Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e203231383539.roa
File: 3130392e3233342e3231322e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: diQRASQkPTWUXKiBml6BzeJ9LDVpqvRcV2AZKe4Sd4c=
Subject key identifier: 94:CB:E3:76:53:08:58:8E:B3:4B:BA:C7:B1:68:05:B7:AA:55:C7:A6
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 594C84C7E14C943E828FA1F8BB31B338F2DFFF44
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e203231383539.roa
Signing time: Tue 11 Feb 2025 01:56:57 +0000
ROA not before: Tue 11 Feb 2025 01:51:57 +0000
ROA not after: Tue 10 Feb 2026 01:56:57 +0000
asID: 21859
IP address blocks: 109.234.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:4c:84:c7:e1:4c:94:3e:82:8f:a1:f8:bb:31:b3:38:f2:df:ff:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 11 01:51:57 2025 GMT
Not After : Feb 10 01:56:57 2026 GMT
Subject: CN=94CBE3765308588EB34BBAC7B16805B7AA55C7A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4d:a9:ba:ea:4d:05:c3:6f:dc:37:24:97:8d:
a0:77:f7:bd:95:80:39:5d:ce:b8:a4:bf:ba:e9:f1:
1f:90:17:42:b1:e2:69:ad:b8:f3:b3:3e:80:84:a0:
26:35:a5:28:cc:9d:e1:8d:ea:7b:15:62:6b:7b:11:
b8:7e:ea:54:ef:db:a6:34:00:2a:34:31:8f:6c:ec:
8d:ac:43:13:12:74:5e:a2:91:3f:e8:07:46:9f:69:
2f:71:15:c5:c8:73:c1:2c:32:e9:4a:b8:46:74:71:
b8:0a:28:d7:14:d6:d4:4e:0f:03:f7:69:cc:9d:1d:
e2:13:a5:15:0e:09:9f:e6:fd:c1:2b:e7:0a:8a:7f:
4b:5b:40:b4:07:2c:f6:ed:2f:49:db:fe:18:56:40:
3b:91:cd:01:21:5a:9f:a7:70:d6:fc:3e:aa:e0:2b:
d1:2a:53:47:1b:c7:d5:9f:9c:e3:10:66:be:50:be:
56:d1:f7:12:c8:1f:12:ab:3b:d5:ea:67:b1:18:8a:
cf:da:da:99:17:c2:12:9f:e9:9f:dc:75:f3:20:63:
e7:09:68:f9:59:0f:c6:1d:04:7f:e5:b3:d9:a1:51:
fb:73:fd:88:ca:db:7f:be:af:46:f8:cb:1e:b6:49:
10:9c:72:ff:18:2c:69:d0:de:58:9a:a8:a2:fb:35:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CB:E3:76:53:08:58:8E:B3:4B:BA:C7:B1:68:05:B7:AA:55:C7:A6
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:82:b2:fa:c2:d1:9f:8a:0a:1e:f1:fb:2b:18:b9:cb:56:f4:
27:26:3e:3d:0c:76:17:43:9a:18:58:fb:90:b3:fd:5f:e7:65:
6b:0e:87:87:97:c4:39:9c:a1:eb:e3:a2:f3:52:6c:12:9f:ad:
4b:f8:2f:a6:77:6c:d2:f9:9c:d0:c6:15:c4:ad:18:57:16:7e:
d8:ff:e8:ae:ab:bf:6c:51:5f:f4:24:ac:16:22:4d:0f:ab:b8:
7f:ec:52:db:d7:1c:ce:03:2a:9f:f5:93:12:cc:b4:79:e4:04:
e9:bc:71:d6:21:92:de:cc:8b:70:24:8f:c1:44:38:25:f7:34:
e5:13:0b:54:cc:58:8a:7c:f3:4f:12:d7:6b:ed:b0:11:c4:86:
5b:ac:3e:27:8b:2a:e7:c8:d1:3e:2e:6a:d7:73:4d:43:a1:a3:
8e:fa:b9:7c:e2:2a:77:08:b1:04:62:e4:58:1d:f4:64:82:82:
b8:b0:77:a5:09:af:e9:dc:3f:42:1e:56:42:3e:2e:19:ef:71:
15:1e:4c:24:83:2d:f0:b0:e3:cb:b6:d4:f9:1f:9f:da:7f:69:
df:bc:3d:f1:91:81:a7:49:05:7a:45:24:2d:a8:0c:a1:43:a5:
55:03:bf:59:44:49:d8:c6:53:61:87:6e:64:b2:bf:2d:5b:4b:
13:5b:c8:07
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWUyEx+FMlD6Cj6H4uzGzOPLf/0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAyMTEwMTUxNTdaFw0yNjAyMTAwMTU2NTdaMDMxMTAvBgNV
BAMTKDk0Q0JFMzc2NTMwODU4OEVCMzRCQkFDN0IxNjgwNUI3QUE1NUM3QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Tam66k0Fw2/cNySXjaB3972V
gDldzrikv7rp8R+QF0Kx4mmtuPOzPoCEoCY1pSjMneGN6nsVYmt7Ebh+6lTv26Y0
ACo0MY9s7I2sQxMSdF6ikT/oB0afaS9xFcXIc8EsMulKuEZ0cbgKKNcU1tRODwP3
acydHeITpRUOCZ/m/cEr5wqKf0tbQLQHLPbtL0nb/hhWQDuRzQEhWp+ncNb8Pqrg
K9EqU0cbx9WfnOMQZr5QvlbR9xLIHxKrO9XqZ7EYis/a2pkXwhKf6Z/cdfMgY+cJ
aPlZD8YdBH/ls9mhUftz/YjK23++r0b4yx62SRCccv8YLGnQ3liaqKL7NcMdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlMvjdlMIWI6zS7rHsWgFt6pVx6YwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt6tQwDQYJKoZIhvcNAQELBQADggEBAAuCsvrC0Z+KCh7x+ysYuctW9CcmPj0M
dhdDmhhY+5Cz/V/nZWsOh4eXxDmcoevjovNSbBKfrUv4L6Z3bNL5nNDGFcStGFcW
ftj/6K6rv2xRX/QkrBYiTQ+ruH/sUtvXHM4DKp/1kxLMtHnkBOm8cdYhkt7Mi3Ak
j8FEOCX3NOUTC1TMWIp8808S12vtsBHEhlusPieLKufI0T4uatdzTUOho476uXzi
KncIsQRi5Fgd9GSCgriwd6UJr+ncP0IeVkI+LhnvcRUeTCSDLfCw48u21Pkfn9p/
ad+8PfGRgadJBXpFJC2oDKFDpVUDv1lESdjGU2GHbmSyvy1bSxNbyAc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:54:18 2025 by rpki-client