Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/UbCWmkTBKtMgqtYfftK4bzNkfjc.roa
File: UbCWmkTBKtMgqtYfftK4bzNkfjc.roa (raw, json)
Hash identifier: 2USUqiqyvmda1iLGBaPyJ2mFdfz8AiGFv7Y7tVUma2g=
Subject key identifier: 51:B0:96:9A:44:C1:2A:D3:20:AA:D6:1F:7E:D2:B8:6F:33:64:7E:37
Certificate issuer: /CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Certificate serial: 019423697EDCFDBCD30EA737C55A2F2B7728
Authority key identifier: 7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/UbCWmkTBKtMgqtYfftK4bzNkfjc.roa
Signing time: Wed 01 Jan 2025 19:48:23 +0000
ROA not before: Wed 01 Jan 2025 19:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43930
IP address blocks: 185.108.32.0/22 maxlen: 24
185.108.33.0/24 maxlen: 24
185.108.34.0/24 maxlen: 24
185.194.164.0/23 maxlen: 23
185.194.164.0/24 maxlen: 24
185.194.165.0/24 maxlen: 24
193.57.128.0/22 maxlen: 22
193.57.128.0/23 maxlen: 23
2a02:c800::/32 maxlen: 32
2a02:c800:42::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7e:dc:fd:bc:d3:0e:a7:37:c5:5a:2f:2b:77:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Validity
Not Before: Jan 1 19:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51b0969a44c12ad320aad61f7ed2b86f33647e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1f:4f:5a:46:79:c8:1c:c9:df:b4:2f:44:06:
72:c5:49:37:a1:02:c3:97:a8:c0:38:8b:1f:96:31:
e9:59:8e:5e:92:f0:79:73:07:59:04:88:7c:d6:81:
f5:26:14:44:a7:0c:cd:3c:50:5b:22:de:e4:eb:b4:
9b:b9:0b:df:48:4f:6e:d9:86:5b:d4:eb:32:bd:04:
83:05:85:5f:5b:fe:02:37:28:ed:81:31:2e:70:36:
b2:00:17:2c:51:b2:aa:f7:2b:93:c8:77:88:68:da:
4b:a6:83:b7:87:9f:06:f5:0b:af:53:e0:ca:f7:f0:
61:d8:e9:1a:4e:8b:0b:2d:b7:99:26:1e:37:03:8f:
10:f5:0c:c1:7b:fb:16:14:c7:79:4e:ff:2e:b6:ce:
86:df:ed:56:12:2c:83:e4:b1:7e:1a:5a:c6:12:e2:
d3:b0:f7:ec:51:fb:8f:3e:f1:87:2a:17:c0:cc:d5:
85:19:ba:9d:2d:b1:6c:16:36:ff:15:99:f9:c8:28:
cc:59:e7:27:d0:de:cb:6d:16:82:61:ab:d4:8f:00:
29:7a:60:65:41:f6:b7:94:e1:24:05:c1:a7:65:20:
f2:22:b6:a2:54:3e:74:6a:bc:e4:89:b0:07:46:60:
43:b3:30:b0:1b:f9:84:ac:d3:bc:52:ca:6f:ba:c2:
7f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B0:96:9A:44:C1:2A:D3:20:AA:D6:1F:7E:D2:B8:6F:33:64:7E:37
X509v3 Authority Key Identifier:
keyid:7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/UbCWmkTBKtMgqtYfftK4bzNkfjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/e_OebrMTHs883c0MnjeMNS2kH8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.32.0/22
