Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
File: 3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: OzZjn8L8LOn4eTlSZRwwCpUnIR4pL6z++u0zJ+hC5b4=
Subject key identifier: 9B:97:4A:0E:DB:75:B7:D1:F4:3B:51:8D:ED:18:1C:34:5E:4E:81:5B
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 2EEDCB7F1C81DCF7B56637E2279AD7428A1B61D1
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 10:21:31 +0000
ROA not before: Tue 18 Feb 2025 10:16:31 +0000
ROA not after: Tue 17 Feb 2026 10:21:31 +0000
asID: 42689
IP address blocks: 195.191.106.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ed:cb:7f:1c:81:dc:f7:b5:66:37:e2:27:9a:d7:42:8a:1b:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 10:16:31 2025 GMT
Not After : Feb 17 10:21:31 2026 GMT
Subject: CN=9B974A0EDB75B7D1F43B518DED181C345E4E815B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2b:86:fd:0c:ef:7d:da:3a:fd:ec:b6:1e:e3:
65:0d:84:46:9f:d6:51:22:2a:f3:56:57:b5:8d:1f:
1d:fa:67:5a:13:f8:68:4a:d5:f7:fd:d6:33:6c:9a:
7c:7d:00:07:bf:57:89:82:ec:57:e8:d5:1e:a6:04:
33:ce:19:70:17:ac:e4:c0:43:c2:d0:cc:cf:a4:6b:
39:64:bf:f0:e0:0b:26:2e:0e:b0:58:88:60:eb:dd:
37:bd:06:4c:66:67:71:9d:91:f2:a4:e7:70:31:dc:
fc:51:7d:7b:27:a1:11:a4:53:7a:85:1b:8b:a8:1a:
2d:0c:d3:b8:cb:35:84:f1:9d:85:4b:98:46:82:5d:
88:17:ca:4a:4c:26:15:bc:93:da:39:d7:c8:3b:d9:
70:72:01:97:fe:e9:bc:c2:cd:ce:27:66:8b:06:9e:
0f:e1:f5:4c:9e:97:8a:bb:bc:3e:bf:aa:1d:94:d3:
f1:e6:52:5a:79:b0:2c:29:29:05:24:7b:00:33:7d:
60:92:79:46:ae:d3:13:b4:85:67:d2:c0:a1:82:f0:
3e:3a:21:2d:62:97:6a:3c:d9:bc:55:d4:11:f7:dc:
a0:bc:13:ab:98:25:9d:00:9f:4d:dd:2b:c0:0b:55:
f5:a3:d0:82:23:06:1e:aa:a0:3c:7e:a4:29:88:8b:
f6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:97:4A:0E:DB:75:B7:D1:F4:3B:51:8D:ED:18:1C:34:5E:4E:81:5B
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3139312e3130362e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.106.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:d8:07:6a:08:66:31:27:12:fa:03:66:ae:2a:88:0a:c1:cf:
c0:d8:6d:a8:48:cb:aa:36:fa:22:00:0a:3f:c6:08:4c:8a:76:
9e:83:0a:bd:89:24:f8:9c:99:9f:9d:79:5a:80:51:8c:da:6d:
c3:9a:10:4c:1d:79:66:92:b5:26:5e:64:06:60:65:d4:ad:c9:
40:df:4f:89:e4:9a:9f:a6:96:6d:dc:fa:87:6d:1d:ec:49:c6:
56:12:53:29:26:fd:11:3a:84:dc:e9:6f:44:fa:9a:b1:1c:9f:
80:e6:f8:fe:4c:cd:81:bf:7c:52:b3:13:0d:b3:3c:6a:ab:3f:
93:95:5d:d6:36:63:bd:aa:34:e3:47:93:78:c9:a3:4e:6a:ea:
e5:75:31:32:10:46:36:f1:15:48:ed:5f:15:f8:f7:32:99:b5:
a1:1e:02:3c:89:3b:e4:f4:cb:d7:c4:5e:f5:97:4a:6f:49:04:
c5:33:88:b9:bd:14:02:7d:b7:c1:aa:26:81:de:35:2f:63:66:
5e:ce:6b:44:18:f3:11:c0:16:c7:ae:0c:6a:50:fd:5e:0f:b9:
cf:26:dc:db:e7:bf:4e:cf:90:1c:f5:86:74:c3:e2:e9:e8:30:
7e:f3:9e:f6:c0:84:19:0a:f2:44:f6:16:61:30:bb:0c:e7:25:
44:31:f0:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULu3LfxyB3Pe1ZjfiJ5rXQoobYdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMDE2MzFaFw0yNjAyMTcxMDIxMzFaMDMxMTAvBgNV
BAMTKDlCOTc0QTBFREI3NUI3RDFGNDNCNTE4REVEMTgxQzM0NUU0RTgxNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdK4b9DO992jr97LYe42UNhEaf
1lEiKvNWV7WNHx36Z1oT+GhK1ff91jNsmnx9AAe/V4mC7Ffo1R6mBDPOGXAXrOTA
Q8LQzM+kazlkv/DgCyYuDrBYiGDr3Te9BkxmZ3GdkfKk53Ax3PxRfXsnoRGkU3qF
G4uoGi0M07jLNYTxnYVLmEaCXYgXykpMJhW8k9o518g72XByAZf+6bzCzc4nZosG
ng/h9Uyel4q7vD6/qh2U0/HmUlp5sCwpKQUkewAzfWCSeUau0xO0hWfSwKGC8D46
IS1il2o82bxV1BH33KC8E6uYJZ0An03dK8ALVfWj0IIjBh6qoDx+pCmIi/YdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUm5dKDtt1t9H0O1GN7RgcNF5OgVswHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzOTM1MmUzMTM5MzEyZTMx
MzAzNjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDv2owDQYJKoZIhvcNAQELBQADggEBAB3YB2oIZjEnEvoDZq4qiArBz8DYbahI
y6o2+iIACj/GCEyKdp6DCr2JJPicmZ+deVqAUYzabcOaEEwdeWaStSZeZAZgZdSt
yUDfT4nkmp+mlm3c+odtHexJxlYSUykm/RE6hNzpb0T6mrEcn4Dm+P5MzYG/fFKz
Ew2zPGqrP5OVXdY2Y72qNONHk3jJo05q6uV1MTIQRjbxFUjtXxX49zKZtaEeAjyJ
O+T0y9fEXvWXSm9JBMUziLm9FAJ9t8GqJoHeNS9jZl7Oa0QY8xHAFseuDGpQ/V4P
uc8m3Nvnv07PkBz1hnTD4unoMH7znvbAhBkK8kT2FmEwuwznJUQx8Mo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:34:13 2025 by rpki-client