Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/73Z0pgRIwynzt50nzbrhl4NaOBg.roa
File: 73Z0pgRIwynzt50nzbrhl4NaOBg.roa (raw, json)
Hash identifier: TQMy70KW0SPcx2Q8b8UZ9qsTPXcbJtgorO7pPXQy6Yg=
Subject key identifier: EF:76:74:A6:04:48:C3:29:F3:B7:9D:27:CD:BA:E1:97:83:5A:38:18
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018571BA084D8935C6420E2BB4FA47E7DBB1
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/73Z0pgRIwynzt50nzbrhl4NaOBg.roa
Signing time: Mon 02 Jan 2023 09:04:55 +0000
ROA not before: Mon 02 Jan 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24768
IP address blocks: 94.46.133.0/24 maxlen: 24
94.46.160.0/20 maxlen: 24
94.46.176.0/21 maxlen: 21
82.102.7.0/24 maxlen: 24
94.46.128.0/21 maxlen: 21
94.46.132.0/24 maxlen: 24
185.15.20.0/22 maxlen: 22
185.15.20.0/24 maxlen: 24
185.15.23.0/24 maxlen: 24
185.15.22.0/24 maxlen: 24
130.185.85.0/24 maxlen: 24
130.185.84.0/24 maxlen: 24
130.185.83.0/24 maxlen: 24
130.185.82.0/24 maxlen: 24
130.185.81.0/24 maxlen: 24
130.185.80.0/21 maxlen: 21
130.185.86.0/24 maxlen: 24
130.185.87.0/24 maxlen: 24
94.46.27.0/24 maxlen: 24
94.46.26.0/24 maxlen: 24
94.46.25.0/24 maxlen: 24
94.46.30.0/24 maxlen: 24
94.46.29.0/24 maxlen: 24
94.46.28.0/24 maxlen: 24
94.46.28.0/22 maxlen: 22
109.71.42.0/24 maxlen: 24
109.71.41.0/24 maxlen: 24
109.71.40.0/21 maxlen: 21
109.71.40.0/24 maxlen: 24
109.71.44.0/24 maxlen: 24
109.71.43.0/24 maxlen: 24
109.71.45.0/24 maxlen: 24
109.71.47.0/24 maxlen: 24
109.71.46.0/24 maxlen: 24
94.46.13.0/24 maxlen: 24
94.46.12.0/24 maxlen: 24
94.46.12.0/22 maxlen: 22
94.46.16.0/22 maxlen: 22
94.46.16.0/24 maxlen: 24
94.46.15.0/24 maxlen: 24
94.46.14.0/24 maxlen: 24
94.46.20.0/24 maxlen: 24
94.46.20.0/22 maxlen: 22
94.46.23.0/24 maxlen: 24
94.46.22.0/24 maxlen: 24
94.46.21.0/24 maxlen: 24
2a00:1650:8000::/33 maxlen: 33
2a00:1650::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:08:4d:89:35:c6:42:0e:2b:b4:fa:47:e7:db:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jan 2 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef7674a60448c329f3b79d27cdbae197835a3818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:c9:d9:e3:ff:a5:85:92:23:cf:99:65:fc:
dc:9e:b8:a8:12:1c:cc:69:59:30:72:bd:5a:54:a6:
07:6f:b7:a7:a5:f1:dd:ac:75:96:ab:73:3c:b6:1f:
de:d8:2d:b4:5e:6e:d6:28:2f:16:77:44:d3:ba:82:
c5:32:f2:37:56:68:2c:2e:40:4f:e9:88:09:8e:c3:
b5:ab:69:87:3c:4a:aa:a3:e2:b6:0f:6a:2e:0c:84:
14:f1:de:74:6c:d5:57:06:86:15:e5:da:14:67:52:
a3:fe:47:8d:e7:85:e9:b7:12:86:67:18:b2:b2:37:
fc:3f:44:5c:2c:99:49:93:b0:88:15:78:1d:d3:89:
25:00:30:1c:91:cb:db:2b:74:c8:f0:69:fc:74:a6:
ae:6c:7b:6e:02:dd:ff:d4:37:a1:98:25:0f:57:28:
6e:f1:7a:8a:ad:8e:bc:31:c4:4b:6c:e4:d1:ee:96:
8c:ea:08:20:66:3e:f9:ad:e0:64:7d:0c:29:50:43:
f0:d2:e1:d1:7a:5b:ad:46:26:ef:f1:95:24:79:98:
