21 maxlen: 24
87.232.134.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
89.127.252.0/23 maxlen: 24
89.127.252.0/24 maxlen: 24
89.127.253.0/24 maxlen: 24
185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
213.79.32.0/19 maxlen: 24
213.159.128.0/22 maxlen: 24
2a01:148::/29 maxlen: 32
2a01:14f::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:46:1e:79:bd:32:d7:91:97:db:d9:19:d5:9f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=316fd74f3bfaef4c3bc8765aa9c2dc2c2fb844fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1c:07:cc:8d:da:9c:d0:41:13:4f:a0:b0:5e:
91:ac:c1:07:57:e2:de:c1:59:45:ed:7b:c2:74:41:
78:1e:6f:c8:05:8c:25:ad:3d:e1:1d:05:63:ff:9c:
ed:70:0d:03:b4:d0:74:9b:65:00:e3:5c:fd:05:cc:
30:ae:08:9a:f0:17:07:9c:0a:38:07:9b:a4:54:5d:
80:47:a5:bc:65:5c:1b:11:3e:a4:b7:b4:47:d4:79:
6f:00:a5:49:5b:95:ad:d8:68:32:04:3d:b6:0d:d5:
7a:c7:ec:07:b7:bb:28:1c:87:11:0a:2c:34:50:6f:
1e:fa:5e:08:3e:75:87:5d:00:63:49:2c:8d:fc:c8:
24:38:c1:c3:72:4f:0b:71:ca:60:08:96:8d:fd:23:
2c:66:5f:30:4e:e0:15:d1:c5:ef:d3:6c:73:c9:44:
bb:55:64:ef:91:49:68:fd:a8:b6:17:d6:eb:fc:cc:
0c:6a:82:8e:1d:5e:f6:34:6d:f0:92:53:8c:df:74:
49:2e:c0:9d:0a:7a:93:9e:b1:27:4f:56:88:56:3a:
29:bf:0a:94:7f:cc:49:84:c8:c2:f7:e1:61:69:d1:
27:fa:8f:fa:d7:4e:05:fd:5c:90:ec:24:16:ec:0d:
50:31:ca:d7:13:33:b6:6b:01:43:25:fe:4c:df:4a:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6F:D7:4F:3B:FA:EF:4C:3B:C8:76:5A:A9:C2:DC:2C:2F:B8:44:FE
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/MW_XTzv670w7yHZaqcLcLC-4RP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
89.127.252.0/23
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
a1:d2:1a:cd:e0:27:05:ac:8b:9b:ae:dc:4d:31:81:94:78:30:
3e:a4:1c:a7:23:93:01:19:e5:18:b4:81:5e:2b:a4:c6:a3:f0:
1d:8d:88:68:09:c6:69:a3:c9:7d:bf:e6:c8:6c:ff:eb:e5:ec:
41:e9:9f:f2:02:ff:46:31:96:12:aa:18:7c:08:27:36:37:40:
56:4a:c9:72:e0:89:fc:3a:2e:f6:3c:6d:0b:31:59:91:55:e1:
6b:5f:d5:b5:3c:37:ca:b3:26:3b:35:c7:06:f7:05:2f:00:3a:
e2:6c:73:0e:f7:f0:7a:3f:bb:2e:a1:96:cc:95:47:e0:92:11:
88:b1:9d:54:de:3b:11:d8:21:48:92:54:ed:8f:e2:49:f0:2d:
37:a5:e5:43:25:e2:91:65:b3:c1:e7:6c:ba:6f:5c:c6:19:76:
07:47:2a:46:7c:f2:6d:12:78:41:48:68:4a:f0:49:0c:21:51:
6f:30:bd:30:52:48:23:2c:15:63:25:a0:9d:43:0a:95:92:68:
ec:a6:45:8a:03:12:06:a3:cc:49:7c:6e:4d:12:19:5a:53:13:
ce:f3:eb:83:c2:44:14:7b:47:4a:11:67:a4:52:c1:16:a2:c1:
09:aa:69:4a:fa:c2:5b:19:31:85:1a:84:f4:f6:37:7b:3d:14:
b8:81:d6:7c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQfjEYeeb0y15GX29kZ1Z9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZmZDc0ZjNiZmFlZjRjM2JjODc2NWFhOWMyZGMyYzJmYjg0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhwHzI3anNBBE0+gsF6RrMEHV+Le
wVlF7XvCdEF4Hm/IBYwlrT3hHQVj/5ztcA0DtNB0m2UA41z9Bcwwrgia8BcHnAo4
B5ukVF2AR6W8ZVwbET6kt7RH1HlvAKVJW5Wt2GgyBD22DdV6x+wHt7soHIcRCiw0
UG8e+l4IPnWHXQBjSSyN/MgkOMHDck8LccpgCJaN/SMsZl8wTuAV0cXv02xzyUS7
VWTvkUlo/ai2F9br/MwMaoKOHV72NG3wklOM33RJLsCdCnqTnrEnT1aIVjopvwqU
f8xJhMjC9+FhadEn+o/6104F/VyQ7CQW7A1QMcrXEzO2awFDJf5M30o19QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDFv1087+u9MO8h2WqnC3CwvuET+MB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvTVdfWFR6djY3MHc3eUhaYXFjTGNMQy00UlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVVsA
AwQAV8BQAwQBV8DcAwMAV8YwDAMEBVfoIAMEA1fogAMEAFfowQMEAFfo4DALAwQB
V+j6AwMAV+gwDAMEAVl88gMEAFl89AMEAVl//AMEArlqWAMEBdQRIAMEBdVPIAME
AtWfgDANBAIAAjAHAwUDKgEBSDANBgkqhkiG9w0BAQsFAAOCAQEAodIazeAnBayL
m67cTTGBlHgwPqQcpyOTARnlGLSBXiukxqPwHY2IaAnGaaPJfb/myGz/6+XsQemf
8gL/RjGWEqoYfAgnNjdAVkrJcuCJ/Dou9jxtCzFZkVXha1/VtTw3yrMmOzXHBvcF
LwA64mxzDvfwej+7LqGWzJVH4JIRiLGdVN47EdghSJJU7Y/iSfAtN6XlQyXikWWz
wedsum9cxhl2B0cqRnzybRJ4QUhoSvBJDCFRbzC9MFJIIywVYyWgnUMKlZJo7KZF
igMSBqPMSXxuTRIZWlMTzvPrg8JEFHtHShFnpFLBFqLBCappSvrCWxkxhRqE9PY3
ez0UuIHWfA==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:06 2025 by rpki-client on console.sobornost.net