Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/mtdclY8O-xs5gcnHoOhafDFUgKI.roa
File: mtdclY8O-xs5gcnHoOhafDFUgKI.roa (raw, json)
Hash identifier: rbz7XQGehDM4qlCCC493lW8PFTdkUVLafneGpzVymQ0=
Subject key identifier: 9A:D7:5C:95:8F:0E:FB:1B:39:81:C9:C7:A0:E8:5A:7C:31:54:80:A2
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 019423697B2C7560DD2D41D53AC9033CB76E
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/mtdclY8O-xs5gcnHoOhafDFUgKI.roa
Signing time: Wed 01 Jan 2025 19:48:22 +0000
ROA not before: Wed 01 Jan 2025 19:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5606
IP address blocks: 5.35.208.0/21 maxlen: 24
37.156.182.0/23 maxlen: 24
77.81.2.0/24 maxlen: 24
84.247.28.0/24 maxlen: 24
85.9.0.0/18 maxlen: 24
85.204.75.0/24 maxlen: 24
85.204.108.0/24 maxlen: 24
86.104.3.0/24 maxlen: 24
86.104.17.0/24 maxlen: 24
87.237.104.0/22 maxlen: 24
87.237.110.0/23 maxlen: 24
89.37.143.0/24 maxlen: 24
89.38.59.0/24 maxlen: 24
89.38.231.0/24 maxlen: 24
89.38.241.0/24 maxlen: 24
89.39.68.0/24 maxlen: 24
89.40.132.0/24 maxlen: 24
89.41.31.0/24 maxlen: 24
89.44.121.0/24 maxlen: 24
89.44.200.0/24 maxlen: 24
91.194.235.0/24 maxlen: 24
93.113.30.0/24 maxlen: 24
93.113.58.0/23 maxlen: 24
94.176.190.0/24 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
128.140.224.0/21 maxlen: 24
176.223.110.0/24 maxlen: 24
185.8.152.0/22 maxlen: 24
188.211.236.0/24 maxlen: 24
188.212.37.0/24 maxlen: 24
188.212.152.0/24 maxlen: 24
188.213.33.0/24 maxlen: 24
188.213.132.0/23 maxlen: 24
188.241.222.0/24 maxlen: 24
193.41.251.0/24 maxlen: 24
193.226.128.0/18 maxlen: 24
194.105.1.0/24 maxlen: 24
212.146.64.0/18 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7b:2c:75:60:dd:2d:41:d5:3a:c9:03:3c:b7:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 19:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad75c958f0efb1b3981c9c7a0e85a7c315480a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:35:6c:63:e8:c5:5d:9e:b4:59:b2:ca:63:17:
85:91:90:a9:be:5a:36:d0:c5:d0:c6:ee:4b:45:88:
0f:c8:02:de:f5:05:02:86:58:dc:13:80:33:f9:21:
65:df:63:98:15:da:cc:ae:85:30:e8:ab:fb:4e:4f:
e2:b4:51:5a:e0:6a:8c:12:aa:40:81:7c:8c:64:2e:
3a:1e:b5:5f:d1:06:2e:67:ca:66:2a:2f:1e:01:7f:
46:5c:af:cc:86:12:f0:e8:84:50:36:a9:24:ec:d1:
86:bf:8e:f2:fb:cd:35:9c:3c:c7:b2:3e:6c:e1:3f:
ed:e5:26:c6:f1:b9:12:e5:8d:bf:a3:53:8f:e6:0a:
76:32:9b:12:cf:67:75:a6:83:4c:8a:a9:78:0c:e7:
cb:18:af:dc:29:a2:36:3c:52:82:10:fa:21:87:10:
0e:9a:82:ca:43:e1:60:28:42:37:06:7f:6f:95:64:
b2:a6:a8:b5:f0:23:43:2e:c4:dc:8e:4c:25:4b:5a:
35:d1:22:f4:04:8a:35:aa:5c:3a:9c:6e:20:41:cb:
ac:bb:8f:02:e4:92:d4:63:16:16:b8:6a:bb:a3:f8:
9f:ee:a5:11:46:99:8d:00:b0:cd:df:30:9c:a8:50:
64:17:0f:ea:3c:8e:23:fe:20:75:21:df:1e:0c:29:
28:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D7:5C:95:8F:0E:FB:1B:39:81:C9:C7:A0:E8:5A:7C:31:54:80:A2
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/mtdclY8O-xs5gcnHoOhafDFUgKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.208.0/21
37.156.182.0/23
77.81.2.0/24
84.247.28.0/24
85.9.0.0/18
85.204.75.0/24
85.204.108.0/24
86.104.3.0/24
86.104.17.0/24
87.237.104.0/22
87.237.110.0/23
89.37.143.0/24
