Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20383334.roa
File: 3138382e36342e3134332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: FFBf5RmZFK/taKVmswdIFIpZCpDtOjuH5QYxknAoXEE=
Subject key identifier: F7:61:32:12:46:26:69:49:0D:83:80:B4:A2:CC:E9:81:5B:E2:6D:D1
Certificate issuer: /CN=fdc1a908766b391e371b6e3f5e6a1141efe78a48
Certificate serial: 17BCB6D5B59E7FB3B998F58E5A10F819E2014AD4
Authority key identifier: FD:C1:A9:08:76:6B:39:1E:37:1B:6E:3F:5E:6A:11:41:EF:E7:8A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cGpCHZrOR43G24_XmoRQe_nikg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20383334.roa
Signing time: Thu 15 Jun 2023 00:00:03 +0000
ROA not before: Wed 14 Jun 2023 23:55:03 +0000
ROA not after: Thu 13 Jun 2024 00:00:03 +0000
asID: 834
IP address blocks: 188.64.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:bc:b6:d5:b5:9e:7f:b3:b9:98:f5:8e:5a:10:f8:19:e2:01:4a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc1a908766b391e371b6e3f5e6a1141efe78a48
Validity
Not Before: Jun 14 23:55:03 2023 GMT
Not After : Jun 13 00:00:03 2024 GMT
Subject: CN=F7613212462669490D8380B4A2CCE9815BE26DD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:85:52:76:78:a1:a0:55:47:c9:17:cd:7e:f0:
2f:20:f9:d6:31:c6:48:73:dc:d2:d7:0f:b1:68:ff:
67:4b:6c:76:67:3b:07:2e:de:b7:a6:5a:70:db:c1:
ca:1f:12:27:c2:5f:34:4d:ac:cb:bd:c2:5b:6b:dd:
44:16:28:b3:54:c8:ba:3f:ad:98:57:f0:73:0a:4d:
bf:dd:de:8c:80:de:7e:1d:89:e6:9f:97:65:3d:53:
b1:8a:b6:70:2b:58:59:bf:42:1d:91:0e:e6:1d:9c:
e8:b5:a9:3e:b6:22:e7:af:16:1d:6b:b1:4d:26:59:
67:77:c0:b4:72:34:32:11:47:22:dc:96:81:9a:42:
bd:54:85:96:56:b7:53:cb:97:34:9a:07:0a:3d:30:
47:4b:7e:69:7a:0e:93:e5:f1:c8:56:ca:c6:ab:09:
8e:8c:41:ff:0e:59:16:06:f7:9e:d3:5e:b3:12:2b:
a7:32:b9:d9:ac:a4:20:4e:e9:54:69:e4:17:b3:53:
63:82:28:c8:d9:43:f8:0b:c7:3c:cd:2a:69:6b:d5:
e4:d2:74:ff:04:c2:2d:3b:e2:18:ac:ff:95:19:71:
64:94:0a:b5:d7:11:b0:a4:09:52:5a:f2:3b:6c:45:
a4:c6:b4:c9:52:af:1a:68:cd:85:1f:fe:a5:5c:d0:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:61:32:12:46:26:69:49:0D:83:80:B4:A2:CC:E9:81:5B:E2:6D:D1
X509v3 Authority Key Identifier:
keyid:FD:C1:A9:08:76:6B:39:1E:37:1B:6E:3F:5E:6A:11:41:EF:E7:8A:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/FDC1A908766B391E371B6E3F5E6A1141EFE78A48.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cGpCHZrOR43G24_XmoRQe_nikg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5ad9bead-4669-4e97-9963-3763c93ccf66/0/3138382e36342e3134332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.143.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7c:7e:80:15:ca:25:2f:79:1d:f6:0a:d4:c3:cc:04:72:1c:
