Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/kvTlBi_B8QrdRGJqo_C6nAXRdfc.roa
File: kvTlBi_B8QrdRGJqo_C6nAXRdfc.roa (raw, json)
Hash identifier: 6MLCaYZkCCpTI+u5625D24+Iiiya7eil7hcGEmC1dUY=
Subject key identifier: 92:F4:E5:06:2F:C1:F1:0A:DD:44:62:6A:A3:F0:BA:9C:05:D1:75:F7
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0194236A003E8422EBDEE7B4C9E309B6EA8C
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/kvTlBi_B8QrdRGJqo_C6nAXRdfc.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215730
IP address blocks: 109.120.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:00:3e:84:22:eb:de:e7:b4:c9:e3:09:b6:ea:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92f4e5062fc1f10add44626aa3f0ba9c05d175f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c2:c0:7b:86:e1:dc:aa:6d:18:d9:86:7f:03:
3c:e1:07:c6:a6:f9:25:ee:fb:1c:25:0c:6d:1b:be:
34:c7:5b:10:13:77:3e:fd:6a:54:01:68:36:0a:59:
39:45:d9:d9:65:89:fd:c0:83:f6:f3:a9:ab:03:b6:
60:64:dd:89:25:f7:bb:a7:c7:d8:28:4c:e7:ad:d4:
bf:6e:c7:76:ab:95:8b:b8:01:1c:a9:e9:0f:3d:3e:
95:08:a9:be:b7:10:1a:86:3b:af:80:05:c6:45:54:
53:4b:96:9b:f7:e9:9c:07:11:00:3a:76:4a:1f:cc:
26:1d:ad:58:b6:31:0d:71:1f:0a:c2:dc:2c:4c:2b:
cb:51:98:f7:72:44:a2:ba:a7:90:bb:20:48:66:24:
62:77:8f:ee:da:be:0e:83:6a:75:9d:61:c8:f2:4b:
f6:ea:73:67:82:ad:23:69:b4:41:5f:fe:f3:b5:f8:
5a:e0:b3:8a:15:87:da:5a:72:aa:30:81:49:91:8c:
fb:68:dc:3c:a5:2f:18:6f:0f:35:bc:38:70:ad:d2:
7e:0e:1b:97:81:62:4c:7a:d0:5b:a6:66:9b:bc:27:
29:f6:59:99:ad:5c:d7:73:e6:3f:58:b3:df:c4:4a:
8d:1b:b6:ba:68:58:98:59:b3:cb:b3:1d:cc:ae:ac:
10:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F4:E5:06:2F:C1:F1:0A:DD:44:62:6A:A3:F0:BA:9C:05:D1:75:F7
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/kvTlBi_B8QrdRGJqo_C6nAXRdfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.137.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:3d:d8:8f:fb:e4:dc:3c:50:ab:10:c6:bb:e7:58:b9:8b:09:
ce:b1:8d:df:43:0f:75:5c:7c:4d:e6:e8:5b:4d:3e:37:c1:0a:
a0:18:49:a5:cb:e4:48:2d:f3:42:a3:c0:24:61:8b:f2:af:44:
82:f5:30:7a:95:51:da:02:be:b1:4a:ca:b6:30:98:4b:47:64:
60:bb:bb:cd:16:7f:c7:2f:01:73:2c:53:7e:67:5b:0d:ee:17:
a2:2a:e3:7c:e7:80:05:9b:2d:45:4a:da:da:87:73:f2:2f:cc:
f8:11:db:a7:10:19:4c:72:92:be:07:2b:e9:83:a7:f7:4e:df:
e2:a6:4c:67:e2:35:0e:11:30:f9:8f:3f:d1:8d:1d:b6:71:50:
e8:3b:06:1a:21:68:27:71:0b:1a:9d:b7:ea:67:4e:b7:27:70:
98:37:d0:93:74:aa:18:94:fb:c6:91:a9:56:8c:b0:ab:b3:81:
b2:fb:72:c5:45:66:63:d4:a8:39:07:36:54:bb:b2:7c:65:40:
dd:3e:b1:75:c6:e1:15:1a:0e:a8:13:1a:d3:31:69:62:2f:97:
91:dc:e2:9b:3f:85:a9:01:18:49:0d:df:94:bd:80:37:0c:06:
5c:3c:d5:a3:dc:49:37:d2:de:2f:e4:90:bb:c2:72:19:8d:86:
2e:9c:e6:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagA+hCLr3ue0yeMJtuqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY0ZTUwNjJmYzFmMTBhZGQ0NDYyNmFhM2YwYmE5YzA1ZDE3NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cLAe4bh3KptGNmGfwM84QfGpvkl
7vscJQxtG740x1sQE3c+/WpUAWg2Clk5RdnZZYn9wIP286mrA7ZgZN2JJfe7p8fY
KEznrdS/bsd2q5WLuAEcqekPPT6VCKm+txAahjuvgAXGRVRTS5ab9+mcBxEAOnZK
H8wmHa1YtjENcR8KwtwsTCvLUZj3ckSiuqeQuyBIZiRid4/u2r4Og2p1nWHI8kv2
6nNngq0jabRBX/7ztfha4LOKFYfaWnKqMIFJkYz7aNw8pS8Ybw81vDhwrdJ+DhuX
gWJMetBbpmabvCcp9lmZrVzXc+Y/WLPfxEqNG7a6aFiYWbPLsx3MrqwQfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJL05QYvwfEK3URiaqPwupwF0XX3MB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEva3ZUbEJpX0I4UXJkUkdKcW9fQzZuQVhSZGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXiJMA0G
CSqGSIb3DQEBCwUAA4IBAQAdPdiP++TcPFCrEMa751i5iwnOsY3fQw91XHxN5uhb
TT43wQqgGEmly+RILfNCo8AkYYvyr0SC9TB6lVHaAr6xSsq2MJhLR2Rgu7vNFn/H
LwFzLFN+Z1sN7heiKuN854AFmy1FStrah3PyL8z4EdunEBlMcpK+Byvpg6f3Tt/i
pkxn4jUOETD5jz/RjR22cVDoOwYaIWgncQsanbfqZ063J3CYN9CTdKoYlPvGkalW
jLCrs4Gy+3LFRWZj1Kg5BzZUu7J8ZUDdPrF1xuEVGg6oExrTMWliL5eR3OKbP4Wp
ARhJDd+UvYA3DAZcPNWj3Ek30t4v5JC7wnIZjYYunOYn
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:06:00 2025 by rpki-client