89.38.59.0/24
89.38.231.0/24
89.38.241.0/24
89.39.68.0/24
89.40.132.0/24
89.41.31.0/24
89.44.121.0/24
89.44.200.0/24
91.194.235.0/24
93.113.30.0/24
93.113.58.0/23
94.176.190.0/24
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
176.223.110.0/24
185.8.152.0/22
188.211.236.0/24
188.212.37.0/24
188.212.152.0/24
188.213.33.0/24
188.213.132.0/23
188.241.222.0/24
193.41.251.0/24
193.226.128.0/18
194.105.1.0/24
212.146.64.0/18
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
6f:be:68:a3:e4:b3:06:b3:9a:82:5e:0a:5d:56:7b:8e:6f:c2:
79:ec:d9:ff:44:6e:d2:20:90:53:b6:5a:3a:7f:55:9c:31:bf:
f5:4d:8d:8b:8c:38:73:50:db:6d:44:92:f5:cc:25:56:e5:37:
cd:88:fd:3a:b8:51:51:01:07:ec:94:9c:49:c3:f6:fe:c3:87:
73:67:93:89:a9:44:69:19:6c:74:88:a9:d8:83:33:7b:b8:5e:
88:60:eb:1c:20:b0:9c:0e:b7:54:4f:2f:e4:f1:3c:db:50:45:
8e:fc:10:73:b6:2a:51:3d:84:68:b4:cf:a8:e8:94:b9:c9:db:
dd:53:80:0e:9b:c6:60:ce:06:b1:d6:7b:81:db:b3:91:72:f7:
9b:f3:e4:73:a0:2a:6b:ef:60:bd:ab:1b:95:d7:3e:b2:58:b5:
28:0d:c4:01:ba:38:6e:f9:1b:3d:83:a2:ed:e8:52:82:07:38:
5d:88:c2:8e:9b:df:24:d5:07:a1:64:34:9b:81:67:ca:8e:1c:
b7:a2:31:b2:58:65:87:a5:e7:55:a6:11:60:48:5d:cc:bb:8b:
42:d8:ef:86:05:3d:ce:3b:6e:af:0b:08:0e:08:bd:5e:1d:5e:
72:66:6a:d0:b6:bf:5e:e2:4d:f2:b3:49:e6:a9:dd:0c:06:12:
01:18:d9:29
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZQjaXssdWDdLUHVOskDPLduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjYxNzk4ZGQxODk2NWMwMjdhZmE3ZjkzYWUwMzBmZjVl
MWQ3NmUwHhcNMjUwMTAxMTk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ3NWM5NThmMGVmYjFiMzk4MWM5YzdhMGU4NWE3YzMxNTQ4MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTVsY+jFXZ60WbLKYxeFkZCpvlo2
0MXQxu5LRYgPyALe9QUChljcE4Az+SFl32OYFdrMroUw6Kv7Tk/itFFa4GqMEqpA
gXyMZC46HrVf0QYuZ8pmKi8eAX9GXK/MhhLw6IRQNqkk7NGGv47y+801nDzHsj5s
4T/t5SbG8bkS5Y2/o1OP5gp2MpsSz2d1poNMiql4DOfLGK/cKaI2PFKCEPohhxAO
moLKQ+FgKEI3Bn9vlWSypqi18CNDLsTcjkwlS1o10SL0BIo1qlw6nG4gQcusu48C
5JLUYxYWuGq7o/if7qURRpmNALDN3zCcqFBkFw/qPI4j/iB1Id8eDCkoZwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFJrXXJWPDvsbOYHJx6DoWnwxVICiMB8GA1UdIwQY
MBaAFAr2F5jdGJZcAnr6f5OuAw/14dduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEt
ZDZlMWUzNDdmOWM3LzEvbXRkY2xZOE8teHM1Z2NuSG9PaGFmREZVZ0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEtZDZlMWUzNDdmOWM3
LzEvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAMFI9ADBAElnLYDBABNUQIDBABU9xwDBAZVCQADBABVzEsDBABVzGwDBABWaAMD
BABWaBEDBAJX7WgDBAFX7W4DBABZJY8DBABZJjsDBABZJucDBABZJvEDBABZJ0QD
BABZKIQDBABZKR8DBABZLHkDBABZLMgDBABbwusDBABdcR4DBAFdcToDBABesL4D
BAJtzVgDBABtzV8DBAOAjOADBACw324DBAK5CJgDBAC80+wDBAC81CUDBAC81JgD
BAC81SEDBAG81YQDBAC88d4DBADBKfsDBAbB4oADBADCaQEDBAbUkkAwDQQCAAIw
BwMFACABTYAwDQYJKoZIhvcNAQELBQADggEBAG++aKPkswazmoJeCl1We45vwnns
2f9EbtIgkFO2Wjp/VZwxv/VNjYuMOHNQ221EkvXMJVblN82I/Tq4UVEBB+yUnEnD
9v7Dh3Nnk4mpRGkZbHSIqdiDM3u4Xohg6xwgsJwOt1RPL+TxPNtQRY78EHO2KlE9
hGi0z6jolLnJ291TgA6bxmDOBrHWe4Hbs5Fy95vz5HOgKmvvYL2rG5XXPrJYtSgN
xAG6OG75Gz2Dou3oUoIHOF2Iwo6b3yTVB6FkNJuBZ8qOHLeiMbJYZYel51WmEWBI
Xcy7i0LY74YFPc47bq8LCA4IvV4dXnJmatC2v17iTfKzSeap3QwGEgEY2Sk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:01:07 2025 by rpki-client