Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/uBZl19XYTdc5SBXaRHXvV0GGF98.roa
File: uBZl19XYTdc5SBXaRHXvV0GGF98.roa (raw, json)
Hash identifier: 1Ti03xYR3EsLOQdndtqiFtUtuVxyXY66yoLYTtqG1ik=
Subject key identifier: B8:16:65:D7:D5:D8:4D:D7:39:48:15:DA:44:75:EF:57:41:86:17:DF
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 0195DD8AB544190F3DEBD748A016DE845ED7
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/uBZl19XYTdc5SBXaRHXvV0GGF98.roa
Signing time: Fri 28 Mar 2025 16:16:49 +0000
ROA not before: Fri 28 Mar 2025 16:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205845
IP address blocks: 45.154.168.0/22 maxlen: 24
185.204.120.0/22 maxlen: 24
185.204.120.0/24 maxlen: 24
185.204.121.0/24 maxlen: 24
2a0a:f740::/29 maxlen: 32
2a0a:f741::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:8a:b5:44:19:0f:3d:eb:d7:48:a0:16:de:84:5e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Mar 28 16:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b81665d7d5d84dd7394815da4475ef57418617df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:2e:66:2f:5b:be:5d:78:7d:49:b2:d1:9f:
86:eb:ac:00:5b:b1:32:9d:e2:c2:11:1b:26:30:01:
ab:7a:54:ab:b6:e7:5f:1c:03:c1:56:21:d8:fc:09:
9a:14:a3:fe:f9:a0:c6:57:35:35:98:2b:3b:2e:62:
87:3e:53:30:c4:f0:41:22:94:74:f6:a2:b7:bd:8d:
0b:21:c1:fd:7d:30:5a:d4:68:2f:f0:1a:ff:f8:aa:
71:7a:f5:3a:87:9c:c3:46:e1:53:4b:88:b4:39:47:
4a:27:bd:b0:66:a3:d3:20:fa:45:86:d9:a7:fd:23:
4c:9f:f7:9d:4b:24:bb:84:61:14:53:44:5e:fd:82:
3a:36:de:7f:e1:fe:28:d6:31:73:8b:74:5d:85:e6:
44:5c:9c:54:53:0d:b3:5e:b6:0e:1b:eb:9a:6f:ae:
e6:aa:c1:69:2c:c4:53:24:78:3d:9f:60:12:6e:45:
5b:c6:18:b6:3b:ba:4d:e1:a9:9f:3d:1b:15:13:3a:
f2:72:bc:4c:25:43:09:2f:eb:2d:c3:b1:25:e6:81:
7c:01:60:ca:bc:65:55:fc:3f:f4:9f:91:e3:4a:df:
e4:f4:e8:62:56:a3:69:ae:bb:d9:cf:d3:40:b1:d8:
dc:54:32:bc:14:c7:95:6b:52:c9:9d:bd:a2:c4:bd:
60:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:16:65:D7:D5:D8:4D:D7:39:48:15:DA:44:75:EF:57:41:86:17:DF
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/uBZl19XYTdc5SBXaRHXvV0GGF98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.168.0/22
185.204.120.0/22
IPv6:
2a0a:f740::/29
Signature Algorithm: sha256WithRSAEncryption
67:e5:1a:8e:19:80:fc:cc:9c:cb:1e:fa:e8:bf:93:bf:95:1e:
b8:04:dd:1a:18:f6:04:66:aa:28:bf:4b:87:24:5c:51:1b:50:
39:40:c1:e5:6d:d3:ff:f8:a8:ea:17:db:36:08:6a:f4:46:c9:
19:81:9a:4b:19:ff:d7:4e:39:34:38:16:6f:a8:72:b6:70:22:
49:d1:7d:39:3c:2d:2a:f6:79:4f:a8:06:2b:f6:5c:01:75:c5:
78:e6:13:7c:53:30:d0:1b:61:81:6b:c5:af:aa:75:2e:9c:9a:
59:e1:1d:d6:98:e8:1c:91:d3:1f:3e:e6:88:64:cb:cf:1d:c3:
80:46:5e:d9:6e:54:bc:85:1c:25:11:b8:00:78:5b:63:52:49:
e2:c4:39:20:18:31:f0:2c:09:5e:cf:76:21:5c:5f:1b:7e:ea:
7b:82:6f:42:36:25:2c:19:50:a1:b5:85:31:53:db:85:ab:24:
81:4b:ec:4b:02:f1:41:d5:91:5a:14:54:b4:af:11:87:85:a7:
1d:4f:d6:ba:46:b8:b3:0c:9f:0d:0e:4d:b0:5e:a4:e3:54:f3:
08:28:c0:cc:1d:97:21:ac:e7:4c:b2:74:52:9a:be:65:f1:ae:
0a:5f:9d:c5:c4:32:ae:a8:f3:3c:b8:44:0f:88:14:e6:4d:f6:
67:0c:a8:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZXdirVEGQ8969dIoBbehF7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWM0NWU0MzYyNTUyMjA4MGFlYzUzOTUyOTg5YTEzYTI4
YWJkMDAwHhcNMjUwMzI4MTYxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE2NjVkN2Q1ZDg0ZGQ3Mzk0ODE1ZGE0NDc1ZWY1NzQxODYxN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk0uZi9bvl14fUmy0Z+G66wAW7Ey
neLCERsmMAGrelSrtudfHAPBViHY/AmaFKP++aDGVzU1mCs7LmKHPlMwxPBBIpR0
9qK3vY0LIcH9fTBa1Ggv8Br/+KpxevU6h5zDRuFTS4i0OUdKJ72wZqPTIPpFhtmn
/SNMn/edSyS7hGEUU0Re/YI6Nt5/4f4o1jFzi3RdheZEXJxUUw2zXrYOG+uab67m
qsFpLMRTJHg9n2ASbkVbxhi2O7pN4amfPRsVEzrycrxMJUMJL+stw7El5oF8AWDK
vGVV/D/0n5HjSt/k9OhiVqNprrvZz9NAsdjcVDK8FMeVa1LJnb2ixL1gywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLgWZdfV2E3XOUgV2kR171dBhhffMB8GA1UdIwQY
MBaAFCOcReQ2JVIggK7FOVKYmhOiir0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2Njgt
OTc1YTIzN2VjZDA2LzEvdUJabDE5WFlUZGM1U0JYYVJIWHZWMEdHRjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2NjgtOTc1YTIzN2VjZDA2
LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZqoAwQC
ucx4MA0EAgACMAcDBQMqCvdAMA0GCSqGSIb3DQEBCwUAA4IBAQBn5RqOGYD8zJzL
Hvrov5O/lR64BN0aGPYEZqoov0uHJFxRG1A5QMHlbdP/+KjqF9s2CGr0RskZgZpL
Gf/XTjk0OBZvqHK2cCJJ0X05PC0q9nlPqAYr9lwBdcV45hN8UzDQG2GBa8WvqnUu
nJpZ4R3WmOgckdMfPuaIZMvPHcOARl7ZblS8hRwlEbgAeFtjUknixDkgGDHwLAle
z3YhXF8bfup7gm9CNiUsGVChtYUxU9uFqySBS+xLAvFB1ZFaFFS0rxGHhacdT9a6
RrizDJ8NDk2wXqTjVPMIKMDMHZchrOdMsnRSmr5l8a4KX53FxDKuqPM8uEQPiBTm
TfZnDKjs
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:52 2025 by rpki-client on console.sobornost.net