Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/27bc2d-152f-41e5-92b7-02bd37e7b9a0/1/KZRh8_F4tNGUadsNOp1Iq4iUKMI.roa
File: KZRh8_F4tNGUadsNOp1Iq4iUKMI.roa (raw, json)
Hash identifier: BRq8P0oDYcB2kzFT6WwLt9n3G0+p7aQkpwIQnVB5pv8=
Subject key identifier: 29:94:61:F3:F1:78:B4:D1:94:69:DB:0D:3A:9D:48:AB:88:94:28:C2
Certificate issuer: /CN=90c729efd4b5ffe436de413942263fa74d6bd1e8
Certificate serial: C509AD
Authority key identifier: 90:C7:29:EF:D4:B5:FF:E4:36:DE:41:39:42:26:3F:A7:4D:6B:D1:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMcp79S1_-Q23kE5QiY_p01r0eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/27bc2d-152f-41e5-92b7-02bd37e7b9a0/1/KZRh8_F4tNGUadsNOp1Iq4iUKMI.roa
Signing time: Sat 01 Jan 2022 07:54:33 +0000
ROA not before: Sat 01 Jan 2022 07:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49215
IP address blocks: 83.220.0.0/21 maxlen: 21
83.220.11.0/24 maxlen: 24
83.220.10.0/24 maxlen: 24
83.220.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12913069 (0xc509ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c729efd4b5ffe436de413942263fa74d6bd1e8
Validity
Not Before: Jan 1 07:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299461f3f178b4d19469db0d3a9d48ab889428c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:9a:63:2a:ee:34:8f:30:53:36:1f:d6:b3:
d6:68:c1:43:6a:28:6f:dc:87:0d:8f:15:97:f4:40:
db:52:80:d1:40:0a:60:ab:8a:69:71:bd:e9:89:40:
6c:af:db:f9:53:1e:e8:6a:a8:20:f0:d5:ea:98:64:
80:73:86:0c:d2:79:19:28:04:60:99:a0:8f:22:0e:
b1:3d:6b:31:26:ac:d6:0a:a1:3e:23:8c:17:df:47:
74:72:43:92:eb:4f:bc:cb:45:d3:5e:e7:29:42:b5:
ff:0e:0b:49:57:59:f0:b9:2f:df:59:91:f9:8b:8b:
46:85:af:5c:17:00:f5:7a:e3:52:66:c2:e1:d8:ba:
2c:68:25:6e:6c:0c:a5:e3:a3:2e:af:ee:39:81:6b:
45:c8:6b:61:e8:0d:f5:fa:f7:c7:f7:20:26:ab:f2:
10:98:c0:8f:7c:e2:81:1e:22:96:4f:80:81:3a:57:
f0:e0:5c:00:ff:a4:dd:57:7b:58:0c:a3:f8:d6:2a:
5b:75:a0:c4:fa:ad:44:86:fa:34:d9:1f:f9:e7:9c:
5a:a9:fe:84:d9:a4:95:3a:1b:f6:c3:c6:d2:20:15:
f6:41:d4:45:6f:fa:b9:17:7c:0d:39:0e:6b:89:ba:
28:12:5e:f0:3f:d2:81:c5:e1:d3:c1:6d:09:9b:70:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:94:61:F3:F1:78:B4:D1:94:69:DB:0D:3A:9D:48:AB:88:94:28:C2
X509v3 Authority Key Identifier:
keyid:90:C7:29:EF:D4:B5:FF:E4:36:DE:41:39:42:26:3F:A7:4D:6B:D1:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMcp79S1_-Q23kE5QiY_p01r0eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/27bc2d-152f-41e5-92b7-02bd37e7b9a0/1/KZRh8_F4tNGUadsNOp1Iq4iUKMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/27bc2d-152f-41e5-92b7-02bd37e7b9a0/1/kMcp79S1_-Q23kE5QiY_p01r0eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.0.0/21
