Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/J7XTvcN1MW518JWo3pumgkIR1Qs.roa
File: J7XTvcN1MW518JWo3pumgkIR1Qs.roa (raw, json)
Hash identifier: SdCNBkFRyN5y9hoeTIHABB2iuWEfHwlmwXNsAfXpH+w=
Subject key identifier: 27:B5:D3:BD:C3:75:31:6E:75:F0:95:A8:DE:9B:A6:82:42:11:D5:0B
Certificate issuer: /CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Certificate serial: 01942823EA8C46451A8BFA7A42B3B1A27528
Authority key identifier: 98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/J7XTvcN1MW518JWo3pumgkIR1Qs.roa
Signing time: Thu 02 Jan 2025 17:50:29 +0000
ROA not before: Thu 02 Jan 2025 17:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8875
IP address blocks: 185.219.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:ea:8c:46:45:1a:8b:fa:7a:42:b3:b1:a2:75:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Validity
Not Before: Jan 2 17:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27b5d3bdc375316e75f095a8de9ba6824211d50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:4d:74:28:d2:aa:12:9a:b6:93:bd:78:68:
49:af:3f:67:58:fc:6c:9c:cf:1c:f3:0f:0e:ac:95:
0d:a2:a1:44:43:27:ed:69:eb:63:14:3f:38:bc:35:
e6:d9:e3:c3:1e:e2:fc:8e:49:66:64:af:2c:c7:3f:
e4:d3:d8:82:ac:94:bd:24:e1:47:27:8c:1a:23:14:
76:c4:2b:23:d0:fe:ab:4a:5b:08:c2:7c:6d:f8:c2:
aa:ef:ee:2c:e1:ee:4b:de:8b:28:a7:cb:2b:2f:d7:
b2:82:44:f6:11:2b:4e:84:d2:69:7b:3e:48:1a:e0:
16:e5:41:21:f1:f7:08:1d:9b:b5:0f:2d:f9:28:9e:
51:39:ce:a7:74:25:a2:7d:32:e7:b8:95:df:5f:71:
28:01:90:68:d1:aa:88:02:d9:5a:7c:0a:52:5c:3d:
24:48:12:bc:0f:10:f6:32:ef:aa:11:b6:d4:3e:ac:
4e:a0:23:19:3d:74:79:75:8a:85:dd:30:fb:9d:77:
dd:5b:ce:e1:62:34:4a:72:a4:be:c5:fc:ec:ab:6d:
8b:5b:e1:4c:4b:7e:f7:9b:89:e8:3a:e8:9e:e3:a1:
0b:64:eb:3d:1c:a8:ec:ca:7f:38:e2:76:6c:26:1e:
c6:c7:e5:64:75:82:61:6a:ec:72:27:d0:5f:df:80:
14:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B5:D3:BD:C3:75:31:6E:75:F0:95:A8:DE:9B:A6:82:42:11:D5:0B
X509v3 Authority Key Identifier:
keyid:98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/J7XTvcN1MW518JWo3pumgkIR1Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/mOL0q6C8mz46sYVkl6QAcZcbcEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.152.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:9c:63:0d:63:05:b7:93:b9:0e:47:7c:79:ce:f2:8e:13:2e:
22:c5:42:3c:6d:9b:92:1b:55:f1:31:df:59:ea:40:44:6d:da:
c6:fb:a3:a0:8a:75:ad:af:b2:9f:fc:d7:09:90:bc:f6:2b:71:
58:4c:35:54:21:61:54:fd:55:a2:1e:91:24:e7:17:b8:26:ab:
8e:93:6f:cd:4e:32:f6:c9:e0:df:7e:f8:6e:09:50:4a:82:e2:
ac:57:26:7a:50:91:e5:6b:97:b6:9a:e6:1a:fa:51:7d:e4:8d:
4e:d9:5f:83:f5:d9:29:ba:c2:1e:a8:53:b3:de:12:05:bb:b5:
ca:bc:34:0e:cb:d7:e4:fa:a3:6e:2d:b9:87:91:87:2e:38:35:
79:97:3a:d5:3c:b1:8f:9a:00:30:79:30:e0:3c:f7:4f:70:21:
ff:21:5d:9b:5f:b5:7f:5b:49:ee:92:3e:4c:46:87:c3:ee:86:
72:65:c9:e1:c1:91:20:60:8d:cf:7d:47:41:02:0e:ca:00:9e:
b4:11:b6:21:f8:af:cf:63:a0:16:d0:96:ea:73:b7:84:c0:ad:
52:c0:fc:bc:cc:22:80:89:a2:34:f1:35:9d:20:a6:c6:24:0c:
41:91:f3:16:53:a3:76:50:4c:1e:ea:74:7a:f2:61:57:f7:0b:
ab:44:be:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI+qMRkUai/p6QrOxonUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZTJmNGFiYTBiYzliM2UzYWIxODU2NDk3YTQwMDcxOTcx
YjcwNGEwHhcNMjUwMTAyMTc1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2I1ZDNiZGMzNzUzMTZlNzVmMDk1YThkZTliYTY4MjQyMTFkNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYdNdCjSqhKatpO9eGhJrz9nWPxs
nM8c8w8OrJUNoqFEQyftaetjFD84vDXm2ePDHuL8jklmZK8sxz/k09iCrJS9JOFH
J4waIxR2xCsj0P6rSlsIwnxt+MKq7+4s4e5L3osop8srL9eygkT2EStOhNJpez5I
GuAW5UEh8fcIHZu1Dy35KJ5ROc6ndCWifTLnuJXfX3EoAZBo0aqIAtlafApSXD0k
SBK8DxD2Mu+qEbbUPqxOoCMZPXR5dYqF3TD7nXfdW87hYjRKcqS+xfzsq22LW+FM
S373m4noOuie46ELZOs9HKjsyn844nZsJh7Gx+VkdYJhauxyJ9Bf34AUKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCe1073DdTFudfCVqN6bpoJCEdULMB8GA1UdIwQY
MBaAFJji9KugvJs+OrGFZJekAHGXG3BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9MMHE2QzhtejQ2c1lWa2w2UUFjWmNiY0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS85MmQ1NjQtNWQwOS00MjhlLWFmODAt
ODg4MjE5OWJjY2I0LzEvSjdYVHZjTjFNVzUxOEpXbzNwdW1na0lSMVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS85MmQ1NjQtNWQwOS00MjhlLWFmODAtODg4MjE5OWJjY2I0
LzEvbU9MMHE2QzhtejQ2c1lWa2w2UUFjWmNiY0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuduYMA0G
CSqGSIb3DQEBCwUAA4IBAQCdnGMNYwW3k7kOR3x5zvKOEy4ixUI8bZuSG1XxMd9Z
6kBEbdrG+6OginWtr7Kf/NcJkLz2K3FYTDVUIWFU/VWiHpEk5xe4JquOk2/NTjL2
yeDffvhuCVBKguKsVyZ6UJHla5e2muYa+lF95I1O2V+D9dkpusIeqFOz3hIFu7XK
vDQOy9fk+qNuLbmHkYcuODV5lzrVPLGPmgAweTDgPPdPcCH/IV2bX7V/W0nukj5M
RofD7oZyZcnhwZEgYI3PfUdBAg7KAJ60EbYh+K/PY6AW0Jbqc7eEwK1SwPy8zCKA
iaI08TWdIKbGJAxBkfMWU6N2UEwe6nR68mFX9wurRL6L
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:09 2025 by rpki-client