Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/3139332e31372e322e302f32342d3234203d3e203433363037.roa
File: 3139332e31372e322e302f32342d3234203d3e203433363037.roa (raw, json)
Hash identifier: QV7AW+QX/X6aUgIncvErYRoohj9PT1pN2OjgZR/RRqc=
Subject key identifier: 0C:2A:9A:FD:C3:9F:39:B8:BB:E3:38:5D:29:76:AF:9E:D4:76:89:F6
Certificate issuer: /CN=07d362bdd7ca6e80e2c244437597bd47ef7a4fde
Certificate serial: 283D23E9B593DEB86ED8E20A179508AC8546679E
Authority key identifier: 07:D3:62:BD:D7:CA:6E:80:E2:C2:44:43:75:97:BD:47:EF:7A:4F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9NivdfKboDiwkRDdZe9R-96T94.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/3139332e31372e322e302f32342d3234203d3e203433363037.roa
Signing time: Wed 06 Mar 2024 22:13:57 +0000
ROA not before: Wed 06 Mar 2024 22:08:57 +0000
ROA not after: Wed 05 Mar 2025 22:13:57 +0000
asID: 43607
IP address blocks: 193.17.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:3d:23:e9:b5:93:de:b8:6e:d8:e2:0a:17:95:08:ac:85:46:67:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d362bdd7ca6e80e2c244437597bd47ef7a4fde
Validity
Not Before: Mar 6 22:08:57 2024 GMT
Not After : Mar 5 22:13:57 2025 GMT
Subject: CN=0C2A9AFDC39F39B8BBE3385D2976AF9ED47689F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dc:a9:42:61:8b:17:3a:74:cb:4d:19:32:80:
87:47:85:6e:b5:8f:dc:26:e4:e8:29:be:76:ec:87:
3d:6b:7f:cf:33:04:1f:95:d7:27:0f:f0:ef:e6:7a:
1f:51:2e:79:2e:e6:92:89:b6:53:d6:64:29:ee:ba:
d6:11:ab:b1:9a:9e:db:2d:0b:52:8c:7c:ff:d0:f1:
6f:a8:52:54:ea:7e:a4:9d:4e:f3:0c:21:2f:3f:36:
9a:7c:46:81:ea:37:2d:c1:a6:d7:2b:0c:a7:82:5d:
4a:31:b5:83:b4:76:ec:c4:fd:3e:3d:3b:89:de:62:
82:04:5f:9e:77:4b:2c:99:e9:d2:3c:34:aa:50:3a:
6a:69:4f:67:b0:dc:d0:70:1b:36:e9:a0:d4:e9:d0:
72:87:89:7d:35:cd:9e:c5:ad:7c:77:5c:72:a9:5c:
3f:66:ea:ca:f3:27:a1:90:55:2b:ad:54:57:21:a7:
22:5a:6b:5c:4c:9c:bd:0c:c5:48:78:8f:58:2c:b0:
b4:4e:f1:07:65:f1:1c:fe:bf:7c:7a:d9:5d:ac:61:
5f:52:37:06:de:a5:39:e2:07:f2:8b:32:13:b8:97:
58:ef:db:85:1b:be:39:50:a5:16:2f:c5:30:b0:3a:
69:51:a2:ce:52:b4:f4:1c:5d:8d:8a:45:96:17:df:
13:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2A:9A:FD:C3:9F:39:B8:BB:E3:38:5D:29:76:AF:9E:D4:76:89:F6
X509v3 Authority Key Identifier:
keyid:07:D3:62:BD:D7:CA:6E:80:E2:C2:44:43:75:97:BD:47:EF:7A:4F:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/07D362BDD7CA6E80E2C244437597BD47EF7A4FDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9NivdfKboDiwkRDdZe9R-96T94.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/3139332e31372e322e302f32342d3234203d3e203433363037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ba:be:7f:41:58:82:de:59:14:56:ce:d7:45:6d:2a:7a:0d:
