Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/2VIXzhcc4oRjk9O0FUw0FozVLQI.roa
File: 2VIXzhcc4oRjk9O0FUw0FozVLQI.roa (raw, json)
Hash identifier: DWnZA4jsISlNaXLQu6t9ACgC+41dMJeiepR9q4Jc0qY=
Subject key identifier: D9:52:17:CE:17:1C:E2:84:63:93:D3:B4:15:4C:34:16:8C:D5:2D:02
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0193BFF1E9BBE0D345D5AF6E77419BAAB8F0
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/2VIXzhcc4oRjk9O0FUw0FozVLQI.roa
Signing time: Fri 13 Dec 2024 12:15:22 +0000
ROA not before: Fri 13 Dec 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 109.120.159.0/24 maxlen: 24
176.98.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:f1:e9:bb:e0:d3:45:d5:af:6e:77:41:9b:aa:b8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Dec 13 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d95217ce171ce2846393d3b4154c34168cd52d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6d:ba:10:95:a5:ca:ce:cc:51:ca:df:56:8b:
b1:c2:70:56:18:56:74:4b:49:7e:1b:86:b2:62:76:
b7:c9:7f:d9:97:00:08:89:5f:cd:87:03:fe:ef:03:
ec:0e:c4:99:8c:1c:3e:bd:ec:e0:c5:9a:22:5d:a3:
0d:e2:eb:4b:5b:39:fd:a6:3c:91:e6:0c:8b:23:e2:
55:37:bd:63:af:96:ee:a3:d0:0f:78:14:8e:7c:c6:
dc:6c:9c:d6:3d:4f:06:7d:d4:26:46:ad:ac:0d:0f:
ad:93:dc:9d:0f:c5:bd:54:c8:30:1c:67:ee:bd:a2:
b8:49:cb:58:f0:3b:2e:4d:a0:47:91:fd:62:04:94:
65:84:43:04:b7:57:4c:55:5d:15:53:b5:60:70:e1:
ea:94:37:39:35:d9:0e:f5:fe:67:b1:dc:c7:1c:c5:
cc:b5:92:85:33:0a:2b:8a:11:3d:a6:ac:0a:1c:4d:
6b:fd:fd:a7:b5:86:d1:7d:32:8f:1c:d0:18:20:57:
e6:86:d2:ea:eb:9e:d6:d3:0d:f6:f1:74:cc:a2:8e:
b5:19:5c:6f:66:42:57:ae:34:aa:71:fc:fd:23:9f:
6c:13:06:90:7d:03:b8:aa:19:f1:04:91:8b:d7:a1:
14:45:e6:47:d9:78:6c:bc:ef:aa:c4:22:27:15:6d:
f4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:52:17:CE:17:1C:E2:84:63:93:D3:B4:15:4C:34:16:8C:D5:2D:02
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/2VIXzhcc4oRjk9O0FUw0FozVLQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.159.0/24
176.98.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ad:40:4c:57:fd:1f:a2:f4:83:24:71:1b:ba:01:0e:a4:80:
5a:89:dd:2c:06:2b:e8:81:0a:b6:0a:36:6b:3d:69:f6:55:d1:
ce:84:36:b3:ff:61:35:5e:e6:1d:79:e4:4d:f2:19:d1:e6:ac:
fd:9f:65:f4:9c:40:9f:47:07:b6:23:aa:4a:92:03:d1:3d:42:
ad:14:12:3d:b9:f4:87:d6:d7:83:17:fc:37:3a:22:b8:ef:6b:
8c:c9:64:db:47:e0:66:79:0f:02:4d:a6:3a:66:71:ea:66:18:
73:77:09:78:7a:71:3f:d6:7b:57:5d:83:77:0d:39:80:22:a4:
00:a9:c9:00:d0:fd:63:76:9b:a3:6f:79:39:b7:b6:ec:78:21:
8f:d8:9e:d1:44:5b:aa:97:17:99:f0:7b:6b:fa:e9:86:e6:de:
dc:26:2d:60:22:99:68:47:7f:eb:8b:b1:b2:3b:a0:7a:31:10:
04:ed:2a:45:87:ab:39:05:ae:05:24:f9:61:f5:f8:2d:90:70:
72:cc:73:59:61:ab:37:2a:0d:94:7f:95:07:30:26:80:2b:12:
d3:b3:47:85:95:d5:bf:3f:c2:09:5d:23:a6:a4:b2:5c:22:24:
95:50:5b:92:2e:03:45:47:2f:a6:7d:f0:8d:00:01:4d:5c:3c:
7d:1c:75:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZO/8em74NNF1a9ud0GbqrjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQxMjEzMTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTUyMTdjZTE3MWNlMjg0NjM5M2QzYjQxNTRjMzQxNjhjZDUyZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm26EJWlys7MUcrfVouxwnBWGFZ0
S0l+G4ayYna3yX/ZlwAIiV/NhwP+7wPsDsSZjBw+vezgxZoiXaMN4utLWzn9pjyR
5gyLI+JVN71jr5buo9APeBSOfMbcbJzWPU8GfdQmRq2sDQ+tk9ydD8W9VMgwHGfu
vaK4SctY8DsuTaBHkf1iBJRlhEMEt1dMVV0VU7VgcOHqlDc5NdkO9f5nsdzHHMXM
tZKFMworihE9pqwKHE1r/f2ntYbRfTKPHNAYIFfmhtLq657W0w328XTMoo61GVxv
ZkJXrjSqcfz9I59sEwaQfQO4qhnxBJGL16EUReZH2XhsvO+qxCInFW30LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlSF84XHOKEY5PTtBVMNBaM1S0CMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvMlZJWHpoY2M0b1JqazlPMEZVdzBGb3pWTFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXifAwQA
sGK5MA0GCSqGSIb3DQEBCwUAA4IBAQCmrUBMV/0fovSDJHEbugEOpIBaid0sBivo
gQq2CjZrPWn2VdHOhDaz/2E1XuYdeeRN8hnR5qz9n2X0nECfRwe2I6pKkgPRPUKt
FBI9ufSH1teDF/w3OiK472uMyWTbR+BmeQ8CTaY6ZnHqZhhzdwl4enE/1ntXXYN3
DTmAIqQAqckA0P1jdpujb3k5t7bseCGP2J7RRFuqlxeZ8Htr+umG5t7cJi1gIplo
R3/ri7GyO6B6MRAE7SpFh6s5Ba4FJPlh9fgtkHByzHNZYas3Kg2Uf5UHMCaAKxLT
s0eFldW/P8IJXSOmpLJcIiSVUFuSLgNFRy+mffCNAAFNXDx9HHVm
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:10:49 2025 by rpki-client