Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/JQpnjsOMpFiQQJOrjnkEWtt3EFI.roa
File: JQpnjsOMpFiQQJOrjnkEWtt3EFI.roa (raw, json)
Hash identifier: 4t67VWbmiq9bprri9rSmGg0uFh9lfRFrW2ITm8UtRrg=
Subject key identifier: 25:0A:67:8E:C3:8C:A4:58:90:40:93:AB:8E:79:04:5A:DB:77:10:52
Certificate issuer: /CN=7e86dcde711d545353974b33955108d9df40b6e9
Certificate serial: 019420D5B5C39CC0BD2F51D8F20D8B9F7FBB
Authority key identifier: 7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/JQpnjsOMpFiQQJOrjnkEWtt3EFI.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199803
IP address blocks: 185.138.108.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b5:c3:9c:c0:bd:2f:51:d8:f2:0d:8b:9f:7f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e86dcde711d545353974b33955108d9df40b6e9
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=250a678ec38ca458904093ab8e79045adb771052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:36:c8:36:3e:19:e5:e5:c7:7b:3c:01:ac:
d7:22:18:ff:2e:5a:de:f6:b0:25:74:51:c0:a4:a6:
ca:29:e4:d3:a6:eb:88:ba:4b:fa:73:34:4b:e0:4a:
73:17:8f:92:cc:f8:b1:fe:0e:f7:a2:15:71:0e:bb:
e0:4f:e6:49:96:7b:18:cf:25:44:2b:58:7a:c6:a6:
76:e3:fc:15:b1:da:f5:3b:de:be:01:bf:fa:b5:61:
be:d0:8d:0b:19:31:17:04:89:c8:05:bc:cb:94:66:
70:cb:f2:1c:aa:95:33:5e:42:84:b7:56:34:38:b9:
d4:cb:7d:5c:00:34:d8:b8:d5:82:d1:90:d0:1a:26:
fe:29:f3:d1:54:2b:4a:8b:4c:9e:b0:1c:f7:b4:70:
2f:be:fc:51:f6:48:a6:23:7e:2e:57:92:3c:59:68:
49:25:49:20:3f:b2:a8:15:ca:cd:0b:f6:54:9d:9c:
99:4c:4a:f1:ff:22:15:f2:8c:3d:e2:64:22:43:bb:
ac:9c:7f:35:b1:ec:23:df:17:eb:00:d6:6f:b7:63:
cd:bf:49:7b:2e:21:9c:12:c1:98:82:08:94:5a:ca:
3f:50:42:8e:a3:22:12:03:f1:7e:a3:02:36:ab:6f:
65:ff:02:b1:df:a4:08:ce:18:39:50:36:31:a9:66:
80:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0A:67:8E:C3:8C:A4:58:90:40:93:AB:8E:79:04:5A:DB:77:10:52
X509v3 Authority Key Identifier:
keyid:7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/JQpnjsOMpFiQQJOrjnkEWtt3EFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/fobc3nEdVFNTl0szlVEI2d9Atuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.108.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:1b:54:7c:b4:9e:7a:71:d1:77:30:5a:ce:c6:70:60:cb:b1:
f7:5a:67:fe:c2:77:63:4d:cf:c0:70:ce:0d:50:dc:f2:cc:0a:
6e:20:72:08:12:eb:9c:a9:36:ca:c1:1c:83:c0:31:b1:01:19:
b3:8f:ca:77:17:da:e9:7b:7e:fa:f7:3b:58:af:49:72:97:17:
87:9c:2b:ff:a8:be:b0:70:e8:96:61:21:ed:d2:14:48:bc:2c:
f6:e0:d3:7d:60:83:19:75:83:a0:cb:2f:6f:2d:d0:82:8f:b6:
f1:c8:90:3d:b4:85:2f:87:e3:d2:e7:2e:8e:db:5d:28:ca:e6:
16:98:66:11:63:45:a3:a7:df:ec:8e:70:34:bf:2e:d9:ba:e7:
59:6d:45:66:f5:1f:af:07:56:fb:61:eb:f4:71:38:97:e8:f4:
33:bd:88:ef:25:f2:9e:8b:a7:0c:be:48:2d:54:5d:c0:40:50:
29:e4:8d:00:f2:62:b2:8b:5f:95:d8:a0:79:88:c8:7c:8b:d9:
64:ab:ad:18:84:d9:6b:ea:0a:b6:a4:7c:87:39:65:7d:f9:73:
a3:68:b2:84:55:76:cb:74:7a:f8:81:12:41:99:50:ff:82:6c:
0b:dd:71:55:1f:9f:84:0f:e1:e9:d9:58:94:e0:0a:66:d7:36:
ac:b3:30:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1bXDnMC9L1HY8g2Ln3+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlODZkY2RlNzExZDU0NTM1Mzk3NGIzMzk1NTEwOGQ5ZGY0
MGI2ZTkwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBhNjc4ZWMzOGNhNDU4OTA0MDkzYWI4ZTc5MDQ1YWRiNzcxMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6s2yDY+GeXlx3s8AazXIhj/Llre
9rAldFHApKbKKeTTpuuIukv6czRL4EpzF4+SzPix/g73ohVxDrvgT+ZJlnsYzyVE
K1h6xqZ24/wVsdr1O96+Ab/6tWG+0I0LGTEXBInIBbzLlGZwy/IcqpUzXkKEt1Y0
OLnUy31cADTYuNWC0ZDQGib+KfPRVCtKi0yesBz3tHAvvvxR9kimI34uV5I8WWhJ
JUkgP7KoFcrNC/ZUnZyZTErx/yIV8ow94mQiQ7usnH81sewj3xfrANZvt2PNv0l7
LiGcEsGYggiUWso/UEKOoyISA/F+owI2q29l/wKx36QIzhg5UDYxqWaAdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUKZ47DjKRYkECTq455BFrbdxBSMB8GA1UdIwQY
MBaAFH6G3N5xHVRTU5dLM5VRCNnfQLbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm9iYzNuRWRWRk5UbDBzemxWRUkyZDlBdHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82M2U0MTMtMzVjYS00OWUwLTgyODUt
MzVmMWE5MDg4YjQyLzEvSlFwbmpzT01wRmlRUUpPcmpua0VXdHQzRUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82M2U0MTMtMzVjYS00OWUwLTgyODUtMzVmMWE5MDg4YjQy
LzEvZm9iYzNuRWRWRk5UbDBzemxWRUkyZDlBdHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYpsMA0G
CSqGSIb3DQEBCwUAA4IBAQCcG1R8tJ56cdF3MFrOxnBgy7H3Wmf+wndjTc/AcM4N
UNzyzApuIHIIEuucqTbKwRyDwDGxARmzj8p3F9rpe3769ztYr0lylxeHnCv/qL6w
cOiWYSHt0hRIvCz24NN9YIMZdYOgyy9vLdCCj7bxyJA9tIUvh+PS5y6O210oyuYW
mGYRY0Wjp9/sjnA0vy7ZuudZbUVm9R+vB1b7Yev0cTiX6PQzvYjvJfKei6cMvkgt
VF3AQFAp5I0A8mKyi1+V2KB5iMh8i9lkq60YhNlr6gq2pHyHOWV9+XOjaLKEVXbL
dHr4gRJBmVD/gmwL3XFVH5+ED+Hp2ViU4Apm1zasszBi
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:54:08 2025 by rpki-client