185.194.164.0/23
193.57.128.0/22
IPv6:
2a02:c800::/32
Signature Algorithm: sha256WithRSAEncryption
44:57:bf:e8:f4:c4:13:46:1e:7a:a2:57:8f:ee:4b:90:f7:70:
23:cd:86:61:8b:d2:3a:68:e1:de:17:c6:b9:da:fb:29:04:a1:
54:a3:86:65:fd:23:7c:07:88:ac:05:a7:a2:be:28:5a:80:fe:
e7:ea:bb:a7:b8:20:2e:45:5d:e0:0b:07:4f:18:31:27:65:01:
06:f3:93:c7:25:c7:c7:ba:ba:0a:0a:c0:6b:60:b3:8b:da:a9:
a6:e6:11:b0:31:38:0b:b7:a3:4a:d5:8d:06:7b:2e:80:07:22:
c0:21:a3:8c:1b:08:18:88:51:2e:ba:e9:b3:e3:85:01:39:7a:
5a:84:4e:8d:93:13:e2:2a:c6:a0:87:42:2d:6c:85:ca:0d:60:
cb:62:20:1d:64:78:13:fd:10:23:14:70:bf:11:01:2f:3b:42:
ef:fa:a8:55:f2:62:c2:ce:cf:35:95:c8:95:3b:90:36:2d:07:
30:a6:5b:ab:9a:fe:78:4f:4d:74:60:9c:02:36:0d:ca:b5:82:
d6:7d:13:1c:d5:64:89:96:19:58:18:ff:5d:13:10:dc:11:e4:
fb:ca:93:b5:00:a6:08:68:33:cf:fc:6e:cf:47:b0:2d:7e:4d:
59:65:60:74:63:af:75:34:fa:4a:64:65:38:77:aa:dd:3f:75:
7c:39:8a:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQjaX7c/bzTDqc3xVovK3coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZjM5ZTZlYjMxMzFlY2YzY2RkY2QwYzllMzc4YzM1MmRh
NDFmYzIwHhcNMjUwMTAxMTk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIwOTY5YTQ0YzEyYWQzMjBhYWQ2MWY3ZWQyYjg2ZjMzNjQ3ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR9PWkZ5yBzJ37QvRAZyxUk3oQLD
l6jAOIsfljHpWY5ekvB5cwdZBIh81oH1JhREpwzNPFBbIt7k67SbuQvfSE9u2YZb
1OsyvQSDBYVfW/4CNyjtgTEucDayABcsUbKq9yuTyHeIaNpLpoO3h58G9QuvU+DK
9/Bh2OkaTosLLbeZJh43A48Q9QzBe/sWFMd5Tv8uts6G3+1WEiyD5LF+GlrGEuLT
sPfsUfuPPvGHKhfAzNWFGbqdLbFsFjb/FZn5yCjMWecn0N7LbRaCYavUjwApemBl
Qfa3lOEkBcGnZSDyIraiVD50arzkibAHRmBDszCwG/mErNO8UspvusJ/SwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFGwlppEwSrTIKrWH37SuG8zZH43MB8GA1UdIwQY
MBaAFHvznm6zEx7PPN3NDJ43jDUtpB/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYt
Yzk2N2M5ZGI1NzUyLzEvVWJDV21rVEJLdE1ncXRZZmZ0SzRiek5rZmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYtYzk2N2M5ZGI1NzUy
LzEvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWwgAwQB
ucKkAwQCwTmAMA0EAgACMAcDBQAqAsgAMA0GCSqGSIb3DQEBCwUAA4IBAQBEV7/o
9MQTRh56oleP7kuQ93AjzYZhi9I6aOHeF8a52vspBKFUo4Zl/SN8B4isBaeiviha
gP7n6runuCAuRV3gCwdPGDEnZQEG85PHJcfHuroKCsBrYLOL2qmm5hGwMTgLt6NK
1Y0Gey6AByLAIaOMGwgYiFEuuumz44UBOXpahE6NkxPiKsagh0ItbIXKDWDLYiAd
ZHgT/RAjFHC/EQEvO0Lv+qhV8mLCzs81lciVO5A2LQcwplurmv54T010YJwCNg3K
tYLWfRMc1WSJlhlYGP9dExDcEeT7ypO1AKYIaDPP/G7PR7Atfk1ZZWB0Y691NPpK
ZGU4d6rdP3V8OYp3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net