Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/ujFYCfp3NT3vzURuQfX3QSbCmrc.roa
File: ujFYCfp3NT3vzURuQfX3QSbCmrc.roa (raw, json)
Hash identifier: Mq+9HfcpF+4pzQa3kfg+LdSo4w+vmYd+Egj8pIwlOE4=
Subject key identifier: BA:31:58:09:FA:77:35:3D:EF:CD:44:6E:41:F5:F7:41:26:C2:9A:B7
Certificate issuer: /CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Certificate serial: 0194266B7A5838946B00FF14C2293BF5AE11
Authority key identifier: 4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/ujFYCfp3NT3vzURuQfX3QSbCmrc.roa
Signing time: Thu 02 Jan 2025 09:49:25 +0000
ROA not before: Thu 02 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43950
IP address blocks: 5.252.156.0/22 maxlen: 22
79.98.32.0/21 maxlen: 21
79.98.32.0/24 maxlen: 24
79.98.33.0/24 maxlen: 24
79.98.35.0/24 maxlen: 24
79.98.39.0/24 maxlen: 24
193.239.8.0/22 maxlen: 22
2a01:568::/32 maxlen: 32
2a01:568::/36 maxlen: 36
2a01:568:3000::/36 maxlen: 36
2a01:568:4000::/36 maxlen: 36
2a01:568:5000::/36 maxlen: 36
2a01:568:6000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7a:58:38:94:6b:00:ff:14:c2:29:3b:f5:ae:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Validity
Not Before: Jan 2 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba315809fa77353defcd446e41f5f74126c29ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f0:36:16:e7:86:fd:d5:4b:d2:46:5a:5a:87:
a8:aa:56:6d:3a:70:35:a0:0b:94:a7:ca:2a:bd:93:
b4:62:77:68:d1:e0:3e:7d:2d:24:48:5b:73:7a:c2:
7f:f8:24:06:36:22:dc:f8:fb:28:11:3d:a7:ad:3f:
bd:45:54:40:99:6f:51:ed:b3:9b:26:17:f8:b2:a9:
15:5d:d1:ee:03:f3:be:d5:da:3c:68:3a:67:e4:8a:
81:2a:ca:fd:fa:d8:9d:7f:a5:72:be:cf:4a:a7:5d:
ca:53:db:b1:e9:fe:5a:87:53:b2:64:6b:e1:a8:3f:
9b:48:6e:22:e5:e2:ff:90:88:e6:ca:1e:3f:7f:a4:
8a:5f:8e:2d:ff:12:c9:d3:04:b0:cc:c2:5e:a9:39:
19:91:f0:47:23:03:6d:6e:ca:58:a3:45:ab:d8:02:
13:97:ef:1b:5b:80:51:d3:af:85:d0:12:78:64:f6:
4d:da:50:e1:80:dd:11:a6:44:ab:4e:a6:28:ec:0e:
bb:b8:31:f0:cf:12:f7:52:7a:aa:eb:a0:f2:44:5d:
1b:c3:32:f7:97:fb:82:31:b3:18:87:44:ee:0e:4b:
96:e5:cf:19:48:35:79:43:f4:ff:85:f8:a9:55:a6:
d2:47:dd:6b:6a:3d:50:b3:99:2e:14:f8:b5:28:b5:
a6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:31:58:09:FA:77:35:3D:EF:CD:44:6E:41:F5:F7:41:26:C2:9A:B7
X509v3 Authority Key Identifier:
keyid:4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/ujFYCfp3NT3vzURuQfX3QSbCmrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.156.0/22
79.98.32.0/21
193.239.8.0/22
