Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: Q6dV05yd/X4eddzW84QWMEqml6rfVISFXV0keMcJg2I=
Subject key identifier: 5E:A6:B1:B6:E7:5E:FB:4B:9A:52:F3:47:C4:3D:20:6A:E9:F7:C0:4E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 69145A7F480F3A39005C9F4824D82BF82302F719
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
Signing time: Sat 08 Feb 2025 00:02:06 +0000
ROA not before: Fri 07 Feb 2025 23:57:06 +0000
ROA not after: Sat 07 Feb 2026 00:02:06 +0000
asID: 834
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:14:5a:7f:48:0f:3a:39:00:5c:9f:48:24:d8:2b:f8:23:02:f7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 7 23:57:06 2025 GMT
Not After : Feb 7 00:02:06 2026 GMT
Subject: CN=5EA6B1B6E75EFB4B9A52F347C43D206AE9F7C04E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:60:8a:11:00:ed:35:91:19:a6:90:ec:d3:09:
9c:c6:cc:cf:72:74:c9:8c:7a:81:ce:f5:09:a7:52:
54:b0:e8:cd:1f:92:f9:91:a7:a0:2e:10:bb:3e:a8:
e2:dc:30:37:ef:56:13:69:30:50:51:f2:8f:36:f1:
38:31:c0:a0:4a:db:04:92:b4:e3:17:38:a8:cb:a7:
a0:77:05:cb:d7:f1:db:af:98:a7:98:16:e1:db:d1:
f6:ba:d1:9f:02:2a:ad:05:92:a8:af:0e:50:d6:aa:
c9:58:89:96:71:a2:30:d5:f4:93:63:19:a6:ed:76:
8d:d2:7c:85:a1:c7:b0:8a:f9:2d:67:4a:9a:d5:80:
c7:ed:16:d5:1b:d4:72:a5:4a:e9:fe:7d:6f:23:b5:
4d:b3:60:d6:b3:d2:b6:70:b6:41:46:0a:e6:b7:cc:
af:9d:07:f8:c1:b2:92:95:55:f1:02:10:d4:88:1c:
a6:39:54:5b:2a:f8:8f:71:ff:84:7f:e8:ba:f1:83:
50:12:54:34:8c:94:d9:df:9a:1a:2f:d6:dd:55:fe:
45:41:aa:24:c0:d0:a4:85:68:ec:b5:0f:71:dc:11:
02:68:02:7d:05:f6:a6:ef:cb:62:74:b2:cc:6b:33:
89:56:7b:9f:4d:02:fd:15:5c:d7:e3:d2:3a:b9:14:
ec:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A6:B1:B6:E7:5E:FB:4B:9A:52:F3:47:C4:3D:20:6A:E9:F7:C0:4E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:2b:98:13:cf:3e:8f:a3:18:97:4d:b2:19:61:48:0e:48:9c:
c7:c4:d6:34:3b:22:21:fc:91:3b:fd:44:1a:04:a6:c7:aa:ba:
f4:54:86:22:d2:f4:02:43:45:b6:84:ab:c2:5f:b1:07:22:94:
8e:8d:b8:da:3e:ac:ea:fa:d6:33:d7:78:b2:b7:56:18:d6:12:
2c:11:cb:be:ba:7d:28:87:d8:02:4b:5f:31:32:da:b1:aa:48:
54:df:31:b1:30:4b:91:af:b2:c0:c5:40:0e:26:16:ca:8e:28:
bb:18:12:a2:78:c3:ec:fb:1b:c9:74:dc:91:a2:72:b5:ed:b5:
2a:f5:91:90:16:4b:db:58:26:b1:c2:39:77:a5:ff:78:e3:8e:
6f:78:e3:62:13:e8:22:dd:35:3a:b5:7b:fe:13:f0:cc:30:83:
fb:69:ed:99:fa:1f:42:26:76:64:a0:4b:67:a3:a0:c3:d8:4d:
77:69:27:7d:5c:73:90:34:fb:7b:2e:6a:ef:5a:7e:65:33:f4:
98:96:e2:cb:8d:db:1a:f7:62:9c:f2:d5:ff:6d:36:27:2c:18:
32:67:13:d5:1a:76:8c:af:de:91:13:6a:34:75:c0:fa:69:83:
9b:9a:5d:2f:9d:23:19:f8:66:d7:dd:fc:cb:39:09:e8:ad:ce:
33:32:79:d4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUaRRaf0gPOjkAXJ9IJNgr+CMC9xkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMDcyMzU3MDZaFw0yNjAyMDcwMDAyMDZaMDMxMTAvBgNV
BAMTKDVFQTZCMUI2RTc1RUZCNEI5QTUyRjM0N0M0M0QyMDZBRTlGN0MwNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtYIoRAO01kRmmkOzTCZzGzM9y
dMmMeoHO9QmnUlSw6M0fkvmRp6AuELs+qOLcMDfvVhNpMFBR8o828TgxwKBK2wSS
tOMXOKjLp6B3BcvX8duvmKeYFuHb0fa60Z8CKq0FkqivDlDWqslYiZZxojDV9JNj
Gabtdo3SfIWhx7CK+S1nSprVgMftFtUb1HKlSun+fW8jtU2zYNaz0rZwtkFGCua3
zK+dB/jBspKVVfECENSIHKY5VFsq+I9x/4R/6Lrxg1ASVDSMlNnfmhov1t1V/kVB
qiTA0KSFaOy1D3HcEQJoAn0F9qbvy2J0ssxrM4lWe59NAv0VXNfj0jq5FOw9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUXqaxtude+0uaUvNHxD0gaun3wE4wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0eYw
DQYJKoZIhvcNAQELBQADggEBAMIrmBPPPo+jGJdNshlhSA5InMfE1jQ7IiH8kTv9
RBoEpsequvRUhiLS9AJDRbaEq8JfsQcilI6NuNo+rOr61jPXeLK3VhjWEiwRy766
fSiH2AJLXzEy2rGqSFTfMbEwS5GvssDFQA4mFsqOKLsYEqJ4w+z7G8l03JGicrXt
tSr1kZAWS9tYJrHCOXel/3jjjm9442IT6CLdNTq1e/4T8Mwwg/tp7Zn6H0ImdmSg
S2ejoMPYTXdpJ31cc5A0+3suau9afmUz9JiW4suN2xr3Ypzy1f9tNicsGDJnE9Ua
doyv3pETajR1wPppg5uaXS+dIxn4Ztfd/Ms5CeitzjMyedQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:52:38 2025 by rpki-client