Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/uQXOy8u6bgLX962WxATWEIubKUg.roa
File: uQXOy8u6bgLX962WxATWEIubKUg.roa (raw, json)
Hash identifier: 6ltDdFTZ28FLubmZQDfnhcbtNnK2s99xJxy+wcJ1xto=
Subject key identifier: B9:05:CE:CB:CB:BA:6E:02:D7:F7:AD:96:C4:04:D6:10:8B:9B:29:48
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0196248E7E8AC2363B1F82D8C23F92402C5A
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/uQXOy8u6bgLX962WxATWEIubKUg.roa
Signing time: Fri 11 Apr 2025 11:14:00 +0000
ROA not before: Fri 11 Apr 2025 11:14:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201642
IP address blocks: 85.196.128.0/23 maxlen: 23
85.196.130.0/23 maxlen: 23
2a01:288:4005::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:8e:7e:8a:c2:36:3b:1f:82:d8:c2:3f:92:40:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Apr 11 11:14:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b905cecbcbba6e02d7f7ad96c404d6108b9b2948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:26:41:6c:67:a6:9b:38:a5:57:c3:bb:b9:4b:
12:2a:d2:24:da:3e:3d:21:a0:ae:fa:3b:42:b3:9b:
1d:66:44:f8:5f:af:db:59:7f:bb:6e:4b:23:b6:92:
80:bd:ae:94:b8:48:a1:b5:19:91:d4:39:1c:ec:eb:
ee:16:aa:19:04:f8:88:2a:8e:e4:af:82:61:15:c5:
27:65:47:31:f1:10:71:e6:50:33:5e:38:b4:24:59:
c4:7c:e7:fc:80:be:13:ec:59:ba:ce:68:73:c1:89:
d9:2f:58:10:ce:4c:bd:3d:fa:ba:9c:69:63:6d:77:
cc:39:a9:9e:1e:34:6b:a1:9f:4a:a1:ee:51:76:e6:
48:00:a8:bf:12:d2:9e:35:b0:df:4f:10:fb:03:53:
59:31:91:04:f2:b7:aa:1c:0b:31:af:6b:85:7e:4d:
16:8e:9e:6e:09:82:c3:e8:b5:56:d3:b4:a8:0b:f1:
87:d7:d3:03:f9:1f:2a:61:ca:86:1a:6a:0a:ed:79:
23:b3:81:f8:45:fc:e3:24:0b:52:a6:16:33:21:0a:
c0:d2:48:20:7f:b4:8f:c8:68:98:26:ad:4a:12:d8:
30:52:63:a3:57:4e:b2:49:4c:36:38:9e:22:a7:aa:
8a:ff:e6:00:fa:1d:0a:62:d3:1f:e8:e4:cd:3e:af:
0d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:05:CE:CB:CB:BA:6E:02:D7:F7:AD:96:C4:04:D6:10:8B:9B:29:48
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/uQXOy8u6bgLX962WxATWEIubKUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.196.128.0/22
IPv6:
2a01:288:4005::/48
Signature Algorithm: sha256WithRSAEncryption
15:49:7d:be:74:66:9c:82:d7:98:37:02:f8:e0:e1:fa:69:ed:
6f:67:79:7b:a6:eb:18:12:27:82:77:27:24:32:d3:ff:11:bf:
a0:23:a9:8d:97:f0:e3:2b:c0:d8:8e:72:7b:4e:0b:76:17:5b:
c2:ec:7c:f5:d6:55:99:b1:b8:9b:42:f6:00:7a:b9:cc:3c:89:
c0:22:ed:fb:32:85:d0:4c:86:9d:30:62:22:a3:02:07:c8:15:
eb:3c:1d:d4:d1:36:9f:66:70:41:33:e4:fc:00:73:5d:0a:f0:
ea:d1:9b:ef:77:23:91:ba:9d:d6:af:cd:b1:7f:89:f1:63:15:
92:5b:c5:22:7e:2e:31:51:15:4c:3e:3d:d6:ab:87:99:2d:15:
0d:ef:ee:4a:c3:5a:ff:c7:a3:af:e5:da:c6:a9:90:2d:95:70:
4e:62:76:c6:8b:73:05:3a:de:c7:0f:e9:6c:d0:c6:2d:69:01:
72:70:ee:4e:51:74:51:d2:16:ce:72:21:06:7c:bf:15:ef:26:
a5:e5:2e:2f:35:2e:70:53:17:d1:fe:eb:51:8f:71:2d:39:9e:
d4:6c:cc:59:21:e9:32:b0:fd:a7:ae:61:f6:4a:f9:8f:4a:bd:
0f:69:0e:83:92:5f:30:3d:04:9b:b0:fd:18:aa:a9:1a:79:05:
f7:1c:c8:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYkjn6KwjY7H4LYwj+SQCxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwNDExMTExNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA1Y2VjYmNiYmE2ZTAyZDdmN2FkOTZjNDA0ZDYxMDhiOWIyOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSZBbGemmzilV8O7uUsSKtIk2j49
IaCu+jtCs5sdZkT4X6/bWX+7bksjtpKAva6UuEihtRmR1Dkc7OvuFqoZBPiIKo7k
r4JhFcUnZUcx8RBx5lAzXji0JFnEfOf8gL4T7Fm6zmhzwYnZL1gQzky9Pfq6nGlj
bXfMOameHjRroZ9Koe5RduZIAKi/EtKeNbDfTxD7A1NZMZEE8reqHAsxr2uFfk0W
jp5uCYLD6LVW07SoC/GH19MD+R8qYcqGGmoK7Xkjs4H4RfzjJAtSphYzIQrA0kgg
f7SPyGiYJq1KEtgwUmOjV06ySUw2OJ4ip6qK/+YA+h0KYtMf6OTNPq8NcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkFzsvLum4C1/etlsQE1hCLmylIMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvdVFYT3k4dTZiZ0xYOTYyV3hBVFdFSXViS1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCVcSAMA8E
AgACMAkDBwAqAQKIQAUwDQYJKoZIhvcNAQELBQADggEBABVJfb50ZpyC15g3Avjg
4fpp7W9neXum6xgSJ4J3JyQy0/8Rv6AjqY2X8OMrwNiOcntOC3YXW8LsfPXWVZmx
uJtC9gB6ucw8icAi7fsyhdBMhp0wYiKjAgfIFes8HdTRNp9mcEEz5PwAc10K8OrR
m+93I5G6ndavzbF/ifFjFZJbxSJ+LjFRFUw+Pdarh5ktFQ3v7krDWv/Ho6/l2sap
kC2VcE5idsaLcwU63scP6WzQxi1pAXJw7k5RdFHSFs5yIQZ8vxXvJqXlLi81LnBT
F9H+61GPcS05ntRszFkh6TKw/aeuYfZK+Y9KvQ9pDoOSXzA9BJuw/RiqqRp5Bfcc
yMo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net