Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/KCZ8931mruroUeC2EklhYNYZMhk.roa
File: KCZ8931mruroUeC2EklhYNYZMhk.roa (raw, json)
Hash identifier: pLo7GF7KCJuqNyb6P7+WJECmyZb8gfUmcMbRagvWoN0=
Subject key identifier: 28:26:7C:F7:7D:66:AE:EA:E8:51:E0:B6:12:49:61:60:D6:19:32:19
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 447EBC8F
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/KCZ8931mruroUeC2EklhYNYZMhk.roa
Signing time: Sat 01 Jan 2022 16:06:43 +0000
ROA not before: Sat 01 Jan 2022 16:06:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24768
IP address blocks: 94.46.133.0/24 maxlen: 24
94.46.160.0/20 maxlen: 24
94.46.176.0/21 maxlen: 21
82.102.7.0/24 maxlen: 24
94.46.128.0/21 maxlen: 21
94.46.132.0/24 maxlen: 24
185.15.20.0/22 maxlen: 22
185.15.20.0/24 maxlen: 24
185.15.23.0/24 maxlen: 24
185.15.22.0/24 maxlen: 24
130.185.85.0/24 maxlen: 24
130.185.84.0/24 maxlen: 24
130.185.83.0/24 maxlen: 24
130.185.82.0/24 maxlen: 24
130.185.81.0/24 maxlen: 24
130.185.80.0/21 maxlen: 21
130.185.86.0/24 maxlen: 24
130.185.87.0/24 maxlen: 24
94.46.27.0/24 maxlen: 24
94.46.26.0/24 maxlen: 24
94.46.25.0/24 maxlen: 24
94.46.30.0/24 maxlen: 24
94.46.29.0/24 maxlen: 24
94.46.28.0/24 maxlen: 24
94.46.28.0/22 maxlen: 22
109.71.42.0/24 maxlen: 24
109.71.41.0/24 maxlen: 24
109.71.40.0/21 maxlen: 21
109.71.40.0/24 maxlen: 24
109.71.44.0/24 maxlen: 24
109.71.43.0/24 maxlen: 24
109.71.45.0/24 maxlen: 24
109.71.47.0/24 maxlen: 24
109.71.46.0/24 maxlen: 24
94.46.13.0/24 maxlen: 24
94.46.12.0/24 maxlen: 24
94.46.12.0/22 maxlen: 22
94.46.16.0/22 maxlen: 22
94.46.16.0/24 maxlen: 24
94.46.15.0/24 maxlen: 24
94.46.14.0/24 maxlen: 24
94.46.20.0/24 maxlen: 24
94.46.20.0/22 maxlen: 22
94.46.23.0/24 maxlen: 24
94.46.22.0/24 maxlen: 24
94.46.21.0/24 maxlen: 24
2a00:1650:8000::/33 maxlen: 33
2a00:1650::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149156495 (0x447ebc8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jan 1 16:06:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28267cf77d66aeeae851e0b612496160d6193219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:9b:14:96:84:8c:cd:c1:fb:0c:13:2d:0f:
fd:4a:d9:63:ab:3b:93:28:9e:83:af:5e:af:5a:da:
c0:2a:17:5f:f6:ce:c7:5c:ec:7f:81:5c:7f:76:2f:
ad:f7:b2:ec:0c:f9:18:9b:94:ad:e5:b6:db:4a:15:
c3:30:33:2b:67:d4:96:b7:33:2a:9d:71:b2:94:f3:
cf:bc:99:15:62:ae:3d:48:c9:68:1b:f4:d8:f1:63:
cb:7a:fb:29:c3:7e:65:0e:97:6a:20:1e:b5:f8:d1:
99:83:02:5a:b9:78:d8:2a:65:02:88:8f:99:3c:8d:
8a:18:01:13:59:39:4f:91:64:c1:46:19:9c:8c:c8:
d1:9d:94:b9:76:92:76:74:27:24:9d:b4:05:50:7b:
7a:ad:c4:98:64:d4:dd:16:89:1e:3c:05:10:17:ae:
7b:e1:bc:46:17:77:fe:5c:2a:08:99:44:4b:41:61:
73:f4:3b:4d:90:9e:c5:25:28:ac:41:67:25:78:1b:
a6:d1:a6:63:b3:3b:83:b8:11:3a:75:83:c5:7e:50:
ac:10:b5:ca:b5:34:7a:1f:b0:e3:27:bd:19:93:e7:
53:5d:94:37:3d:04:4d:e2:63:09:40:7c:68:e2:b8:
05:44:de:9d:29:55:35:80:e1:f5:40:ca:d7:80:4a:
