Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
File: 3139342e33312e3139352e302f32342d3234203d3e203334393933.roa (raw, json)
Hash identifier: u4qzpzCcpcy7ZWgFmuZevTcx8Lt6OWg/1tciNCqCqYM=
Subject key identifier: 24:D4:7F:1F:E8:F3:16:E4:56:47:FD:A7:BC:57:09:AC:DA:4E:7F:94
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 4E824F4E863907391C5B219E0C266E29BE0E56DC
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
Signing time: Mon 10 Feb 2025 22:53:55 +0000
ROA not before: Mon 10 Feb 2025 22:48:55 +0000
ROA not after: Mon 09 Feb 2026 22:53:55 +0000
asID: 34993
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:82:4f:4e:86:39:07:39:1c:5b:21:9e:0c:26:6e:29:be:0e:56:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 10 22:48:55 2025 GMT
Not After : Feb 9 22:53:55 2026 GMT
Subject: CN=24D47F1FE8F316E45647FDA7BC5709ACDA4E7F94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4a:d5:3b:9a:66:1e:9b:36:7e:dd:37:9c:c5:
bd:9f:b6:f3:1c:f3:d5:9b:f2:07:c5:58:c6:69:1b:
ff:77:4a:73:dd:03:33:72:e7:d5:06:7b:7a:b8:3e:
4b:77:a0:6e:ec:2b:36:76:37:4e:71:2c:10:7b:25:
2f:6f:40:63:f3:2a:ee:61:de:98:15:a8:7f:c4:37:
9c:0e:a6:cd:98:b0:57:f7:c0:3e:30:df:db:c7:97:
ab:8f:2d:28:e9:e0:bd:5d:b4:e0:89:0b:c8:d2:ce:
01:16:1d:39:86:b6:35:94:f3:c9:ec:66:4b:01:29:
ed:d7:4c:8b:de:63:df:98:e6:9b:60:2f:d0:1d:9f:
63:aa:62:f1:02:b3:d1:93:cf:84:38:03:4c:66:cc:
21:99:54:11:c3:81:6a:c1:e0:76:fe:79:7e:6a:8c:
86:89:8a:20:07:4f:13:e7:c1:cc:95:6f:d0:fe:9b:
2b:c3:d0:ec:7b:b5:e8:90:bf:c0:70:6f:c1:5e:fe:
6d:e1:5c:c1:31:12:4a:83:16:4d:e8:5f:01:73:b8:
92:c3:ff:40:84:11:03:db:cc:da:5d:0f:33:af:1c:
fc:fb:f7:67:45:d6:26:b5:70:cc:aa:5a:62:13:3a:
fa:b2:c5:f6:18:5c:df:2a:f3:c7:a6:85:e6:bc:93:
bf:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D4:7F:1F:E8:F3:16:E4:56:47:FD:A7:BC:57:09:AC:DA:4E:7F:94
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:11:04:a3:6f:97:0c:69:59:a8:b9:0d:f5:4d:91:8d:11:41:
b0:33:b1:49:e7:ee:7e:0c:ec:34:53:fa:3c:ae:54:b2:be:5a:
66:e1:dd:bc:db:84:bb:22:ef:a4:23:4e:b5:bc:f5:4e:ea:32:
9f:c8:a5:7b:c7:34:f1:d8:a6:05:51:e8:3a:9a:d1:12:fa:ef:
08:08:76:87:70:d9:51:21:38:d6:81:d7:3f:6d:53:82:6a:82:
5b:22:28:da:7f:11:45:fa:69:91:7f:ae:15:40:04:2f:d6:bd:
2a:ce:c8:4b:f9:88:1b:e6:6c:0b:44:91:60:e3:25:66:11:3b:
34:8c:7c:7b:21:83:09:b8:1b:fb:37:00:19:83:5b:27:84:f1:
ff:b1:79:48:30:76:72:96:9d:64:fe:5b:18:c3:c8:7f:c1:c7:
67:50:a1:bd:12:e0:4d:8c:7c:ea:2c:1b:0c:a3:6d:f7:79:a9:
bf:c2:a1:a0:24:3a:e9:52:81:57:ae:c0:49:ce:6c:88:66:c6:
b4:e0:ef:5d:e2:8c:61:13:0c:a9:6f:48:b9:c3:19:8c:8b:5d:
e2:51:59:ee:e0:34:1f:de:19:e7:91:f5:99:4f:bb:57:13:8f:
64:81:f1:f6:b4:33:93:af:0e:ee:fb:04:65:a9:ef:bf:b7:6a:
ce:f7:c5:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUToJPToY5BzkcWyGeDCZuKb4OVtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMTAyMjQ4NTVaFw0yNjAyMDkyMjUzNTVaMDMxMTAvBgNV
BAMTKDI0RDQ3RjFGRThGMzE2RTQ1NjQ3RkRBN0JDNTcwOUFDREE0RTdGOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClStU7mmYemzZ+3Tecxb2ftvMc
89Wb8gfFWMZpG/93SnPdAzNy59UGe3q4Pkt3oG7sKzZ2N05xLBB7JS9vQGPzKu5h
3pgVqH/EN5wOps2YsFf3wD4w39vHl6uPLSjp4L1dtOCJC8jSzgEWHTmGtjWU88ns
ZksBKe3XTIveY9+Y5ptgL9Adn2OqYvECs9GTz4Q4A0xmzCGZVBHDgWrB4Hb+eX5q
jIaJiiAHTxPnwcyVb9D+myvD0Ox7teiQv8Bwb8Fe/m3hXMExEkqDFk3oXwFzuJLD
/0CEEQPbzNpdDzOvHPz792dF1ia1cMyqWmITOvqyxfYYXN8q88emhea8k78XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJNR/H+jzFuRWR/2nvFcJrNpOf5QwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM0MzkzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/DMA0GCSqGSIb3DQEBCwUAA4IBAQB6EQSjb5cMaVmouQ31TZGNEUGwM7FJ5+5+
DOw0U/o8rlSyvlpm4d2824S7Iu+kI061vPVO6jKfyKV7xzTx2KYFUeg6mtES+u8I
CHaHcNlRITjWgdc/bVOCaoJbIijafxFF+mmRf64VQAQv1r0qzshL+Ygb5mwLRJFg
4yVmETs0jHx7IYMJuBv7NwAZg1snhPH/sXlIMHZylp1k/lsYw8h/wcdnUKG9EuBN
jHzqLBsMo233eam/wqGgJDrpUoFXrsBJzmyIZsa04O9d4oxhEwypb0i5wxmMi13i
UVnu4DQf3hnnkfWZT7tXE49kgfH2tDOTrw7u+wRlqe+/t2rO98Uj
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:20 2025 by rpki-client