Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/5HV-tkSn-nvaTCJgq2qZMjXXs3I.roa
File: 5HV-tkSn-nvaTCJgq2qZMjXXs3I.roa (raw, json)
Hash identifier: V4YAUXA1HwXaJ3mud6IQQG1XhWx4lpV0RuNwmpEC5DM=
Subject key identifier: E4:75:7E:B6:44:A7:FA:7B:DA:4C:22:60:AB:6A:99:32:35:D7:B3:72
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01942369FEF568A0C1CB9A7B92A7C09C6E6F
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/5HV-tkSn-nvaTCJgq2qZMjXXs3I.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214798
IP address blocks: 109.120.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fe:f5:68:a0:c1:cb:9a:7b:92:a7:c0:9c:6e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4757eb644a7fa7bda4c2260ab6a993235d7b372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:4d:b9:2e:f6:dc:f0:2c:81:54:ca:01:92:
f0:d4:f2:94:63:05:62:99:e3:4b:ef:4e:94:e0:07:
68:1c:03:e9:7d:c4:5e:38:0a:a3:8e:85:7b:dd:b9:
90:bf:6c:87:d2:91:02:79:d2:67:24:0a:1d:df:ae:
79:b1:8e:2f:2d:32:f6:c5:fc:ad:69:7d:05:21:80:
2e:07:e0:70:cd:e1:32:5c:4d:da:8c:e5:68:f0:bd:
c8:88:d8:88:db:21:b4:1d:6f:a4:d0:ab:b4:9a:fe:
00:82:82:9c:d3:8f:e8:13:1e:df:b0:32:34:37:a7:
ea:c1:57:08:fd:64:a0:61:84:bf:79:fb:fe:23:7f:
18:74:42:fd:69:12:f1:ee:ac:af:b9:76:3a:e5:21:
80:ed:d4:c1:38:53:45:fb:49:f2:07:7e:d7:1e:ff:
55:1f:38:e2:f1:a0:25:e2:5a:c4:1a:ca:25:0d:eb:
b3:5e:24:84:77:8f:bf:1e:3e:6f:bc:5c:35:73:10:
cd:24:77:93:d4:c3:c1:77:0e:ae:c1:e4:43:19:68:
9d:6f:21:82:65:f1:24:28:2d:6e:91:30:2a:5d:2b:
ed:52:2e:db:22:99:06:d9:5a:b4:bd:bd:10:e8:3a:
fb:80:da:55:fe:c4:fd:75:be:84:2c:e5:5e:2e:6e:
d1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:75:7E:B6:44:A7:FA:7B:DA:4C:22:60:AB:6A:99:32:35:D7:B3:72
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/5HV-tkSn-nvaTCJgq2qZMjXXs3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.158.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e8:ef:ad:64:61:0e:31:04:37:63:dc:1c:4f:db:61:45:17:
7f:37:20:64:7e:fe:8e:6e:e6:0f:93:38:07:fb:ed:6c:1c:58:
bc:7d:89:6c:33:ad:0d:01:92:26:30:26:e2:51:65:34:2d:e2:
ea:89:29:2a:4c:b0:e1:e1:29:b7:22:3f:96:28:84:6b:0f:d6:
1a:a6:7f:7c:a5:8e:e2:cd:4b:01:55:9d:d6:78:e2:03:aa:3a:
61:3a:1f:c6:fd:d8:74:fe:17:42:47:38:b7:81:0d:7f:ea:ae:
60:7d:65:9f:04:0f:b7:44:f9:87:0a:a6:76:e4:69:60:a4:45:
58:aa:b0:d4:73:59:64:80:38:c7:a4:61:1f:ce:b3:13:cc:2c:
5e:ce:78:9e:79:29:f7:c1:ec:63:60:6f:51:7a:c7:f0:c4:d5:
84:21:6d:c5:7e:15:e2:84:c6:a3:e0:91:30:5a:63:d2:81:f5:
7d:0b:10:13:3f:21:84:c8:b2:c1:71:1b:7a:76:4a:0a:e6:a2:
65:cb:69:06:13:7f:69:dd:7e:0c:99:54:99:91:27:df:12:83:
9f:5c:88:9f:6a:17:5b:5d:b2:e5:14:94:42:4d:b3:43:08:cc:
bf:06:60:26:0d:94:d0:ac:e1:85:8d:25:b5:82:fe:6c:f6:f0:
05:e0:fc:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaf71aKDBy5p7kqfAnG5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc1N2ViNjQ0YTdmYTdiZGE0YzIyNjBhYjZhOTkzMjM1ZDdiMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdhNuS723PAsgVTKAZLw1PKUYwVi
meNL706U4AdoHAPpfcReOAqjjoV73bmQv2yH0pECedJnJAod3655sY4vLTL2xfyt
aX0FIYAuB+BwzeEyXE3ajOVo8L3IiNiI2yG0HW+k0Ku0mv4AgoKc04/oEx7fsDI0
N6fqwVcI/WSgYYS/efv+I38YdEL9aRLx7qyvuXY65SGA7dTBOFNF+0nyB37XHv9V
Hzji8aAl4lrEGsolDeuzXiSEd4+/Hj5vvFw1cxDNJHeT1MPBdw6uweRDGWidbyGC
ZfEkKC1ukTAqXSvtUi7bIpkG2Vq0vb0Q6Dr7gNpV/sT9db6ELOVeLm7RzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOR1frZEp/p72kwiYKtqmTI117NyMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvNUhWLXRrU24tbnZhVENKZ3EycVpNalhYczNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXieMA0G
CSqGSIb3DQEBCwUAA4IBAQCC6O+tZGEOMQQ3Y9wcT9thRRd/NyBkfv6ObuYPkzgH
++1sHFi8fYlsM60NAZImMCbiUWU0LeLqiSkqTLDh4Sm3Ij+WKIRrD9Yapn98pY7i
zUsBVZ3WeOIDqjphOh/G/dh0/hdCRzi3gQ1/6q5gfWWfBA+3RPmHCqZ25GlgpEVY
qrDUc1lkgDjHpGEfzrMTzCxeznieeSn3wexjYG9ResfwxNWEIW3FfhXihMaj4JEw
WmPSgfV9CxATPyGEyLLBcRt6dkoK5qJly2kGE39p3X4MmVSZkSffEoOfXIifahdb
XbLlFJRCTbNDCMy/BmAmDZTQrOGFjSW1gv5s9vAF4Px2
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:05:58 2025 by rpki-client