Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
File: 38352e3233372e3232322e302f32342d3234203d3e203534323532.roa (raw, json)
Hash identifier: 4UZeBIbQCn1ZjIX95h9cxAMpq5QeBi9z/Ns0P3irR2g=
Subject key identifier: 0A:91:D7:03:48:01:26:8B:27:84:71:5E:8D:DE:93:30:CC:7E:56:7A
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6DDE4BEFEE2E9D9A815759EE06664EA8FB474A0F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
Signing time: Fri 07 Feb 2025 06:53:53 +0000
ROA not before: Fri 07 Feb 2025 06:48:53 +0000
ROA not after: Fri 06 Feb 2026 06:53:53 +0000
asID: 54252
IP address blocks: 85.237.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:de:4b:ef:ee:2e:9d:9a:81:57:59:ee:06:66:4e:a8:fb:47:4a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Feb 7 06:48:53 2025 GMT
Not After : Feb 6 06:53:53 2026 GMT
Subject: CN=0A91D7034801268B2784715E8DDE9330CC7E567A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:59:bf:07:69:b2:cf:6a:2d:0c:92:6b:88:6f:
b9:ce:36:56:a4:d1:50:f3:e6:fa:04:7d:6a:bd:6b:
68:5e:3f:27:47:65:b9:a0:3c:a8:6d:30:c7:1f:36:
2a:a2:85:fc:44:b8:f7:47:95:7c:4e:bc:ba:16:05:
2e:65:68:f3:f3:48:fe:fe:0a:62:39:83:33:4d:78:
c2:53:aa:00:8a:0c:f9:80:23:f6:11:d8:4a:45:b3:
d4:65:dc:1f:c6:80:9f:4c:10:6b:b6:a0:19:d1:76:
2c:b0:1a:5f:dd:5d:44:6e:ab:2c:c1:d0:0f:ba:6a:
b1:9a:5d:bb:88:b7:64:e5:f7:c7:90:5f:a0:6a:2b:
58:ff:4e:21:ec:c9:65:ad:b1:d7:d8:79:1e:0d:94:
b1:ce:d2:2a:8f:45:bc:36:c1:a7:64:7b:ab:49:1f:
18:5a:d7:6f:72:9f:1d:ea:50:f5:2e:e6:ce:3e:32:
ca:7f:28:c6:f7:14:cb:50:81:2f:05:0a:d4:9f:be:
01:07:7f:98:d8:e1:88:5a:75:fa:4f:89:82:4a:6f:
77:77:44:e0:d0:62:f4:af:8d:86:26:e2:3f:d7:80:
b9:6c:32:0d:9d:d8:ee:fc:98:33:27:02:ac:64:42:
6c:23:24:ca:00:a8:1e:3b:74:46:99:fd:15:7b:54:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:91:D7:03:48:01:26:8B:27:84:71:5E:8D:DE:93:30:CC:7E:56:7A
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232322e302f32342d3234203d3e203534323532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.222.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b6:56:d0:83:e1:1d:4f:17:94:a4:af:5a:8f:6a:bb:d3:f0:
87:81:11:1c:c7:40:0a:94:ad:07:2c:a0:62:56:68:03:a6:a7:
68:e8:c7:9f:5b:33:89:28:4f:86:f7:25:4f:00:94:e3:46:a0:
69:a0:f4:83:39:79:39:a5:03:4c:81:a8:3a:bb:ec:28:73:a6:
7b:96:c4:10:3d:90:c2:29:46:05:30:58:bd:5f:24:f1:b0:19:
23:37:6a:95:0e:61:26:2d:89:04:53:1d:41:80:09:b8:9d:91:
95:6c:8c:dd:af:98:be:29:a3:24:4b:0c:96:33:e3:7c:96:94:
8b:58:64:60:0c:b0:a7:08:68:d0:61:10:66:8b:47:fc:ce:9b:
86:5a:4e:48:ae:36:65:9b:8b:9d:37:30:dc:aa:45:8d:41:44:
f4:c0:33:a8:e0:a5:82:e9:89:7f:0d:5d:8d:f5:84:70:77:e2:
11:f4:ee:60:e1:89:46:13:e9:83:58:9b:73:40:68:fb:fe:6a:
69:c1:85:22:b0:39:19:14:8f:a8:7d:89:5c:3f:e9:83:6e:bb:
6a:fb:02:fe:7b:b1:5f:df:3d:43:1c:8b:cb:10:5c:c4:f7:84:
42:ae:00:fc:75:25:ed:12:17:65:07:f6:e6:d3:0d:0d:8b:27:
a1:c0:23:9f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbd5L7+4unZqBV1nuBmZOqPtHSg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAyMDcwNjQ4NTNaFw0yNjAyMDYwNjUzNTNaMDMxMTAvBgNV
BAMTKDBBOTFENzAzNDgwMTI2OEIyNzg0NzE1RThEREU5MzMwQ0M3RTU2N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXWb8HabLPai0MkmuIb7nONlak
0VDz5voEfWq9a2hePydHZbmgPKhtMMcfNiqihfxEuPdHlXxOvLoWBS5laPPzSP7+
CmI5gzNNeMJTqgCKDPmAI/YR2EpFs9Rl3B/GgJ9MEGu2oBnRdiywGl/dXURuqyzB
0A+6arGaXbuIt2Tl98eQX6BqK1j/TiHsyWWtsdfYeR4NlLHO0iqPRbw2wadke6tJ
Hxha129ynx3qUPUu5s4+Msp/KMb3FMtQgS8FCtSfvgEHf5jY4YhadfpPiYJKb3d3
RODQYvSvjYYm4j/XgLlsMg2d2O78mDMnAqxkQmwjJMoAqB47dEaZ/RV7VPZvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCpHXA0gBJosnhHFejd6TMMx+VnowHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM0MzIzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3eMA0GCSqGSIb3DQEBCwUAA4IBAQAYtlbQg+EdTxeUpK9aj2q70/CHgREcx0AK
lK0HLKBiVmgDpqdo6MefWzOJKE+G9yVPAJTjRqBpoPSDOXk5pQNMgag6u+woc6Z7
lsQQPZDCKUYFMFi9XyTxsBkjN2qVDmEmLYkEUx1BgAm4nZGVbIzdr5i+KaMkSwyW
M+N8lpSLWGRgDLCnCGjQYRBmi0f8zpuGWk5IrjZlm4udNzDcqkWNQUT0wDOo4KWC
6Yl/DV2N9YRwd+IR9O5g4YlGE+mDWJtzQGj7/mppwYUisDkZFI+ofYlcP+mDbrtq
+wL+e7Ff3z1DHIvLEFzE94RCrgD8dSXtEhdlB/bm0w0NiyehwCOf
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:37 2025 by rpki-client