Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/KUCsTzvnwNnMm7Jeca6aVL9k1f0.roa
File: KUCsTzvnwNnMm7Jeca6aVL9k1f0.roa (raw, json)
Hash identifier: 08CBdTpQIdxpgYISvMqyNDiM+ICQK0H520OtR31swUg=
Subject key identifier: 29:40:AC:4F:3B:E7:C0:D9:CC:9B:B2:5E:71:AE:9A:54:BF:64:D5:FD
Certificate issuer: /CN=854e103aaec432fc191d49819bd1ab71fe1cfa80
Certificate serial: 019423697D061EE12876D10FD2B16033FDA5
Authority key identifier: 85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/KUCsTzvnwNnMm7Jeca6aVL9k1f0.roa
Signing time: Wed 01 Jan 2025 19:48:23 +0000
ROA not before: Wed 01 Jan 2025 19:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50297
IP address blocks: 46.148.16.0/24 maxlen: 24
46.148.17.0/24 maxlen: 24
46.148.18.0/24 maxlen: 24
46.148.19.0/24 maxlen: 24
46.148.20.0/24 maxlen: 24
46.148.21.0/24 maxlen: 24
46.148.22.0/24 maxlen: 24
46.148.26.0/24 maxlen: 24
46.148.27.0/24 maxlen: 24
46.148.28.0/24 maxlen: 24
193.106.28.0/22 maxlen: 22
2001:67c:28f8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7d:06:1e:e1:28:76:d1:0f:d2:b1:60:33:fd:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854e103aaec432fc191d49819bd1ab71fe1cfa80
Validity
Not Before: Jan 1 19:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2940ac4f3be7c0d9cc9bb25e71ae9a54bf64d5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e8:14:c9:ff:66:0f:fc:98:fb:2e:d9:7b:be:
e8:be:49:43:3e:59:e3:fb:f1:2b:aa:4d:48:ab:f7:
a8:11:de:b1:ed:96:c7:07:9c:31:fa:e6:e2:8f:f0:
e2:28:7d:ea:4c:b4:6c:65:30:7c:fe:ce:4c:35:be:
3c:b2:7e:5b:35:f1:bc:c7:a7:f2:3b:c2:00:54:81:
c5:0f:c4:09:c0:0d:d5:4f:9f:39:b3:3d:3f:98:21:
8e:7a:f4:9e:59:23:7c:57:9c:e1:1b:61:08:b7:8e:
33:3d:45:dc:ea:f5:91:24:bb:cf:8c:19:a4:27:7e:
9a:16:20:f4:c0:c6:6e:39:ce:69:56:87:64:c6:5a:
61:00:3c:73:76:b5:52:db:01:9f:01:06:12:df:f1:
2e:3a:35:fc:14:79:63:b9:b8:01:cb:14:5b:41:93:
6c:28:3a:b7:d5:fe:a4:6c:6c:48:42:3f:b8:ca:91:
dc:74:00:dd:e0:2a:da:77:7f:40:f0:53:44:4c:f1:
2f:b9:c3:9d:0e:2e:ff:e3:77:99:e6:d8:84:cb:25:
2d:05:c0:1e:d9:68:a3:78:8a:39:e0:dc:1e:a8:df:
9b:43:08:65:db:fc:75:87:19:f5:cd:e5:92:2b:73:
14:42:af:fe:ee:62:0f:93:a2:fb:92:f4:53:f7:8f:
cc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:40:AC:4F:3B:E7:C0:D9:CC:9B:B2:5E:71:AE:9A:54:BF:64:D5:FD
X509v3 Authority Key Identifier:
keyid:85:4E:10:3A:AE:C4:32:FC:19:1D:49:81:9B:D1:AB:71:FE:1C:FA:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hU4QOq7EMvwZHUmBm9Grcf4c-oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/KUCsTzvnwNnMm7Jeca6aVL9k1f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/65f4a2-5f69-465b-8891-9c01df7b9e66/1/hU4QOq7EMvwZHUmBm9Grcf4c-oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.16.0-46.148.22.255
