Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kvS9t02JavuK1wgFEhPcUntLMn0.roa
File: kvS9t02JavuK1wgFEhPcUntLMn0.roa (raw, json)
Hash identifier: BKLDyx6jYljGGKL/snMsLKxn05Lgybc11ZXAYvZR7b4=
Subject key identifier: 92:F4:BD:B7:4D:89:6A:FB:8A:D7:08:05:12:13:DC:52:7B:4B:32:7D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BFB0D1A929039A0B9E7D70E28B8549645
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kvS9t02JavuK1wgFEhPcUntLMn0.roa
Signing time: Thu 23 Nov 2023 07:20:21 +0000
ROA not before: Thu 23 Nov 2023 07:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203963
IP address blocks: 94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:0d:1a:92:90:39:a0:b9:e7:d7:0e:28:b8:54:96:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 23 07:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92f4bdb74d896afb8ad708051213dc527b4b327d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9d:67:67:0b:27:58:2f:19:52:97:95:7e:73:
2a:0d:5a:4c:d0:24:7e:20:bd:f1:5e:a9:54:1a:ec:
2f:2d:b0:4f:16:42:de:0d:32:55:d6:ed:cb:3f:ed:
49:94:06:b3:39:ab:7b:73:72:38:63:12:81:f3:38:
89:5f:5f:3b:8c:61:53:85:f1:33:1b:87:c6:00:eb:
4f:08:fd:a6:6e:7c:7e:52:87:20:d7:69:ff:54:ed:
63:60:cf:31:35:6a:37:01:ec:f7:5f:06:07:d3:4e:
9f:2b:4d:5b:71:66:1a:c4:b6:b8:68:83:a1:84:d3:
ec:8f:5d:61:08:b5:fa:99:1e:f9:e7:f2:78:72:22:
17:dd:9c:ea:af:01:62:59:ee:5f:bb:f7:5f:dc:41:
dd:ff:d4:dc:61:31:26:31:84:f2:ef:8b:2f:1f:d8:
e1:71:5f:c1:ac:9b:87:94:d1:74:9b:57:7e:f4:97:
73:63:85:8e:d8:ab:ba:8f:0b:94:8e:6a:ac:15:e9:
49:10:a6:57:00:e8:66:b4:62:14:0b:07:ca:90:41:
07:05:55:a5:d0:d5:75:ce:4d:88:20:c5:83:0e:83:
51:c3:3a:47:b7:ae:c6:e6:6d:ce:92:c5:7c:cb:15:
d9:7c:d2:f4:77:ec:ab:0e:69:42:47:1e:53:e1:dc:
0b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F4:BD:B7:4D:89:6A:FB:8A:D7:08:05:12:13:DC:52:7B:4B:32:7D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kvS9t02JavuK1wgFEhPcUntLMn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.137.0/24
94.74.140.0/24
94.74.147.0/24
94.74.164.0/24
94.74.171.0/24
94.74.187.0/24
94.74.191.0/24
109.203.163.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:0f:c8:45:7a:f0:4b:99:1a:77:4d:4a:36:b8:57:42:5a:51:
f4:23:83:49:58:a4:6b:d8:1c:73:48:e4:b9:b2:f0:85:7f:a8:
d6:99:92:2e:d9:19:43:28:ff:7f:60:89:9f:db:98:c2:e2:b5:
dc:de:05:75:15:ff:04:97:e1:46:d9:5a:9c:30:10:bc:f1:9d:
5b:56:00:da:0e:4d:f9:ce:51:34:09:aa:e4:2f:31:67:9a:d0:
b3:37:96:d2:48:62:d5:55:27:f2:7d:0a:9a:c4:f0:32:fb:78:
24:7d:f9:f6:cd:74:f5:65:52:1e:e0:78:52:41:82:f3:26:ae:
6c:9e:62:9d:73:7a:43:5f:32:7d:47:af:45:19:e9:9b:3c:01:
b8:ff:e2:76:cd:bb:08:03:6a:8a:e9:88:c4:0b:ce:51:62:d7:
d4:b4:19:9c:47:28:5d:9e:4c:1d:f6:50:06:ad:52:e5:fc:36:
84:50:0c:3e:d9:aa:75:e2:e9:22:f4:39:5e:35:67:c5:39:8a:
0c:9e:82:97:aa:48:62:85:16:31:d5:b9:4a:81:89:e4:1a:64:
44:44:7a:b6:e3:a8:ee:65:51:95:71:14:02:d6:84:50:60:4f:
73:8d:04:9a:81:c9:1b:ec:63:8a:6c:0a:81:a9:d5:9b:87:6f:
4a:7d:39:58
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYv7DRqSkDmguefXDii4VJZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTIzMDcyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY0YmRiNzRkODk2YWZiOGFkNzA4MDUxMjEzZGM1MjdiNGIzMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ1nZwsnWC8ZUpeVfnMqDVpM0CR+
IL3xXqlUGuwvLbBPFkLeDTJV1u3LP+1JlAazOat7c3I4YxKB8ziJX187jGFThfEz
G4fGAOtPCP2mbnx+Uocg12n/VO1jYM8xNWo3Aez3XwYH006fK01bcWYaxLa4aIOh
hNPsj11hCLX6mR755/J4ciIX3ZzqrwFiWe5fu/df3EHd/9TcYTEmMYTy74svH9jh
cV/BrJuHlNF0m1d+9JdzY4WO2Ku6jwuUjmqsFelJEKZXAOhmtGIUCwfKkEEHBVWl
0NV1zk2IIMWDDoNRwzpHt67G5m3OksV8yxXZfNL0d+yrDmlCRx5T4dwLwwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJL0vbdNiWr7itcIBRIT3FJ7SzJ9MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEva3ZTOXQwMkphdnVLMXdnRkVoUGNVbnRMTW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXkqJAwQA
XkqMAwQAXkqTAwQAXkqkAwQAXkqrAwQAXkq7AwQAXkq/AwQAbcujAwQAsC6QAwQA
sC6VAwQAsC6YMA0GCSqGSIb3DQEBCwUAA4IBAQAeD8hFevBLmRp3TUo2uFdCWlH0
I4NJWKRr2BxzSOS5svCFf6jWmZIu2RlDKP9/YImf25jC4rXc3gV1Ff8El+FG2Vqc
MBC88Z1bVgDaDk35zlE0CarkLzFnmtCzN5bSSGLVVSfyfQqaxPAy+3gkffn2zXT1
ZVIe4HhSQYLzJq5snmKdc3pDXzJ9R69FGembPAG4/+J2zbsIA2qK6YjEC85RYtfU
tBmcRyhdnkwd9lAGrVLl/DaEUAw+2ap14uki9DleNWfFOYoMnoKXqkhihRYx1blK
gYnkGmRERHq246juZVGVcRQC1oRQYE9zjQSagckb7GOKbAqBqdWbh29KfTlY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:45 2025 by rpki-client