39:1e:9a:c1:04:0a:20:4b:05:b2:78:12:de:ee:27:24:cf:63:
7e:c2:e2:ef:e1:b7:e4:ec:71:a6:80:86:7a:11:b2:0c:50:24:
68:75:a2:8f:41:5a:86:a8:4c:78:e4:bb:59:3a:4e:d5:12:4a:
f3:aa:5e:79:92:8b:43:d7:b6:24:29:0a:79:48:19:78:18:d5:
39:71:60:6d:dc:08:ef:a2:d8:3d:9c:84:25:30:4e:96:42:11:
4f:63:fe:9c:3e:97:2a:ac:66:52:fa:20:1e:74:f1:93:02:1a:
8c:5c:5f:83:92:bd:83:fe:9a:f6:93:4d:f9:ef:33:88:f1:1f:
33:07:30:f6:33:4d:56:b4:82:29:af:6b:b0:5b:05:89:35:68:
fb:8c:1e:10:04:e1:46:1c:32:24:5d:4a:9b:ed:0d:d5:44:ee:
36:b1:ea:f9:a3:df:f6:d4:20:01:c3:cc:c2:63:0d:e6:a7:4f:
86:97:38:48:2c:cc:cc:47:97:55:bb:6c:df:c9:2e:c2:c7:ce:
24:1d:46:7e:c7:0d:8b:56:06:24:cd:d6:0a:7e:4c:f9:0a:c9:
2c:7b:25:5d:0e:44:dd:7d:d4:ea:ad:ba:94:4f:31:4a:c4:e6:
d3:4a:f5:bd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUKD0j6bWT3rhu2OIKF5UIrIVGZ54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdkMzYyYmRkN2NhNmU4MGUyYzI0NDQzNzU5N2JkNDdl
ZjdhNGZkZTAeFw0yNDAzMDYyMjA4NTdaFw0yNTAzMDUyMjEzNTdaMDMxMTAvBgNV
BAMTKDBDMkE5QUZEQzM5RjM5QjhCQkUzMzg1RDI5NzZBRjlFRDQ3Njg5RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3KlCYYsXOnTLTRkygIdHhW61
j9wm5Ogpvnbshz1rf88zBB+V1ycP8O/meh9RLnku5pKJtlPWZCnuutYRq7Gantst
C1KMfP/Q8W+oUlTqfqSdTvMMIS8/Npp8RoHqNy3BptcrDKeCXUoxtYO0duzE/T49
O4neYoIEX553SyyZ6dI8NKpQOmppT2ew3NBwGzbpoNTp0HKHiX01zZ7FrXx3XHKp
XD9m6srzJ6GQVSutVFchpyJaa1xMnL0MxUh4j1gssLRO8Qdl8Rz+v3x62V2sYV9S
NwbepTniB/KLMhO4l1jv24UbvjlQpRYvxTCwOmlRos5StPQcXY2KRZYX3xNVAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUDCqa/cOfObi74zhdKXavntR2ifYwHwYDVR0j
BBgwFoAUB9NivdfKboDiwkRDdZe9R+96T94wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjFhNzk3ZjktM2MxMC00NTM2LWFhNjQtMDljYTJkOTU0
NWM4LzAvMDdEMzYyQkREN0NBNkU4MEUyQzI0NDQzNzU5N0JENDdFRjdBNEZERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0I5Tml2ZGZLYm9EaXdrUkRkWmU5Ui05
NlQ5NC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjFhNzk3Zjkt
M2MxMC00NTM2LWFhNjQtMDljYTJkOTU0NWM4LzAvMzEzOTMzMmUzMTM3MmUzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzMzNjMwMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBEQIw
DQYJKoZIhvcNAQELBQADggEBAHu6vn9BWILeWRRWztdFbSp6DTkemsEECiBLBbJ4
Et7uJyTPY37C4u/ht+TscaaAhnoRsgxQJGh1oo9BWoaoTHjku1k6TtUSSvOqXnmS
i0PXtiQpCnlIGXgY1TlxYG3cCO+i2D2chCUwTpZCEU9j/pw+lyqsZlL6IB508ZMC
GoxcX4OSvYP+mvaTTfnvM4jxHzMHMPYzTVa0gimva7BbBYk1aPuMHhAE4UYcMiRd
SpvtDdVE7jax6vmj3/bUIAHDzMJjDeanT4aXOEgszMxHl1W7bN/JLsLHziQdRn7H
DYtWBiTN1gp+TPkKySx7JV0ORN191OqtupRPMUrE5tNK9b0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:27 2025 by rpki-client