Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/jgMTcyosgm7FIVLeAPtI1RSjhVU.roa
File: jgMTcyosgm7FIVLeAPtI1RSjhVU.roa (raw, json)
Hash identifier: g2bFBV/1uz4ha4E7siEdgYNeYk8szBDsVWWKSTGKJE4=
Subject key identifier: 8E:03:13:73:2A:2C:82:6E:C5:21:52:DE:00:FB:48:D5:14:A3:85:55
Certificate issuer: /CN=0400d77ef9ea0ed2952be2f60fad3aecc2e168ac
Certificate serial: 01942823F0D3141058E1B7AB143939D8D501
Authority key identifier: 04:00:D7:7E:F9:EA:0E:D2:95:2B:E2:F6:0F:AD:3A:EC:C2:E1:68:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BADXfvnqDtKVK-L2D6067MLhaKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/jgMTcyosgm7FIVLeAPtI1RSjhVU.roa
Signing time: Thu 02 Jan 2025 17:50:31 +0000
ROA not before: Thu 02 Jan 2025 17:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59802
IP address blocks: 185.68.198.0/23 maxlen: 24
2a05:19c0:2::/47 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:f0:d3:14:10:58:e1:b7:ab:14:39:39:d8:d5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0400d77ef9ea0ed2952be2f60fad3aecc2e168ac
Validity
Not Before: Jan 2 17:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e0313732a2c826ec52152de00fb48d514a38555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d5:ed:8e:8a:f8:d4:ba:46:c3:9e:68:33:85:
a2:d9:8e:a1:c1:7c:bc:ca:fe:f3:bc:35:a2:c9:aa:
d2:33:8f:cd:50:90:d2:db:70:b8:5e:2e:33:b6:8c:
73:2a:fc:9c:72:b8:3d:aa:b2:a8:2e:f4:a6:15:fd:
57:20:e1:a8:73:54:90:de:c7:c7:0b:d2:e2:5f:ad:
dd:a0:bf:14:66:b7:69:af:30:55:bc:91:88:42:64:
7e:54:4f:47:d8:e3:7e:08:fe:7c:4a:7c:28:76:7e:
9d:c6:ae:be:ce:2f:28:4e:af:35:50:f6:8f:4c:62:
6d:ec:63:7c:ca:6c:8f:3e:08:03:3f:e5:fc:1c:f3:
d3:a7:84:48:e9:b4:3b:8c:14:c3:31:d5:68:20:9e:
46:09:3c:15:88:5f:72:40:c2:d5:96:43:e7:45:98:
7b:48:1e:2c:bc:83:ed:09:c5:75:22:72:7f:9f:b7:
8e:52:47:2b:46:30:bf:b3:bc:43:c7:79:86:e1:8e:
a0:3e:53:06:a8:91:60:22:c8:af:26:22:b2:b5:ee:
49:fa:b6:29:80:e5:57:0f:7c:31:1c:4d:b4:8f:cd:
9a:87:36:ac:67:0a:98:f4:86:f3:ba:22:bf:70:70:
b7:8c:4d:08:41:9c:19:a7:cc:ea:c9:96:9f:60:eb:
0d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:03:13:73:2A:2C:82:6E:C5:21:52:DE:00:FB:48:D5:14:A3:85:55
X509v3 Authority Key Identifier:
keyid:04:00:D7:7E:F9:EA:0E:D2:95:2B:E2:F6:0F:AD:3A:EC:C2:E1:68:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BADXfvnqDtKVK-L2D6067MLhaKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/jgMTcyosgm7FIVLeAPtI1RSjhVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/98c5c3-9928-4957-9448-a60138c1c046/1/BADXfvnqDtKVK-L2D6067MLhaKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.198.0/23
IPv6:
2a05:19c0:2::/47
Signature Algorithm: sha256WithRSAEncryption
41:3a:76:6c:6f:6b:a6:b4:2c:5c:25:8a:d3:0c:51:b9:3b:8f:
9e:22:c6:3c:ca:b8:6a:57:81:e4:f2:26:29:9b:43:ef:4b:20:
7f:a7:d1:dc:38:a4:5c:3e:f9:ef:f2:55:a6:18:b9:6a:b1:ee:
2f:7c:ad:b6:1c:e6:76:2c:f3:0b:30:cc:da:b7:7c:10:1a:1a:
07:39:85:23:3e:34:eb:ac:b0:64:41:f8:f5:97:fb:de:7e:14:
03:93:b9:76:5e:a7:b4:2b:b6:55:80:b8:98:16:91:71:4c:e6:
4e:ee:8b:99:af:26:bf:04:21:f3:9b:b5:d3:0e:bf:e7:e5:c0:
f4:17:15:32:27:4a:c1:83:bf:80:7c:d6:a3:f2:21:f4:ea:57:
79:b3:5b:7a:54:9a:5a:47:cc:9c:48:4e:fa:93:27:5d:86:5b:
10:cb:b7:63:12:19:19:37:bd:ed:f9:86:98:62:6f:99:46:ae:
40:bd:0d:5d:74:5a:77:df:57:a1:54:71:b0:84:cb:83:b9:d5:
e8:1d:03:f0:3e:1d:81:57:ce:59:cb:89:2c:93:55:23:d2:2f:
5e:a1:1e:dd:fa:67:79:26:85:2f:47:0c:5a:63:77:68:11:13:
6e:ee:87:a0:a6:ac:fc:56:e4:67:dc:f6:cd:80:9d:65:50:2a:
30:ba:ed:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoI/DTFBBY4berFDk52NUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MDBkNzdlZjllYTBlZDI5NTJiZTJmNjBmYWQzYWVjYzJl
MTY4YWMwHhcNMjUwMTAyMTc1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTAzMTM3MzJhMmM4MjZlYzUyMTUyZGUwMGZiNDhkNTE0YTM4NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNXtjor41LpGw55oM4Wi2Y6hwXy8
yv7zvDWiyarSM4/NUJDS23C4Xi4ztoxzKvyccrg9qrKoLvSmFf1XIOGoc1SQ3sfH
C9LiX63doL8UZrdprzBVvJGIQmR+VE9H2ON+CP58Snwodn6dxq6+zi8oTq81UPaP
TGJt7GN8ymyPPggDP+X8HPPTp4RI6bQ7jBTDMdVoIJ5GCTwViF9yQMLVlkPnRZh7
SB4svIPtCcV1InJ/n7eOUkcrRjC/s7xDx3mG4Y6gPlMGqJFgIsivJiKyte5J+rYp
gOVXD3wxHE20j82ahzasZwqY9IbzuiK/cHC3jE0IQZwZp8zqyZafYOsNyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI4DE3MqLIJuxSFS3gD7SNUUo4VVMB8GA1UdIwQY
MBaAFAQA13756g7SlSvi9g+tOuzC4WisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkFEWGZ2bnFEdEtWSy1MMkQ2MDY3TUxoYUt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85OGM1YzMtOTkyOC00OTU3LTk0NDgt
YTYwMTM4YzFjMDQ2LzEvamdNVGN5b3NnbTdGSVZMZUFQdEkxUlNqaFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85OGM1YzMtOTkyOC00OTU3LTk0NDgtYTYwMTM4YzFjMDQ2
LzEvQkFEWGZ2bnFEdEtWSy1MMkQ2MDY3TUxoYUt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuUTGMA8E
AgACMAkDBwEqBRnAAAIwDQYJKoZIhvcNAQELBQADggEBAEE6dmxva6a0LFwlitMM
Ubk7j54ixjzKuGpXgeTyJimbQ+9LIH+n0dw4pFw++e/yVaYYuWqx7i98rbYc5nYs
8wswzNq3fBAaGgc5hSM+NOussGRB+PWX+95+FAOTuXZep7QrtlWAuJgWkXFM5k7u
i5mvJr8EIfObtdMOv+flwPQXFTInSsGDv4B81qPyIfTqV3mzW3pUmlpHzJxITvqT
J12GWxDLt2MSGRk3ve35hphib5lGrkC9DV10WnffV6FUcbCEy4O51egdA/A+HYFX
zlnLiSyTVSPSL16hHt36Z3kmhS9HDFpjd2gRE27uh6CmrPxW5Gfc9s2AnWVQKjC6
7aE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:41:42 2025 by rpki-client