e3:5f:b2:91:7e:7f:d5:67:72:c0:94:8e:e6:07:39:
9c:fd:02:93:51:c5:00:25:7d:8a:8b:2c:50:cf:8d:
eb:61:4e:fc:46:5b:09:2f:85:88:d9:d8:1f:9a:b5:
83:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:76:74:A6:04:48:C3:29:F3:B7:9D:27:CD:BA:E1:97:83:5A:38:18
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/73Z0pgRIwynzt50nzbrhl4NaOBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.102.7.0/24
94.46.12.0-94.46.23.255
94.46.25.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/32
Signature Algorithm: sha256WithRSAEncryption
a7:3d:00:29:a8:eb:b2:89:d0:3d:ad:64:95:5b:29:0d:45:9c:
b2:ab:60:16:77:ca:6f:7f:2f:07:62:d2:83:f2:49:c9:c9:f5:
d8:7d:00:b1:8b:da:06:ed:4c:3f:b2:2c:24:b0:c6:05:25:7c:
3e:1b:fe:ce:49:67:ba:23:f0:c0:20:5a:96:5f:85:08:b6:3e:
bc:19:31:0e:65:42:88:38:55:bd:9b:58:30:be:be:c4:94:af:
05:e0:ea:74:1c:b4:9f:ae:d8:ae:9e:da:d4:6f:12:b6:7e:63:
e0:d5:66:74:e8:c6:e4:9b:35:0f:bf:bc:df:4c:54:a4:bb:5b:
d3:8e:79:e8:8a:ba:ae:20:7f:08:1b:a4:d6:13:5d:95:29:ba:
17:2e:dc:54:3f:90:56:c0:07:e5:f5:66:68:4f:97:9e:a2:12:
e6:43:07:7c:34:ee:3c:5f:5d:fa:23:f0:18:bc:30:b4:f6:3e:
a7:96:78:65:08:83:2e:7a:c7:2c:f3:a5:f6:73:ed:44:bf:06:
43:77:34:06:d3:14:06:ec:ca:77:2b:89:b3:d1:8c:ba:23:20:
c0:00:f8:bb:28:9e:14:7d:26:cf:5a:df:c3:00:12:28:53:35:
21:79:cf:8b:e8:95:6a:9c:f0:f8:9f:86:47:e8:e9:52:77:2d:
af:ee:9e:2e
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVxughNiTXGQg4rtPpH59uxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjMwMTAyMDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjc2NzRhNjA0NDhjMzI5ZjNiNzlkMjdjZGJhZTE5NzgzNWEzODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuarJ2eP/pYWSI8+ZZfzcnrioEhzM
aVkwcr1aVKYHb7enpfHdrHWWq3M8th/e2C20Xm7WKC8Wd0TTuoLFMvI3VmgsLkBP
6YgJjsO1q2mHPEqqo+K2D2ouDIQU8d50bNVXBoYV5doUZ1Kj/keN54XptxKGZxiy
sjf8P0RcLJlJk7CIFXgd04klADAckcvbK3TI8Gn8dKaubHtuAt3/1DehmCUPVyhu
8XqKrY68McRLbOTR7paM6gggZj75reBkfQwpUEPw0uHRelutRibv8ZUkeZjjX7KR
fn/VZ3LAlI7mBzmc/QKTUcUAJX2KiyxQz43rYU78RlsJL4WI2dgfmrWDRwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFO92dKYESMMp87edJ8264ZeDWjgYMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvNzNaMHBnUkl3eW56dDUwbnpicmhsNE5hT0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAUmYHMAwD
BAJeLgwDBANeLhAwDAMEAF4uGQMEBV4uAAMEA14ugDAMAwQFXi6gAwQDXi6wAwQD
bUcoAwQDgrlQAwQCuQ8UMA0EAgACMAcDBQAqABZQMA0GCSqGSIb3DQEBCwUAA4IB
AQCnPQApqOuyidA9rWSVWykNRZyyq2AWd8pvfy8HYtKD8knJyfXYfQCxi9oG7Uw/
siwksMYFJXw+G/7OSWe6I/DAIFqWX4UItj68GTEOZUKIOFW9m1gwvr7ElK8F4Op0
HLSfrtiuntrUbxK2fmPg1WZ06MbkmzUPv7zfTFSku1vTjnnoirquIH8IG6TWE12V
KboXLtxUP5BWwAfl9WZoT5eeohLmQwd8NO48X136I/AYvDC09j6nlnhlCIMuescs
86X2c+1EvwZDdzQG0xQG7Mp3K4mz0Yy6IyDAAPi7KJ4UfSbPWt/DABIoUzUhec+L
6JVqnPD4n4ZH6OlSdy2v7p4u
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:19:34 2025 by rpki-client