Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UJiiBfcLHEDZEiyOH73Tdn_5zCg.roa
File: UJiiBfcLHEDZEiyOH73Tdn_5zCg.roa (raw, json)
Hash identifier: GFjT78ofBX5lOWGLmRTkI/0eAg8Ki+DanR9So/XxOLY=
Subject key identifier: 50:98:A2:05:F7:0B:1C:40:D9:12:2C:8E:1F:BD:D3:76:7F:F9:CC:28
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0194252221C233669DAD88A088C645ED1274
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UJiiBfcLHEDZEiyOH73Tdn_5zCg.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15755
IP address blocks: 185.35.21.0/24 maxlen: 24
185.96.168.0/24 maxlen: 24
185.96.171.0/24 maxlen: 24
185.203.32.0/24 maxlen: 24
185.203.33.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
185.203.35.0/24 maxlen: 24
2a00:7300::/32 maxlen: 32
2a00:7300::/48 maxlen: 48
2a0a:e0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:21:c2:33:66:9d:ad:88:a0:88:c6:45:ed:12:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5098a205f70b1c40d9122c8e1fbdd3767ff9cc28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:33:62:d3:1d:7e:03:40:10:73:c8:47:75:
f5:27:5d:0c:11:2f:ff:56:9e:af:25:23:78:a4:38:
17:0f:1e:bf:8c:98:61:bc:a4:72:48:d8:36:9d:ec:
b9:8e:53:4a:e6:67:c7:28:f7:80:0a:eb:6f:e1:33:
28:ac:e9:90:bd:5d:f0:84:d8:4f:c3:d3:ee:0a:ac:
99:28:6c:3b:a0:9a:1d:e9:20:ea:ce:b8:08:e7:13:
04:a6:2f:ba:f9:71:fc:42:51:b8:59:36:fe:4e:a7:
a5:51:39:73:ae:50:81:59:55:2b:58:f6:2f:3a:5d:
13:78:6a:a4:fb:6d:e0:48:82:bc:45:92:f7:04:6b:
20:dc:ef:df:a9:e8:3c:87:b9:c0:47:1f:dc:66:2d:
a3:13:7d:0a:91:bb:0b:40:e2:58:d8:d6:aa:d7:d4:
ab:8a:e5:fb:5b:af:4f:8a:8d:f6:98:82:e7:43:52:
31:9e:c4:f3:c6:85:3d:ed:8a:c8:63:7b:32:f2:14:
50:90:00:b4:39:54:2c:95:9e:bf:1c:86:6d:c3:d1:
84:cd:35:bc:f1:5c:e7:4a:c5:ca:85:73:ff:99:1d:
8d:44:68:68:bf:ee:1e:96:a4:07:ff:ac:ec:9f:58:
8d:82:1d:f9:38:4c:f6:53:45:48:5c:78:30:82:29:
67:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:98:A2:05:F7:0B:1C:40:D9:12:2C:8E:1F:BD:D3:76:7F:F9:CC:28
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/UJiiBfcLHEDZEiyOH73Tdn_5zCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.21.0/24
185.96.168.0/24
185.96.171.0/24
185.203.32.0/22
IPv6:
2a00:7300::/32
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:22:10:bf:62:e3:6f:76:02:e2:dd:34:10:ab:7a:7e:22:9a:
5d:96:ab:c6:6e:9c:13:5a:0b:2f:4a:ab:ae:1d:f4:1d:3a:c7:
b1:fe:46:bc:a3:34:d3:67:29:b4:09:61:b8:61:06:6f:19:a8:
91:e9:24:ea:34:ea:4a:ce:db:82:e8:cf:ae:e1:d6:1f:b6:89:
b8:1d:1d:24:e4:bd:d1:03:0d:5e:08:5e:92:6d:d1:15:31:e3:
7c:c1:23:00:a5:33:1c:9c:d8:09:88:d5:ea:fb:41:8e:d9:56:
11:fc:1f:c5:1d:d3:ec:3e:93:20:28:8f:8c:6a:15:5a:d1:33:
4d:22:97:72:01:52:fd:be:0b:e4:2b:45:92:85:18:29:73:9e:
7b:f5:78:61:9d:ec:37:46:91:19:52:2f:8c:7b:4c:96:e3:75:
16:8a:26:ac:16:c2:f1:19:c9:8a:7e:b5:b5:fa:74:71:55:4c:
ca:7a:6a:84:40:42:72:87:9e:2e:bc:3b:d0:b0:a4:9d:68:bb:
3d:aa:2e:ef:e8:1e:7d:f0:db:96:ac:67:cf:df:15:07:2b:fc:
15:18:94:2b:78:56:c1:1a:8b:8b:8f:b5:83:30:fb:5e:c8:42:
bc:29:30:e7:fd:e4:a8:c8:a0:ea:c5:e7:28:97:f9:a8:c3:6f:
6a:a7:63:47
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQlIiHCM2adrYigiMZF7RJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk4YTIwNWY3MGIxYzQwZDkxMjJjOGUxZmJkZDM3NjdmZjljYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dUzYtMdfgNAEHPIR3X1J10MES//
Vp6vJSN4pDgXDx6/jJhhvKRySNg2ney5jlNK5mfHKPeACutv4TMorOmQvV3whNhP
w9PuCqyZKGw7oJod6SDqzrgI5xMEpi+6+XH8QlG4WTb+TqelUTlzrlCBWVUrWPYv
Ol0TeGqk+23gSIK8RZL3BGsg3O/fqeg8h7nARx/cZi2jE30KkbsLQOJY2Naq19Sr
iuX7W69Pio32mILnQ1IxnsTzxoU97YrIY3sy8hRQkAC0OVQslZ6/HIZtw9GEzTW8
8VznSsXKhXP/mR2NRGhov+4elqQH/6zsn1iNgh35OEz2U0VIXHgwgilnfwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFCYogX3CxxA2RIsjh+903Z/+cwoMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvVUppaUJmY0xIRURaRWl5T0g3M1Rkbl81ekNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAuSMVAwQA
uWCoAwQAuWCrAwQCucsgMBQEAgACMA4DBQAqAHMAAwUDKgrgwDANBgkqhkiG9w0B
AQsFAAOCAQEAhyIQv2Ljb3YC4t00EKt6fiKaXZarxm6cE1oLL0qrrh30HTrHsf5G
vKM002cptAlhuGEGbxmokekk6jTqSs7bgujPruHWH7aJuB0dJOS90QMNXghekm3R
FTHjfMEjAKUzHJzYCYjV6vtBjtlWEfwfxR3T7D6TICiPjGoVWtEzTSKXcgFS/b4L
5CtFkoUYKXOee/V4YZ3sN0aRGVIvjHtMluN1FoomrBbC8RnJin61tfp0cVVMynpq
hEBCcoeeLrw70LCknWi7Paou7+geffDblqxnz98VByv8FRiUK3hWwRqLi4+1gzD7
XshCvCkw5/3kqMig6sXnKJf5qMNvaqdjRw==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:32 2025 by rpki-client on console.sobornost.net