46.148.26.0-46.148.28.255
193.106.28.0/22
IPv6:
2001:67c:28f8::/48
Signature Algorithm: sha256WithRSAEncryption
36:73:ac:26:94:16:dc:b9:44:8b:6b:fd:e8:7b:2f:84:d8:52:
36:63:18:71:e5:87:d6:28:2c:58:e1:a0:4f:2e:31:28:4c:a9:
89:ae:b1:d7:8b:8c:b3:22:07:3b:e8:a2:a4:1f:b6:38:8d:45:
65:97:ad:7a:b9:f5:e0:7e:70:b1:66:10:31:79:2b:99:ef:b1:
44:6b:a3:66:94:5b:4c:c0:a3:13:16:1e:78:e5:5f:7b:12:63:
21:c0:96:f1:b9:6f:1a:97:6c:49:cc:63:a2:a5:75:7c:df:2b:
99:d5:92:70:c8:ad:2d:00:fd:d0:45:07:04:e2:28:b0:88:68:
04:3b:d1:30:6a:26:60:9e:10:98:d3:6f:4f:24:7d:65:46:57:
8f:91:88:3b:5e:96:5c:c4:71:5c:a7:a2:02:22:2a:61:13:6e:
b6:6b:de:f7:8c:be:94:6e:00:c8:f0:ba:c4:7d:45:28:02:0e:
46:1a:1c:03:2f:4d:95:35:5c:2f:fd:c6:b5:53:14:08:c3:59:
90:87:a4:e5:bf:81:93:5c:d9:ba:35:ca:a1:bf:d3:ff:e0:e7:
ca:50:70:34:d5:58:be:99:4d:60:ed:6e:52:e0:c5:36:5a:31:
af:f1:37:32:a9:f3:88:73:74:1f:53:8e:b4:86:19:f8:f7:d9:
ac:d2:8d:e3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQjaX0GHuEodtEP0rFgM/2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGUxMDNhYWVjNDMyZmMxOTFkNDk4MTliZDFhYjcxZmUx
Y2ZhODAwHhcNMjUwMTAxMTk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQwYWM0ZjNiZTdjMGQ5Y2M5YmIyNWU3MWFlOWE1NGJmNjRkNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqegUyf9mD/yY+y7Ze77ovklDPlnj
+/Erqk1Iq/eoEd6x7ZbHB5wx+ubij/DiKH3qTLRsZTB8/s5MNb48sn5bNfG8x6fy
O8IAVIHFD8QJwA3VT585sz0/mCGOevSeWSN8V5zhG2EIt44zPUXc6vWRJLvPjBmk
J36aFiD0wMZuOc5pVodkxlphADxzdrVS2wGfAQYS3/EuOjX8FHljubgByxRbQZNs
KDq31f6kbGxIQj+4ypHcdADd4Crad39A8FNETPEvucOdDi7/43eZ5tiEyyUtBcAe
2WijeIo54NweqN+bQwhl2/x1hxn1zeWSK3MUQq/+7mIPk6L7kvRT94/MYQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFClArE8758DZzJuyXnGumlS/ZNX9MB8GA1UdIwQY
MBaAFIVOEDquxDL8GR1JgZvRq3H+HPqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEt
OWMwMWRmN2I5ZTY2LzEvS1VDc1R6dm53Tm5NbTdKZWNhNmFWTDlrMWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi82NWY0YTItNWY2OS00NjViLTg4OTEtOWMwMWRmN2I5ZTY2
LzEvaFU0UU9xN0VNdndaSFVtQm05R3JjZjRjLW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAQulBAD
BAAulBYwDAMEAS6UGgMEAC6UHAMEAsFqHDAPBAIAAjAJAwcAIAEGfCj4MA0GCSqG
SIb3DQEBCwUAA4IBAQA2c6wmlBbcuUSLa/3oey+E2FI2Yxhx5YfWKCxY4aBPLjEo
TKmJrrHXi4yzIgc76KKkH7Y4jUVll616ufXgfnCxZhAxeSuZ77FEa6NmlFtMwKMT
Fh545V97EmMhwJbxuW8al2xJzGOipXV83yuZ1ZJwyK0tAP3QRQcE4iiwiGgEO9Ew
aiZgnhCY029PJH1lRlePkYg7XpZcxHFcp6ICIiphE262a973jL6UbgDI8LrEfUUo
Ag5GGhwDL02VNVwv/ca1UxQIw1mQh6Tlv4GTXNm6Ncqhv9P/4OfKUHA01Vi+mU1g
7W5S4MU2WjGv8TcyqfOIc3QfU460hhn499ms0o3j
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:00 2025 by rpki-client on console.sobornost.net