IPv6:
2a01:568::/32
Signature Algorithm: sha256WithRSAEncryption
ab:2f:3f:ca:45:7a:8c:92:13:28:fc:7c:78:1c:08:e1:17:44:
ee:2c:10:fe:f7:04:aa:6d:2e:90:8d:cd:9b:12:3d:65:19:74:
b4:53:7d:e6:a2:26:ed:90:e4:d4:b1:0f:10:1c:42:e7:67:af:
d5:34:0f:15:ff:7c:47:67:f9:63:2a:74:e3:06:b3:ad:e0:79:
ad:1f:e5:2b:87:ae:6a:84:87:76:fa:e3:94:b7:79:6c:9b:73:
a2:d2:32:2b:d2:3c:80:9b:dd:b0:35:43:3a:fc:b6:05:d2:51:
88:5d:f4:c7:f6:c5:d9:9f:43:7b:56:e6:40:d2:67:3e:fb:51:
0c:7b:a2:6f:71:73:0f:be:97:a7:e8:d4:44:f3:9c:a7:15:e5:
bd:f0:41:92:6c:48:5d:55:16:c2:8a:c5:c8:3c:ef:8d:9a:59:
6b:e5:69:ca:61:d8:4f:d0:75:6f:31:4e:9d:0f:a5:84:0c:43:
8f:c7:8a:a3:14:4f:d6:cb:83:a8:ae:32:62:d2:a9:56:8f:53:
7c:91:a2:63:89:9b:7e:87:43:d8:8c:45:4b:6c:55:f2:68:b4:
53:ee:5c:5e:02:29:ae:be:f8:a3:bd:6d:6d:f5:46:ce:c3:38:
c4:72:5b:47:f7:73:08:f4:a3:99:4f:07:8a:e4:cc:a2:5a:82:
86:58:d7:24
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma3pYOJRrAP8Uwik79a4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMzAyYTJkZDUxN2E2MWEzYjk1Mjc0NmYyZWU5ZmJlNDM2
ZDYzNDkwHhcNMjUwMTAyMDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTMxNTgwOWZhNzczNTNkZWZjZDQ0NmU0MWY1Zjc0MTI2YzI5YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPA2FueG/dVL0kZaWoeoqlZtOnA1
oAuUp8oqvZO0Yndo0eA+fS0kSFtzesJ/+CQGNiLc+PsoET2nrT+9RVRAmW9R7bOb
Jhf4sqkVXdHuA/O+1do8aDpn5IqBKsr9+tidf6Vyvs9Kp13KU9ux6f5ah1OyZGvh
qD+bSG4i5eL/kIjmyh4/f6SKX44t/xLJ0wSwzMJeqTkZkfBHIwNtbspYo0Wr2AIT
l+8bW4BR06+F0BJ4ZPZN2lDhgN0RpkSrTqYo7A67uDHwzxL3Unqq66DyRF0bwzL3
l/uCMbMYh0TuDkuW5c8ZSDV5Q/T/hfipVabSR91raj1Qs5kuFPi1KLWmEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLoxWAn6dzU9781EbkH190Emwpq3MB8GA1UdIwQY
MBaAFE0wKi3VF6YaO5UnRvLun75DbWNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDct
MTY2ZmI5ZGI2ZGIzLzEvdWpGWUNmcDNOVDN2elVSdVFmWDNRU2JDbXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDctMTY2ZmI5ZGI2ZGIz
LzEvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBfycAwQD
T2IgAwQCwe8IMA0EAgACMAcDBQAqAQVoMA0GCSqGSIb3DQEBCwUAA4IBAQCrLz/K
RXqMkhMo/Hx4HAjhF0TuLBD+9wSqbS6Qjc2bEj1lGXS0U33moibtkOTUsQ8QHELn
Z6/VNA8V/3xHZ/ljKnTjBrOt4HmtH+Urh65qhId2+uOUt3lsm3Oi0jIr0jyAm92w
NUM6/LYF0lGIXfTH9sXZn0N7VuZA0mc++1EMe6JvcXMPvpen6NRE85ynFeW98EGS
bEhdVRbCisXIPO+Nmllr5WnKYdhP0HVvMU6dD6WEDEOPx4qjFE/Wy4OorjJi0qlW
j1N8kaJjiZt+h0PYjEVLbFXyaLRT7lxeAimuvvijvW1t9UbOwzjEcltH93MI9KOZ
TweK5MyiWoKGWNck
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:06 2025 by rpki-client on console.sobornost.net