a9:c6:e2:62:72:30:0d:1c:33:97:3d:1c:de:99:78:7d:bf:e5:
8a:30:16:99:84:cc:d6:93:0d:32:81:21:16:68:43:dc:f6:d8:
74:a9:31:1c:c7:aa:59:94:2f:20:f5:25:8e:f5:2c:5a:a3:dd:
42:56:0b:61:20:f5:aa:c8:73:ef:ff:04:4b:d8:3d:2a:47:ef:
db:e0:5d:2f:f4:8d:9e:a1:1b:1f:d5:19:5e:ae:cf:e9:03:8f:
4f:47:51:10:53:b3:07:0d:55:e0:ba:8c:bb:6b:2f:cb:eb:d8:
d1:f9:77:1c:4c:e8:b0:71:36:49:0b:7a:2a:2f:33:60:66:4a:
fa:9f:a0:ba:68:cc:a4:11:f6:cd:49:1e:e7:9d:0b:33:06:e9:
7d:56:a3:c4:a8:d9:00:7b:a2:09:bb:67:87:aa:6e:89:46:bb:
93:e7:62:71:77:c5:11:72:b0:c1:5d:32:44:dd:30:00:d3:f0:
e5:af:0b:5c:7c:74:78:69:5e:b4:8b:f6:7f:05:64:29:e8:3f:
75:ae:f2:b1:b0:24:26:99:dc:a9:e7:31:f1:97:1f:3d:be:df:
57:40:01:89:2a:32:02:5d:5d:a8:57:72:ef:18:67:62:41:77:
12:19:ac:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUF7y21bWef7O5mPWOWhD4GeIBStQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmRjMWE5MDg3NjZiMzkxZTM3MWI2ZTNmNWU2YTExNDFl
ZmU3OGE0ODAeFw0yMzA2MTQyMzU1MDNaFw0yNDA2MTMwMDAwMDNaMDMxMTAvBgNV
BAMTKEY3NjEzMjEyNDYyNjY5NDkwRDgzODBCNEEyQ0NFOTgxNUJFMjZERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfhVJ2eKGgVUfJF81+8C8g+dYx
xkhz3NLXD7Fo/2dLbHZnOwcu3remWnDbwcofEifCXzRNrMu9wltr3UQWKLNUyLo/
rZhX8HMKTb/d3oyA3n4dieafl2U9U7GKtnArWFm/Qh2RDuYdnOi1qT62IuevFh1r
sU0mWWd3wLRyNDIRRyLcloGaQr1UhZZWt1PLlzSaBwo9MEdLfml6DpPl8chWysar
CY6MQf8OWRYG957TXrMSK6cyudmspCBO6VRp5BezU2OCKMjZQ/gLxzzNKmlr1eTS
dP8Ewi074his/5UZcWSUCrXXEbCkCVJa8jtsRaTGtMlSrxpozYUf/qVc0LAxAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU92EyEkYmaUkNg4C0oszpgVvibdEwHwYDVR0j
BBgwFoAU/cGpCHZrOR43G24/XmoRQe/nikgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWFkOWJlYWQtNDY2OS00ZTk3LTk5NjMtMzc2M2M5M2Nj
ZjY2LzAvRkRDMUE5MDg3NjZCMzkxRTM3MUI2RTNGNUU2QTExNDFFRkU3OEE0OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19jR3BDSFpyT1I0M0cyNF9YbW9SUWVf
bmlrZy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNWFkOWJlYWQt
NDY2OS00ZTk3LTk5NjMtMzc2M2M5M2NjZjY2LzAvMzEzODM4MmUzNjM0MmUzMTM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC8QI8w
DQYJKoZIhvcNAQELBQADggEBAHd8foAVyiUveR32CtTDzARyHKnG4mJyMA0cM5c9
HN6ZeH2/5YowFpmEzNaTDTKBIRZoQ9z22HSpMRzHqlmULyD1JY71LFqj3UJWC2Eg
9arIc+//BEvYPSpH79vgXS/0jZ6hGx/VGV6uz+kDj09HURBTswcNVeC6jLtrL8vr
2NH5dxxM6LBxNkkLeiovM2BmSvqfoLpozKQR9s1JHuedCzMG6X1Wo8So2QB7ogm7
Z4eqbolGu5PnYnF3xRFysMFdMkTdMADT8OWvC1x8dHhpXrSL9n8FZCnoP3Wu8rGw
JCaZ3KnnMfGXHz2+31dAAYkqMgJdXahXcu8YZ2JBdxIZrNA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:11 2025 by rpki-client