Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/7JvOqf8jCijk_scq8k44QE4ZcJg.roa
File: 7JvOqf8jCijk_scq8k44QE4ZcJg.roa (raw, json)
Hash identifier: Zr9qOX5zC6nd7EBM4UVaMfXBvFyKtR8sioHct77HMic=
Subject key identifier: EC:9B:CE:A9:FF:23:0A:28:E4:FE:C7:2A:F2:4E:38:40:4E:19:70:98
Certificate issuer: /CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Certificate serial: 019421B1DEB42C7A2A33659EC11C9E466DB5
Authority key identifier: E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/7JvOqf8jCijk_scq8k44QE4ZcJg.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56975
IP address blocks: 185.108.220.0/24 maxlen: 24
185.108.222.0/24 maxlen: 24
185.108.223.0/24 maxlen: 24
2a00:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:de:b4:2c:7a:2a:33:65:9e:c1:1c:9e:46:6d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e49dbf3c44468e52411d4861856bf0bdc79063e4
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec9bcea9ff230a28e4fec72af24e38404e197098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8a:d8:c8:02:d3:8d:da:32:5f:a7:15:b7:c0:
e4:f1:10:f4:81:53:32:7b:0d:99:58:86:7e:bd:85:
1a:91:dc:7f:5e:84:5b:d4:6e:f7:c3:23:e6:88:e3:
89:8a:64:5b:fa:13:d4:4a:c2:e2:d0:32:43:76:aa:
a8:4e:d5:ce:f7:98:5f:88:d7:4a:ff:b2:b9:aa:c5:
99:f6:ca:16:4e:b7:3c:c2:83:22:da:5f:47:15:fc:
20:8f:0f:d2:b4:df:e5:0e:e9:f6:0b:6d:f5:d5:54:
4a:dc:1a:a9:e5:6e:4c:de:fb:9c:c5:0f:15:f2:03:
6b:f3:de:e8:de:9f:91:3b:9f:12:a6:c3:51:e3:6d:
05:a7:c4:25:ac:4f:54:c1:8b:17:44:cd:1d:b2:1f:
c2:23:f0:86:7c:80:a2:3f:ae:32:79:ab:c1:61:ff:
8b:8a:f1:a3:54:6e:89:89:6d:cc:d3:b0:bf:99:d8:
f0:8d:80:f1:c2:d5:04:41:99:71:6e:69:0c:50:ea:
c8:7f:b3:34:03:b3:19:52:89:3f:27:cc:5c:7b:90:
73:b8:9a:a0:db:ae:fa:cb:29:eb:ee:9c:28:36:a5:
c1:b5:94:02:42:38:ee:2e:4b:75:c3:ba:74:36:64:
28:30:ca:19:10:48:01:9b:6a:c9:30:fd:d8:23:13:
26:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9B:CE:A9:FF:23:0A:28:E4:FE:C7:2A:F2:4E:38:40:4E:19:70:98
X509v3 Authority Key Identifier:
keyid:E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/7JvOqf8jCijk_scq8k44QE4ZcJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.220.0/24
185.108.222.0/23
IPv6:
2a00:e000::/48
Signature Algorithm: sha256WithRSAEncryption
a3:37:ce:36:1f:71:d6:ba:8a:8e:93:6e:65:39:fc:4c:41:77:
34:db:f8:77:15:60:3d:79:1c:88:17:10:35:cf:83:6c:02:af:
f1:b5:48:47:9c:87:b0:bc:c4:63:75:72:e4:36:a0:f8:32:57:
e2:f8:b2:e0:39:fb:ff:5b:37:2e:d6:dd:04:8c:75:e8:8e:8d:
54:63:d6:2e:9d:f3:b0:53:51:81:c7:e5:3c:f4:a5:5b:de:22:
23:6f:13:09:40:af:b1:c1:19:ba:8c:d8:4c:8b:3b:2f:32:39:
44:80:04:4f:25:9d:2b:c6:30:f3:57:9b:d6:76:80:24:8a:92:
33:4f:8a:52:9a:b9:f3:82:7d:b7:6b:4a:ad:d8:a5:d2:22:69:
e8:53:d6:46:f7:1f:13:41:fa:04:b3:cb:64:8d:04:65:11:79:
26:8d:de:27:fa:3b:bd:c8:66:ab:51:6d:83:be:45:06:88:ed:
87:5c:8d:8d:df:da:bc:51:ae:a2:4c:95:8b:85:a4:11:f9:bb:
a9:1f:d7:1b:02:5e:e9:97:49:df:3f:07:4e:e5:30:76:ef:d2:
c6:99:6c:f7:3e:42:58:26:0f:44:9b:cb:94:aa:89:48:83:68:
6d:69:0a:d8:a6:01:39:3d:ea:7c:f8:28:58:64:09:99:ab:dd:
a4:7d:4d:2c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhsd60LHoqM2WewRyeRm21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OWRiZjNjNDQ0NjhlNTI0MTFkNDg2MTg1NmJmMGJkYzc5
MDYzZTQwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzliY2VhOWZmMjMwYTI4ZTRmZWM3MmFmMjRlMzg0MDRlMTk3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYrYyALTjdoyX6cVt8Dk8RD0gVMy
ew2ZWIZ+vYUakdx/XoRb1G73wyPmiOOJimRb+hPUSsLi0DJDdqqoTtXO95hfiNdK
/7K5qsWZ9soWTrc8woMi2l9HFfwgjw/StN/lDun2C2311VRK3Bqp5W5M3vucxQ8V
8gNr897o3p+RO58SpsNR420Fp8QlrE9UwYsXRM0dsh/CI/CGfICiP64yeavBYf+L
ivGjVG6JiW3M07C/mdjwjYDxwtUEQZlxbmkMUOrIf7M0A7MZUok/J8xce5BzuJqg
2676yynr7pwoNqXBtZQCQjjuLkt1w7p0NmQoMMoZEEgBm2rJMP3YIxMmIwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOybzqn/Iwoo5P7HKvJOOEBOGXCYMB8GA1UdIwQY
MBaAFOSdvzxERo5SQR1IYYVr8L3HkGPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMt
NWNhZGJkY2YyMjE1LzEvN0p2T3FmOGpDaWprX3NjcThrNDRRRTRaY0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMtNWNhZGJkY2YyMjE1
LzEvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuWzcAwQB
uWzeMA8EAgACMAkDBwAqAOAAAAAwDQYJKoZIhvcNAQELBQADggEBAKM3zjYfcda6
io6TbmU5/ExBdzTb+HcVYD15HIgXEDXPg2wCr/G1SEech7C8xGN1cuQ2oPgyV+L4
suA5+/9bNy7W3QSMdeiOjVRj1i6d87BTUYHH5Tz0pVveIiNvEwlAr7HBGbqM2EyL
Oy8yOUSABE8lnSvGMPNXm9Z2gCSKkjNPilKaufOCfbdrSq3YpdIiaehT1kb3HxNB
+gSzy2SNBGUReSaN3if6O73IZqtRbYO+RQaI7YdcjY3f2rxRrqJMlYuFpBH5u6kf
1xsCXumXSd8/B07lMHbv0saZbPc+QlgmD0Sby5SqiUiDaG1pCtimATk96nz4KFhk
CZmr3aR9TSw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:49:49 2025 by rpki-client