Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138362e302f32342d3234203d3e203239303636.roa
File: 352e3138312e3138362e302f32342d3234203d3e203239303636.roa (raw, json)
Hash identifier: 5g1iTpy4+Ocf7g6idB3LUlopM7lH9cpsMczTTuu+hV0=
Subject key identifier: 74:BC:28:C7:B3:1A:B5:15:72:81:1A:25:A1:29:28:20:12:90:09:0D
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2F9A8EB3209B1CAE1662D428FC195B7AED1A850E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138362e302f32342d3234203d3e203239303636.roa
Signing time: Thu 09 Jan 2025 04:53:51 +0000
ROA not before: Thu 09 Jan 2025 04:48:51 +0000
ROA not after: Thu 08 Jan 2026 04:53:51 +0000
asID: 29066
IP address blocks: 5.181.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:9a:8e:b3:20:9b:1c:ae:16:62:d4:28:fc:19:5b:7a:ed:1a:85:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 9 04:48:51 2025 GMT
Not After : Jan 8 04:53:51 2026 GMT
Subject: CN=74BC28C7B31AB51572811A25A12928201290090D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cd:59:65:a0:39:48:1b:41:fa:76:16:0d:28:
79:97:82:64:3c:ca:b7:0b:c6:5f:1c:f1:a0:12:e5:
c7:d7:25:07:3b:f4:3e:a6:68:6f:01:0b:34:fd:fa:
32:f5:b3:42:6d:d2:cf:78:c4:e2:49:f8:db:2e:d1:
3e:50:e5:c0:a5:b6:52:12:27:47:3f:88:05:9f:7e:
a6:8e:9c:7a:bc:79:db:7f:0a:27:38:db:98:c3:fd:
cb:be:ff:d5:a1:0c:ce:32:26:e9:56:b7:b8:44:85:
c6:e9:b9:24:b5:ef:ff:7d:10:67:69:d1:97:2c:84:
ca:04:f1:35:d5:57:6c:93:05:be:16:86:fa:92:a7:
46:ea:71:92:62:12:ac:0a:50:b8:15:50:d7:da:92:
09:71:db:3e:61:c1:d0:56:f3:4f:54:23:97:6f:e4:
bf:c6:45:e4:9a:d2:f2:e8:ff:77:00:b9:9f:ef:cb:
9d:c9:24:e4:57:d2:fc:05:68:e1:6c:b1:9f:8a:af:
57:c7:23:ca:f8:2c:24:b9:fc:fd:0d:a3:83:b2:23:
70:fe:60:2e:11:0a:df:a3:34:6e:1e:e8:48:c0:cd:
cd:75:ed:c9:37:5a:e7:17:35:40:52:b9:d6:b6:35:
ef:75:41:65:ac:e1:02:0b:3f:ac:f6:3a:f9:7b:a3:
01:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BC:28:C7:B3:1A:B5:15:72:81:1A:25:A1:29:28:20:12:90:09:0D
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138362e302f32342d3234203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.186.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:d9:d0:3c:78:25:25:f3:94:e6:21:16:dc:59:eb:54:1b:ba:
78:01:4a:9d:ca:49:4a:1a:b7:9a:5a:39:a7:05:10:35:fb:28:
50:87:fb:13:14:90:eb:d5:bf:9e:c5:5a:84:52:ee:54:ab:e2:
34:f4:ab:47:a8:60:dd:1c:ed:b9:72:28:2a:da:e9:f4:a2:63:
55:01:4a:c5:72:1b:a2:e9:f2:6c:af:ad:ab:1c:f3:5d:51:ee:
b1:e0:3c:03:29:66:41:37:6c:01:0a:72:7d:ce:d8:16:6e:4f:
d5:74:e4:3d:ea:c0:b2:c6:36:5a:07:1c:bb:c0:9e:29:8d:b7:
c4:69:e7:06:cc:86:e3:6f:d7:0b:b3:50:3e:75:4c:0c:35:1e:
a7:94:69:21:81:13:f4:28:d0:79:3b:f4:59:a4:3e:35:e2:10:
41:07:2b:5d:a9:43:ae:4a:c3:f1:08:16:86:60:5d:66:ca:ec:
84:b9:12:fb:de:c0:eb:7b:30:f7:2f:28:ad:9f:b5:b8:11:ae:
59:a1:10:4e:50:7f:69:8d:39:e2:00:e5:37:6e:4c:e8:d9:10:
ef:1f:07:a7:87:1c:f3:18:68:c2:c7:43:a3:6e:15:b7:ab:c4:
26:ed:9c:e6:65:0b:93:e5:47:32:6b:ad:2f:92:07:1c:0f:30:
ea:0b:b6:75
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUL5qOsyCbHK4WYtQo/Blbeu0ahQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMDkwNDQ4NTFaFw0yNjAxMDgwNDUzNTFaMDMxMTAvBgNV
BAMTKDc0QkMyOEM3QjMxQUI1MTU3MjgxMUEyNUExMjkyODIwMTI5MDA5MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8zVlloDlIG0H6dhYNKHmXgmQ8
yrcLxl8c8aAS5cfXJQc79D6maG8BCzT9+jL1s0Jt0s94xOJJ+Nsu0T5Q5cCltlIS
J0c/iAWffqaOnHq8edt/Cic425jD/cu+/9WhDM4yJulWt7hEhcbpuSS17/99EGdp
0ZcshMoE8TXVV2yTBb4WhvqSp0bqcZJiEqwKULgVUNfakglx2z5hwdBW809UI5dv
5L/GReSa0vLo/3cAuZ/vy53JJORX0vwFaOFssZ+Kr1fHI8r4LCS5/P0No4OyI3D+
YC4RCt+jNG4e6EjAzc117ck3WucXNUBSuda2Ne91QWWs4QILP6z2Ovl7owH7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUdLwox7MatRVygRoloSkoIBKQCQ0wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTMwMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW1
ujANBgkqhkiG9w0BAQsFAAOCAQEAq9nQPHglJfOU5iEW3FnrVBu6eAFKncpJShq3
mlo5pwUQNfsoUIf7ExSQ69W/nsVahFLuVKviNPSrR6hg3RztuXIoKtrp9KJjVQFK
xXIbounybK+tqxzzXVHuseA8AylmQTdsAQpyfc7YFm5P1XTkPerAssY2Wgccu8Ce
KY23xGnnBsyG42/XC7NQPnVMDDUep5RpIYET9CjQeTv0WaQ+NeIQQQcrXalDrkrD
8QgWhmBdZsrshLkS+97A63sw9y8orZ+1uBGuWaEQTlB/aY054gDlN25M6NkQ7x8H
p4cc8xhowsdDo24Vt6vEJu2c5mULk+VHMmutL5IHHA8w6gu2dQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:37 2025 by rpki-client