Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/MuTMYJ5wNxotGsvV13UuS86QnfY.roa
File: MuTMYJ5wNxotGsvV13UuS86QnfY.roa (raw, json)
Hash identifier: mtJNGrlWmcmjXRxUDSqr8cFpNGuPNpgehqLozvPbaUw=
Subject key identifier: 32:E4:CC:60:9E:70:37:1A:2D:1A:CB:D5:D7:75:2E:4B:CE:90:9D:F6
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018CD684ACEFA8B72601644D820EC508F4D3
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/MuTMYJ5wNxotGsvV13UuS86QnfY.roa
Signing time: Thu 04 Jan 2024 22:07:48 +0000
ROA not before: Thu 04 Jan 2024 22:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
94.24.64.0/21 maxlen: 24
46.231.104.0/21 maxlen: 24
109.94.144.0/20 maxlen: 24
37.251.176.0/20 maxlen: 24
94.26.24.0/23 maxlen: 24
37.251.200.0/21 maxlen: 24
89.40.220.0/23 maxlen: 24
62.122.40.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
192.64.44.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:84:ac:ef:a8:b7:26:01:64:4d:82:0e:c5:08:f4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 4 22:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32e4cc609e70371a2d1acbd5d7752e4bce909df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:9a:23:21:1e:9a:5e:4f:61:33:a5:42:e3:
46:b7:18:01:d2:fc:f6:a0:c7:6e:38:ff:fd:97:cc:
25:60:03:d4:27:b5:f2:10:6e:de:e2:00:00:1a:91:
0e:81:73:9b:a9:21:0a:ae:7d:15:23:0a:5e:0b:87:
b8:24:94:de:c7:d4:e6:b4:32:76:bc:03:d0:7d:3b:
e3:92:22:69:f2:3b:41:6c:cf:9a:41:b5:61:3d:d7:
4b:c6:c7:f6:90:2c:5b:f7:82:02:b0:af:da:04:7f:
31:00:38:75:79:ac:35:20:4e:18:e6:0c:87:ca:87:
a3:a2:14:b4:3b:08:e1:8f:df:9c:3e:e9:08:97:aa:
89:34:52:9e:40:1f:cb:93:5d:8c:fa:6d:b4:a6:01:
71:77:1c:ec:d9:c4:90:83:28:d4:a3:0c:01:70:65:
78:e1:ec:fc:fa:20:07:fc:bf:39:82:df:2d:2e:bd:
6f:86:30:60:cb:45:49:b9:c6:da:17:4e:38:7e:4d:
b0:d8:8d:52:14:62:5b:f6:69:d1:42:71:48:f7:6f:
62:63:5e:21:d8:00:a6:47:93:7c:3d:fb:71:f8:d7:
a2:cb:a9:cb:2d:47:9d:31:8b:af:c2:45:2d:24:1b:
0e:c7:f5:c7:ea:ee:14:c0:62:25:dc:68:05:a4:d6:
ac:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E4:CC:60:9E:70:37:1A:2D:1A:CB:D5:D7:75:2E:4B:CE:90:9D:F6
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/MuTMYJ5wNxotGsvV13UuS86QnfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
46.231.104.0/21
62.122.40.0/21
89.39.210.0/23
89.40.220.0/23
94.24.64.0/21
94.26.24.0/23
109.94.144.0/20
192.64.44.0/23
Signature Algorithm: sha256WithRSAEncryption
14:19:69:74:b9:31:76:7d:54:ed:04:80:77:61:a7:a2:94:2d:
7a:eb:b7:2a:f8:3f:6c:f6:1b:9c:70:e2:38:c5:3d:7f:e5:aa:
bb:2f:a8:7a:21:83:73:ab:5b:eb:27:b9:ba:9c:5c:d3:41:e1:
0b:19:92:6f:45:71:60:66:ba:0a:b6:f6:2f:8a:14:72:25:c0:
61:8f:03:4f:42:84:98:a2:de:4c:ad:87:ca:39:18:2f:a0:52:
ce:f6:33:6f:12:35:51:d8:23:e0:fe:26:25:d4:06:b4:84:fb:
da:48:6e:4c:f8:bf:91:b3:56:03:6c:33:3d:d2:12:f6:a3:4f:
bb:0e:80:37:67:2b:8c:f0:ec:2f:05:00:dd:bd:01:67:8e:86:
84:64:75:7a:fb:28:c4:71:0a:05:bd:2a:1f:58:41:c5:8f:85:
cb:c4:5f:8d:33:53:1f:f2:e0:5d:b1:a3:b6:54:89:6b:1b:74:
aa:93:4d:31:6b:f3:44:5a:a5:22:b5:2e:af:45:9a:ac:fb:67:
9a:70:69:d9:c0:b0:c1:d6:c3:3c:08:91:8a:4a:82:0a:ab:99:
20:b2:0d:83:ef:cf:51:eb:15:1c:fb:dd:0e:0a:23:ac:f5:36:
32:bf:f1:4e:1a:42:f0:75:9d:2e:5d:dc:ce:5b:06:29:bc:99:
4d:ae:48:e5
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzWhKzvqLcmAWRNgg7FCPTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTA0MjIwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU0Y2M2MDllNzAzNzFhMmQxYWNiZDVkNzc1MmU0YmNlOTA5ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW6aIyEeml5PYTOlQuNGtxgB0vz2
oMduOP/9l8wlYAPUJ7XyEG7e4gAAGpEOgXObqSEKrn0VIwpeC4e4JJTex9TmtDJ2
vAPQfTvjkiJp8jtBbM+aQbVhPddLxsf2kCxb94ICsK/aBH8xADh1eaw1IE4Y5gyH
yoejohS0Owjhj9+cPukIl6qJNFKeQB/Lk12M+m20pgFxdxzs2cSQgyjUowwBcGV4
4ez8+iAH/L85gt8tLr1vhjBgy0VJucbaF044fk2w2I1SFGJb9mnRQnFI929iY14h
2ACmR5N8Pftx+Neiy6nLLUedMYuvwkUtJBsOx/XH6u4UwGIl3GgFpNasnwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFDLkzGCecDcaLRrL1dd1LkvOkJ32MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvTXVUTVlKNXdOeG90R3N2VjEzVXVTODZRbmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQEJfuwAwQD
JfvIAwQDJfvwAwQDLudoAwQDPnooAwQBWSfSAwQBWSjcAwQDXhhAAwQBXhoYAwQE
bV6QAwQBwEAsMA0GCSqGSIb3DQEBCwUAA4IBAQAUGWl0uTF2fVTtBIB3YaeilC16
67cq+D9s9huccOI4xT1/5aq7L6h6IYNzq1vrJ7m6nFzTQeELGZJvRXFgZroKtvYv
ihRyJcBhjwNPQoSYot5MrYfKORgvoFLO9jNvEjVR2CPg/iYl1Aa0hPvaSG5M+L+R
s1YDbDM90hL2o0+7DoA3ZyuM8OwvBQDdvQFnjoaEZHV6+yjEcQoFvSofWEHFj4XL
xF+NM1Mf8uBdsaO2VIlrG3Sqk00xa/NEWqUitS6vRZqs+2eacGnZwLDB1sM8CJGK
SoIKq5kgsg2D789R6xUc+90OCiOs9TYyv/FOGkLwdZ0uXdzOWwYpvJlNrkjl
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:04:40 2025 by rpki-client