83.220.10.0-83.220.15.255
Signature Algorithm: sha256WithRSAEncryption
5e:f4:41:2c:13:97:3a:7f:82:4c:3b:04:ec:75:75:95:5b:6d:
b0:86:23:93:68:d6:3f:c8:71:04:6a:6a:24:e0:54:1e:cb:76:
a7:6c:95:b8:9c:88:67:23:d0:01:90:90:af:51:a2:27:af:77:
f5:11:75:6d:7c:bd:f9:c8:67:10:cd:23:c1:f5:3c:5c:5f:0f:
40:2c:c6:d2:78:78:55:44:79:6c:d3:15:19:84:2c:65:88:ec:
0f:0f:e6:f6:24:8d:98:2d:89:c3:3e:14:8b:d8:23:c5:57:27:
ec:ef:c2:56:70:dc:e7:10:ce:f3:94:d0:ed:e8:e5:0e:32:f8:
a8:72:52:c0:25:23:8e:19:1f:ac:af:c8:2c:7f:90:a9:9e:30:
f3:d0:3b:f6:31:fe:6d:fd:87:ec:80:15:c0:37:25:e4:94:1e:
29:af:03:b0:86:05:91:bd:eb:5f:f5:ae:d9:40:9b:f4:5d:4b:
2a:45:09:96:43:18:60:a7:d5:c4:82:7e:35:d1:22:0b:7b:b5:
64:9e:41:9c:ef:fc:d1:19:83:fb:88:40:6c:89:a0:be:9a:1f:
df:52:f0:45:6a:eb:5a:44:fd:94:e3:b0:bb:28:5a:f1:2c:10:
2e:32:19:3a:04:c5:a0:08:0d:c8:a2:fb:f6:81:87:25:d5:d2:
b1:e6:5c:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAMUJrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGM3MjllZmQ0YjVmZmU0MzZkZTQxMzk0MjI2M2ZhNzRkNmJkMWU4MB4XDTIyMDEw
MTA3NTQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk5NDYxZjNmMTc4
YjRkMTk0NjlkYjBkM2E5ZDQ4YWI4ODk0MjhjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6+mmMq7jSPMFM2H9az1mjBQ2oob9yHDY8Vl/RA21KA0UAK
YKuKaXG96YlAbK/b+VMe6GqoIPDV6phkgHOGDNJ5GSgEYJmgjyIOsT1rMSas1gqh
PiOMF99HdHJDkutPvMtF017nKUK1/w4LSVdZ8Lkv31mR+YuLRoWvXBcA9XrjUmbC
4di6LGglbmwMpeOjLq/uOYFrRchrYegN9fr3x/cgJqvyEJjAj3zigR4ilk+AgTpX
8OBcAP+k3Vd7WAyj+NYqW3WgxPqtRIb6NNkf+eecWqn+hNmklTob9sPG0iAV9kHU
RW/6uRd8DTkOa4m6KBJe8D/SgcXh08FtCZtwJqkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQplGHz8Xi00ZRp2w06nUiriJQowjAfBgNVHSMEGDAWgBSQxynv1LX/5Dbe
QTlCJj+nTWvR6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tNY3A3OVMxXy1RMjNrRTVRaVlfcDAxcjBlZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMjdiYzJkLTE1MmYtNDFlNS05MmI3LTAyYmQzN2U3YjlhMC8x
L0taUmg4X0Y0dE5HVWFkc05PcDFJcTRpVUtNSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MjdiYzJkLTE1MmYtNDFlNS05MmI3LTAyYmQzN2U3YjlhMC8xL2tNY3A3OVMxXy1R
MjNrRTVRaVlfcDAxcjBlZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEA1PcADAMAwQBU9wKAwQEU9wAMA0G
CSqGSIb3DQEBCwUAA4IBAQBe9EEsE5c6f4JMOwTsdXWVW22whiOTaNY/yHEEamok
4FQey3anbJW4nIhnI9ABkJCvUaInr3f1EXVtfL35yGcQzSPB9TxcXw9ALMbSeHhV
RHls0xUZhCxliOwPD+b2JI2YLYnDPhSL2CPFVyfs78JWcNznEM7zlNDt6OUOMvio
clLAJSOOGR+sr8gsf5CpnjDz0Dv2Mf5t/YfsgBXANyXklB4prwOwhgWRvetf9a7Z
QJv0XUsqRQmWQxhgp9XEgn410SILe7VknkGc7/zRGYP7iEBsiaC+mh/fUvBFauta
RP2U47C7KFrxLBAuMhk6BMWgCA3Iovv2gYcl1dKx5lxm
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:47:56 2025 by rpki-client