Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KCCAvsdFABptcdWkmYzNnQ9RL6E.roa
File: KCCAvsdFABptcdWkmYzNnQ9RL6E.roa (raw, json)
Hash identifier: DSZuLAxhdSWLE0DFN+BFigCnq9IYv1dV5jCeoEQh9rg=
Subject key identifier: 28:20:80:BE:C7:45:00:1A:6D:71:D5:A4:99:8C:CD:9D:0F:51:2F:A1
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019482E5D01596E1DF4B77BEB8383F2E1A8D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KCCAvsdFABptcdWkmYzNnQ9RL6E.roa
Signing time: Mon 20 Jan 2025 08:48:06 +0000
ROA not before: Mon 20 Jan 2025 08:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214192
IP address blocks: 85.133.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:e5:d0:15:96:e1:df:4b:77:be:b8:38:3f:2e:1a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 20 08:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=282080bec745001a6d71d5a4998ccd9d0f512fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:27:1c:40:f3:20:e6:86:2f:9e:9a:56:f9:
a4:ac:e5:de:89:31:56:90:c0:ec:0b:22:3e:2b:cc:
51:ee:ba:03:eb:80:a7:7e:75:c6:cc:bb:95:0d:c3:
bd:24:eb:b4:35:dd:db:08:18:62:58:dc:e4:5d:43:
34:5d:18:ae:44:65:77:c6:0f:56:08:80:20:dd:57:
4f:24:ad:d9:ee:b9:96:cb:a8:ed:df:7b:6a:b7:44:
6d:23:ad:df:87:f4:fc:ea:85:84:65:64:5d:e5:a3:
b3:45:00:b2:d8:29:cc:58:7b:f7:d6:40:7f:8d:e8:
f1:d6:42:28:ab:71:32:29:7c:ca:3d:a3:92:99:6c:
a1:da:06:8e:d2:a4:b9:fa:4f:5d:ae:82:18:a1:0a:
8a:b5:2f:2d:49:e7:36:34:4f:6b:39:0b:60:b0:13:
d5:78:28:85:5f:5e:03:4e:b5:6a:3d:15:61:2d:4e:
28:23:97:a0:53:ff:59:c2:a1:41:30:be:a5:ad:f2:
ca:fa:d1:d9:a7:74:71:13:cb:0a:ba:21:3d:29:a0:
bd:f3:c3:6a:28:64:00:ce:9a:06:07:05:46:5c:fb:
e9:6d:08:d6:bc:f1:e0:62:58:c2:3d:c8:8c:c8:0f:
cb:59:5d:20:ec:06:18:4f:7b:15:53:a1:83:97:43:
9b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:20:80:BE:C7:45:00:1A:6D:71:D5:A4:99:8C:CD:9D:0F:51:2F:A1
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KCCAvsdFABptcdWkmYzNnQ9RL6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.224.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:0b:76:4f:93:59:01:39:ae:b9:60:7d:ed:b3:a9:c7:f6:15:
e9:ce:d4:9d:bb:42:8a:da:8a:ad:90:5c:52:8c:7d:ab:27:af:
87:4b:14:7a:b2:78:17:26:77:87:85:44:33:d2:26:24:73:ff:
d2:ca:02:fd:2c:b6:cd:63:9f:a1:a6:4c:83:77:bb:91:e0:31:
cd:a5:6d:d7:ae:98:90:13:e5:49:9f:b0:58:45:73:27:dd:5b:
65:52:48:fb:b0:8a:21:aa:37:ed:bb:de:df:7d:aa:cd:94:94:
57:8a:aa:f6:66:0c:7f:62:4c:41:3d:81:b5:e5:a3:ad:f1:4b:
08:6a:42:ff:9e:54:23:a6:62:36:9e:09:03:ee:21:34:a7:a2:
9a:fb:b2:4f:6c:3c:3a:9a:f7:b5:4a:36:36:45:8f:a2:ec:06:
ce:fe:ca:3d:41:08:91:c2:93:33:76:97:fe:71:e5:b3:22:f6:
48:be:79:61:44:0e:d6:eb:09:d9:e0:f7:48:e7:73:e4:26:06:
d8:33:be:f5:f4:df:cf:bd:b6:55:dc:70:bc:1a:09:66:63:57:
c5:64:81:9b:27:52:37:f2:94:d1:9c:a0:16:6d:0a:5c:d8:77:
39:5e:7f:fb:00:cc:d0:b5:7e:0d:59:ec:c0:4f:c2:68:a9:d2:
68:47:37:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSC5dAVluHfS3e+uDg/LhqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMTIwMDg0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODIwODBiZWM3NDUwMDFhNmQ3MWQ1YTQ5OThjY2Q5ZDBmNTEyZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mcnHEDzIOaGL56aVvmkrOXeiTFW
kMDsCyI+K8xR7roD64CnfnXGzLuVDcO9JOu0Nd3bCBhiWNzkXUM0XRiuRGV3xg9W
CIAg3VdPJK3Z7rmWy6jt33tqt0RtI63fh/T86oWEZWRd5aOzRQCy2CnMWHv31kB/
jejx1kIoq3EyKXzKPaOSmWyh2gaO0qS5+k9droIYoQqKtS8tSec2NE9rOQtgsBPV
eCiFX14DTrVqPRVhLU4oI5egU/9ZwqFBML6lrfLK+tHZp3RxE8sKuiE9KaC988Nq
KGQAzpoGBwVGXPvpbQjWvPHgYljCPciMyA/LWV0g7AYYT3sVU6GDl0Ob6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgggL7HRQAabXHVpJmMzZ0PUS+hMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvS0NDQXZzZEZBQnB0Y2RXa21Zek5uUTlSTDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXgMA0G
CSqGSIb3DQEBCwUAA4IBAQBeC3ZPk1kBOa65YH3ts6nH9hXpztSdu0KK2oqtkFxS
jH2rJ6+HSxR6sngXJneHhUQz0iYkc//SygL9LLbNY5+hpkyDd7uR4DHNpW3XrpiQ
E+VJn7BYRXMn3VtlUkj7sIohqjftu97ffarNlJRXiqr2Zgx/YkxBPYG15aOt8UsI
akL/nlQjpmI2ngkD7iE0p6Ka+7JPbDw6mve1SjY2RY+i7AbO/so9QQiRwpMzdpf+
ceWzIvZIvnlhRA7W6wnZ4PdI53PkJgbYM7719N/PvbZV3HC8GglmY1fFZIGbJ1I3
8pTRnKAWbQpc2Hc5Xn/7AMzQtX4NWezAT8JoqdJoRzeN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:42 2025 by rpki-client