d2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:26:7C:F7:7D:66:AE:EA:E8:51:E0:B6:12:49:61:60:D6:19:32:19
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/KCZ8931mruroUeC2EklhYNYZMhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.102.7.0/24
94.46.12.0-94.46.23.255
94.46.25.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/32
Signature Algorithm: sha256WithRSAEncryption
8d:47:71:78:fd:2c:6a:cb:e6:83:00:02:af:f4:41:ee:71:71:
f2:46:01:ea:11:2c:a1:8d:70:98:3b:41:c6:6e:d9:2c:ed:2c:
81:13:ac:10:e0:e1:35:c4:f4:c1:f3:98:56:0d:10:d4:4b:cc:
74:89:68:5c:0a:05:2e:48:0a:01:99:3b:79:6e:3d:57:9c:6b:
91:37:2c:85:30:f0:c5:b0:f5:9d:01:1f:d2:5d:68:65:e0:9a:
03:ee:d9:26:d1:b8:fe:90:f0:39:c6:b1:a4:6c:ad:cd:0c:ea:
83:ff:f2:4f:5c:a6:c6:85:22:e8:ee:47:26:9d:2e:1a:f9:3a:
80:93:30:73:4e:c7:f0:ab:fa:6b:23:82:4a:26:3c:51:56:62:
2c:fa:72:a3:c9:23:41:42:4d:a7:73:b2:11:15:59:5d:d2:6b:
82:8c:f8:d7:72:d3:51:0b:e3:0b:18:54:7e:7b:24:f9:db:d5:
78:a5:b9:78:02:8b:3a:27:3a:3f:a7:f1:90:49:05:d3:f1:21:
4a:08:66:2a:4c:26:5c:d2:c6:8b:f9:6d:d2:fb:11:cb:1f:d2:
44:dc:ce:ef:bf:d5:68:c3:15:7a:32:2e:65:7c:5f:b6:00:7e:
b5:e4:8b:c3:57:e3:87:3e:2b:67:7c:55:81:ab:a7:31:d3:e3:
31:6b:a4:a5
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIERH68jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTQ1YTcyMDAxNjQ5MTIwNDFiYjkzMWVmYjFmZWFjMTIzYjQzYTE4MB4XDTIyMDEw
MTE2MDY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgyNjdjZjc3ZDY2
YWVlYWU4NTFlMGI2MTI0OTYxNjBkNjE5MzIxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVhmxSWhIzNwfsMEy0P/UrZY6s7kyieg69er1rawCoXX/bO
x1zsf4Fcf3Yvrfey7Az5GJuUreW220oVwzAzK2fUlrczKp1xspTzz7yZFWKuPUjJ
aBv02PFjy3r7KcN+ZQ6XaiAetfjRmYMCWrl42CplAoiPmTyNihgBE1k5T5FkwUYZ
nIzI0Z2UuXaSdnQnJJ20BVB7eq3EmGTU3RaJHjwFEBeue+G8Rhd3/lwqCJlES0Fh
c/Q7TZCexSUorEFnJXgbptGmY7M7g7gROnWDxX5QrBC1yrU0eh+w4ye9GZPnU12U
Nz0ETeJjCUB8aOK4BUTenSlVNYDh9UDK14BK0jECAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQoJnz3fWau6uhR4LYSSWFg1hkyGTAfBgNVHSMEGDAWgBQ1RacgAWSRIEG7
kx77H+rBI7Q6GDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05VV25JQUZra1NCQnU1TWUteF9xd1NPME9oZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNTljNGI4LTg3ZjQtNGYyZi1hNDQ5LWFhYmIwNjJlNDBkYi8x
L0tDWjg5MzFtcnVyb1VlQzJFa2xoWU5ZWk1oay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
NTljNGI4LTg3ZjQtNGYyZi1hNDQ5LWFhYmIwNjJlNDBkYi8xL05VV25JQUZra1NC
QnU1TWUteF9xd1NPME9oZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAFJmBzAMAwQCXi4MAwQDXi4QMAwD
BABeLhkDBAVeLgADBANeLoAwDAMEBV4uoAMEA14usAMEA21HKAMEA4K5UAMEArkP
FDANBAIAAjAHAwUAKgAWUDANBgkqhkiG9w0BAQsFAAOCAQEAjUdxeP0sasvmgwAC
r/RB7nFx8kYB6hEsoY1wmDtBxm7ZLO0sgROsEODhNcT0wfOYVg0Q1EvMdIloXAoF
LkgKAZk7eW49V5xrkTcshTDwxbD1nQEf0l1oZeCaA+7ZJtG4/pDwOcaxpGytzQzq
g//yT1ymxoUi6O5HJp0uGvk6gJMwc07H8Kv6ayOCSiY8UVZiLPpyo8kjQUJNp3Oy
ERVZXdJrgoz413LTUQvjCxhUfnsk+dvVeKW5eAKLOic6P6fxkEkF0/EhSghmKkwm
XNLGi/lt0vsRyx/SRNzO77/VaMMVejIuZXxftgB+teSLw1fjhz4rZ3xVgaunMdPj
MWukpQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:19:37 2025 by rpki-client