Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
File: 3139342e33312e3139362e302f32342d3234203d3e203236303432.roa (raw, json)
Hash identifier: qD/DCStq18VBTmVBWLBlQXfh7vnINoDBBBUYCw3Mifo=
Subject key identifier: C9:2E:6D:E9:13:85:4A:6D:3D:05:29:03:99:B9:11:9B:F2:DE:5F:0A
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 4AC1227252993CE877C2D9578FCF84A7ABC70F10
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
Signing time: Fri 17 Jan 2025 15:53:51 +0000
ROA not before: Fri 17 Jan 2025 15:48:51 +0000
ROA not after: Fri 16 Jan 2026 15:53:51 +0000
asID: 26042
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c1:22:72:52:99:3c:e8:77:c2:d9:57:8f:cf:84:a7:ab:c7:0f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 17 15:48:51 2025 GMT
Not After : Jan 16 15:53:51 2026 GMT
Subject: CN=C92E6DE913854A6D3D05290399B9119BF2DE5F0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:94:01:58:8d:c5:44:80:b2:ca:e1:46:58:
8c:90:54:db:8d:6b:59:33:d5:aa:21:85:fd:48:fd:
42:61:f9:e9:75:9c:81:34:02:e1:ed:a2:13:27:40:
d9:3f:f2:c7:0c:71:f7:64:9a:64:a2:45:c2:d1:92:
e5:51:4b:92:5f:c8:9a:d4:2b:15:53:76:bb:59:7c:
fb:ba:90:f3:25:db:3a:26:5f:70:26:e9:0c:7d:45:
b7:15:84:9f:4e:3e:e4:da:27:3f:72:62:22:88:e3:
21:b4:0a:59:47:18:4c:a7:45:ab:31:57:99:d2:30:
d9:e2:47:65:12:8e:5e:61:d3:c8:05:17:47:1c:c8:
a5:54:92:b8:d2:f9:87:6d:10:2a:d1:3e:5b:96:87:
ed:06:0f:52:f1:29:99:b3:e8:36:ea:4a:0a:0d:63:
c5:13:23:e8:f6:42:05:08:4d:0e:87:12:99:61:22:
60:35:33:93:70:b6:75:c7:9d:55:30:9d:77:bd:2d:
ef:96:f6:8a:4c:74:f2:a4:d9:af:58:a3:96:8b:a7:
11:8a:e5:3c:61:28:28:a0:96:fb:68:dc:25:02:4c:
13:7f:69:03:41:29:a5:9a:8e:04:4c:4c:b9:1f:4a:
30:89:87:b4:5d:81:e8:1f:02:58:e1:40:7c:fd:95:
46:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2E:6D:E9:13:85:4A:6D:3D:05:29:03:99:B9:11:9B:F2:DE:5F:0A
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d5:40:de:b9:a3:f1:81:9b:fa:5f:1f:7b:88:35:e9:ce:31:
5a:f3:7e:ac:13:64:a9:ce:c5:a1:8e:58:28:2e:52:e9:aa:ad:
d1:8c:a5:e5:c5:0d:bb:ba:9b:b1:c8:3e:c8:11:be:6a:b9:a8:
b1:a9:33:ab:e9:6f:b1:c0:af:5d:0d:db:8f:c7:61:e5:80:f4:
32:84:8a:a0:f8:95:f6:9c:35:aa:c9:4f:f0:46:db:ac:af:70:
d3:cc:58:85:3d:82:f1:8a:3d:20:9e:a5:ee:f4:ef:90:55:15:
c6:a8:0d:84:e2:c9:a4:2d:e3:e8:06:09:d3:af:49:cc:5d:89:
d1:a8:01:ec:8d:57:87:2d:ce:03:ee:8a:b4:33:a4:b7:db:b2:
55:d8:43:89:69:60:50:88:89:6f:93:c7:49:38:58:c6:eb:e9:
4f:14:bf:71:4f:3f:3f:a6:7b:1e:dd:2a:2b:c6:29:8b:f7:d6:
22:f5:21:96:9a:f7:14:c5:ae:cc:3c:91:23:34:61:52:8f:37:
8f:54:f8:68:e3:96:c3:8b:f1:49:fd:78:1a:70:6a:74:a8:15:
b6:23:d5:10:62:95:35:04:40:41:53:53:94:6f:ed:da:b5:be:
ea:62:e1:26:9c:2c:40:a9:e8:83:5b:f9:d5:b8:2e:78:37:49:
9e:3a:04:c2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSsEiclKZPOh3wtlXj8+Ep6vHDxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMTcxNTQ4NTFaFw0yNjAxMTYxNTUzNTFaMDMxMTAvBgNV
BAMTKEM5MkU2REU5MTM4NTRBNkQzRDA1MjkwMzk5QjkxMTlCRjJERTVGMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh/ZQBWI3FRICyyuFGWIyQVNuN
a1kz1aohhf1I/UJh+el1nIE0AuHtohMnQNk/8scMcfdkmmSiRcLRkuVRS5JfyJrU
KxVTdrtZfPu6kPMl2zomX3Am6Qx9RbcVhJ9OPuTaJz9yYiKI4yG0CllHGEynRasx
V5nSMNniR2USjl5h08gFF0ccyKVUkrjS+YdtECrRPluWh+0GD1LxKZmz6DbqSgoN
Y8UTI+j2QgUITQ6HEplhImA1M5NwtnXHnVUwnXe9Le+W9opMdPKk2a9Yo5aLpxGK
5TxhKCiglvto3CUCTBN/aQNBKaWajgRMTLkfSjCJh7RdgegfAljhQHz9lUYdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyS5t6ROFSm09BSkDmbkRm/LeXwowHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzAzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/EMA0GCSqGSIb3DQEBCwUAA4IBAQAs1UDeuaPxgZv6Xx97iDXpzjFa836sE2Sp
zsWhjlgoLlLpqq3RjKXlxQ27upuxyD7IEb5quaixqTOr6W+xwK9dDduPx2HlgPQy
hIqg+JX2nDWqyU/wRtusr3DTzFiFPYLxij0gnqXu9O+QVRXGqA2E4smkLePoBgnT
r0nMXYnRqAHsjVeHLc4D7oq0M6S327JV2EOJaWBQiIlvk8dJOFjG6+lPFL9xTz8/
pnse3SorximL99Yi9SGWmvcUxa7MPJEjNGFSjzePVPho45bDi/FJ/XgacGp0qBW2
I9UQYpU1BEBBU1OUb+3atb7qYuEmnCxAqeiDW/nVuC54N0meOgTC
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:11:34 2025 by rpki-client