Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135333034.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: Jx2RpzVOvTW1fTsFYSzAjtMlwaCwQOxIAyP60nJQ4H8=
Subject key identifier: B0:1D:CA:9F:0B:D1:9A:B1:57:D9:02:27:8E:81:75:A7:BA:8A:16:52
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 49A64B303F002782A2885E868906BAFF783D9EC6
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135333034.roa
Signing time: Fri 21 Feb 2025 16:41:13 +0000
ROA not before: Fri 21 Feb 2025 16:36:13 +0000
ROA not after: Fri 20 Feb 2026 16:41:13 +0000
asID: 215304
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:a6:4b:30:3f:00:27:82:a2:88:5e:86:89:06:ba:ff:78:3d:9e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 21 16:36:13 2025 GMT
Not After : Feb 20 16:41:13 2026 GMT
Subject: CN=B01DCA9F0BD19AB157D902278E8175A7BA8A1652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:87:26:0f:05:09:26:d0:e6:7f:db:a4:69:2d:
50:31:6e:a2:5f:ed:e1:ba:54:3b:e0:a9:5a:36:7c:
8b:03:a7:d2:66:77:29:ce:52:c3:6b:cc:07:ec:5c:
2c:4f:6f:f2:b2:86:50:b6:65:98:f5:ba:dc:a5:c4:
2c:70:f1:6b:04:37:d6:ee:ca:34:74:e2:e2:fb:11:
61:0c:5a:d8:6f:7b:0f:01:d0:7e:04:5a:a0:15:fb:
11:f9:f3:68:a2:92:3a:52:53:7d:26:7d:16:b2:d7:
f0:4b:15:9f:a2:60:6d:11:de:ce:75:1b:d1:c4:09:
af:fe:37:b2:05:5f:f7:bf:fb:99:31:5c:ee:e0:21:
c5:42:c4:90:1d:e0:fa:29:21:88:aa:c1:69:08:d9:
83:8c:74:30:00:9b:d6:bf:c6:38:99:df:9a:65:a1:
df:0f:8a:a9:dd:3f:3d:0e:45:55:5a:79:10:3a:86:
2d:60:28:ff:7d:e2:56:12:c3:fd:83:2c:28:33:88:
ba:54:74:04:49:66:2e:fc:79:27:68:9a:a4:4e:4f:
a4:99:9d:7b:f0:f7:e4:a3:e8:01:97:2f:a2:0e:67:
1d:70:0b:9c:f1:31:d8:f8:f3:e6:46:66:2d:98:83:
dd:7a:5e:18:85:7d:5b:b9:97:fd:11:75:3c:c9:eb:
20:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:1D:CA:9F:0B:D1:9A:B1:57:D9:02:27:8E:81:75:A7:BA:8A:16:52
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
09:b6:02:d1:73:f1:60:5d:7e:60:7c:36:06:cd:31:a5:7e:03:
cc:6c:95:de:0f:7b:bc:64:12:c0:16:16:0f:72:78:cc:bd:da:
fa:b2:21:64:cc:0f:f6:ab:4c:75:11:61:fb:28:30:b4:79:96:
c0:52:5e:9f:56:10:fa:04:ce:e1:42:1a:66:35:d0:8e:3e:b8:
45:99:44:27:5e:c8:00:53:ac:25:a2:54:29:37:1f:8f:6d:36:
0c:62:62:c2:a2:5f:5d:3d:4b:3e:4d:51:f1:bd:cb:e7:e7:75:
8c:ad:62:90:6c:8f:81:a9:52:7d:d6:66:39:59:21:63:d5:0f:
9e:d9:6d:1b:85:7d:b0:73:7c:dc:d9:50:e6:66:fd:a0:59:51:
29:36:0b:41:1a:46:24:30:e2:e7:00:27:56:52:13:5e:ef:67:
a0:f5:87:46:c7:4d:ae:69:fc:b4:9e:c4:3b:20:61:05:8b:11:
86:e1:77:3f:f6:bf:57:48:82:00:b5:06:93:03:fe:10:dd:fe:
a0:98:c8:c6:6a:fa:57:dc:6d:da:ed:a5:42:d2:fd:e2:85:fc:
7b:15:a6:be:cf:6e:f2:ff:c7:de:7b:0a:96:af:4e:70:fb:21:
38:e0:c3:9d:5f:20:c0:15:f9:00:32:85:c9:a1:df:49:c9:4f:
d8:79:83:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSaZLMD8AJ4KiiF6GiQa6/3g9nsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMjExNjM2MTNaFw0yNjAyMjAxNjQxMTNaMDMxMTAvBgNV
BAMTKEIwMURDQTlGMEJEMTlBQjE1N0Q5MDIyNzhFODE3NUE3QkE4QTE2NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNhyYPBQkm0OZ/26RpLVAxbqJf
7eG6VDvgqVo2fIsDp9JmdynOUsNrzAfsXCxPb/KyhlC2ZZj1utylxCxw8WsEN9bu
yjR04uL7EWEMWthvew8B0H4EWqAV+xH582iikjpSU30mfRay1/BLFZ+iYG0R3s51
G9HECa/+N7IFX/e/+5kxXO7gIcVCxJAd4PopIYiqwWkI2YOMdDAAm9a/xjiZ35pl
od8PiqndPz0ORVVaeRA6hi1gKP994lYSw/2DLCgziLpUdARJZi78eSdomqROT6SZ
nXvw9+Sj6AGXL6IOZx1wC5zxMdj48+ZGZi2Yg916XhiFfVu5l/0RdTzJ6yC/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsB3KnwvRmrFX2QInjoF1p7qKFlIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eYwDQYJKoZIhvcNAQELBQADggEBAAm2AtFz8WBdfmB8NgbNMaV+A8xsld4P
e7xkEsAWFg9yeMy92vqyIWTMD/arTHURYfsoMLR5lsBSXp9WEPoEzuFCGmY10I4+
uEWZRCdeyABTrCWiVCk3H49tNgxiYsKiX109Sz5NUfG9y+fndYytYpBsj4GpUn3W
ZjlZIWPVD57ZbRuFfbBzfNzZUOZm/aBZUSk2C0EaRiQw4ucAJ1ZSE17vZ6D1h0bH
Ta5p/LSexDsgYQWLEYbhdz/2v1dIggC1BpMD/hDd/qCYyMZq+lfcbdrtpULS/eKF
/HsVpr7PbvL/x957CpavTnD7ITjgw51fIMAV+QAyhcmh30nJT9h5g6o=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:47 2025 by rpki-client