Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135372e302f32342d3234203d3e203631333137.roa
File: 3138382e3136342e3135372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 1OXX2SrcK/gmhp0BoSKo0TlJRIbDJQHbnTI5VzAFuV4=
Subject key identifier: 3F:6C:A7:6C:CA:45:D5:6D:0B:E2:C4:79:51:0B:43:96:B1:7C:CB:F2
Certificate issuer: /CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Certificate serial: 14B7CE6C85B5BB58A0663F051360E296DA2EC6F9
Authority key identifier: 8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135372e302f32342d3234203d3e203631333137.roa
Signing time: Thu 20 Mar 2025 14:53:58 +0000
ROA not before: Thu 20 Mar 2025 14:48:58 +0000
ROA not after: Thu 19 Mar 2026 14:53:58 +0000
asID: 61317
IP address blocks: 188.164.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:b7:ce:6c:85:b5:bb:58:a0:66:3f:05:13:60:e2:96:da:2e:c6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Validity
Not Before: Mar 20 14:48:58 2025 GMT
Not After : Mar 19 14:53:58 2026 GMT
Subject: CN=3F6CA76CCA45D56D0BE2C479510B4396B17CCBF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:fc:36:66:30:21:6e:05:72:69:e2:97:1e:
95:d3:d8:7b:54:3b:db:a0:b2:01:2f:d3:57:4a:08:
0c:93:1b:ca:3c:0c:5f:63:78:a6:cc:66:9c:2b:50:
12:36:7f:d0:a7:72:ea:0c:0d:e4:77:91:11:ac:cb:
ba:bb:9b:06:47:41:0f:4e:0f:d6:43:c9:74:20:8a:
74:34:d8:07:52:8f:32:d5:06:03:6c:6d:ad:1c:aa:
1e:79:77:4f:74:40:a5:14:1f:f8:59:30:ff:36:34:
7c:06:7d:c8:1f:77:30:0d:cc:f9:4c:9a:b8:dd:4c:
e1:65:45:e3:13:bd:f9:bb:cf:42:c3:d3:95:05:c0:
60:2e:55:d0:bc:f4:43:cf:1e:76:ce:50:bb:1a:4f:
f9:07:4f:76:15:01:23:22:11:c9:be:ae:e7:63:2a:
af:1c:5e:6f:6e:09:68:67:de:f4:ee:82:40:d3:81:
2f:e8:c5:5f:40:2a:bc:bc:f0:ae:77:17:c4:86:90:
17:19:48:bc:7f:4a:f5:ee:5b:13:10:84:0e:ce:71:
03:5b:48:ac:6b:82:17:06:4a:58:a9:31:1a:44:5e:
5c:76:d5:ce:ec:78:97:d6:ee:63:1f:9c:b6:f6:26:
8d:7b:b0:55:e8:f5:31:53:7e:ab:89:c6:c3:a9:94:
b3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6C:A7:6C:CA:45:D5:6D:0B:E2:C4:79:51:0B:43:96:B1:7C:CB:F2
X509v3 Authority Key Identifier:
keyid:8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.164.157.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:27:75:f6:1d:19:39:a1:86:fd:f8:f7:b4:68:ff:5d:c5:88:
f5:50:30:8b:41:e5:e0:56:aa:6f:da:84:eb:24:f3:c5:23:e9:
3d:69:d4:4b:32:09:16:85:fb:f1:ba:2f:18:d2:f0:e4:2f:52:
5a:5f:92:86:3b:98:f0:20:1b:eb:40:b3:5a:19:d9:92:28:9a:
1e:55:a9:2b:ba:2e:71:fb:59:7d:63:31:c2:4c:47:53:32:de:
9b:93:77:a5:92:b3:b4:39:77:6e:98:cb:7f:ea:a8:55:61:ee:
89:c9:c2:fc:b0:65:3e:b3:ec:f2:68:cd:4a:8c:33:fb:69:20:
b1:46:44:a4:86:1d:09:f7:4d:72:9e:eb:17:47:4b:52:82:5f:
cc:4d:9d:3b:b4:4d:af:a7:e7:e0:ac:2a:55:02:34:9c:1a:44:
42:96:bb:1d:e4:ed:91:69:46:24:81:9e:a5:b3:f1:df:be:66:
30:f9:c3:19:e5:00:16:19:c1:ed:f9:76:9b:64:0b:16:98:f3:
18:b9:37:97:73:2d:98:d3:1a:67:54:58:f5:59:f8:50:99:22:
51:ac:ab:2b:06:fa:76:0c:23:d0:14:ad:17:cf:fb:f4:d2:1d:
50:2c:3d:7f:8b:39:66:92:06:74:82:9e:80:4b:a8:96:cf:33:
12:9d:23:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFLfObIW1u1igZj8FE2DiltouxvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI5YmE5YWRkZTk2MzU3NzdiZjU4NmZkNDkzZTE0Y2Qz
MGY3YzRjYTAeFw0yNTAzMjAxNDQ4NThaFw0yNjAzMTkxNDUzNThaMDMxMTAvBgNV
BAMTKDNGNkNBNzZDQ0E0NUQ1NkQwQkUyQzQ3OTUxMEI0Mzk2QjE3Q0NCRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqAvw2ZjAhbgVyaeKXHpXT2HtU
O9ugsgEv01dKCAyTG8o8DF9jeKbMZpwrUBI2f9CncuoMDeR3kRGsy7q7mwZHQQ9O
D9ZDyXQginQ02AdSjzLVBgNsba0cqh55d090QKUUH/hZMP82NHwGfcgfdzANzPlM
mrjdTOFlReMTvfm7z0LD05UFwGAuVdC89EPPHnbOULsaT/kHT3YVASMiEcm+rudj
Kq8cXm9uCWhn3vTugkDTgS/oxV9AKry88K53F8SGkBcZSLx/SvXuWxMQhA7OcQNb
SKxrghcGSlipMRpEXlx21c7seJfW7mMfnLb2Jo17sFXo9TFTfquJxsOplLObAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUP2ynbMpF1W0L4sR5UQtDlrF8y/IwHwYDVR0j
BBgwFoAUi5uprd6WNXd79Yb9ST4UzTD3xMowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAtZjZlMC00MTBjLWJjOTktYWYwOTIxZDFj
M2E0LzAvOEI5QkE5QURERTk2MzU3NzdCRjU4NkZENDkzRTE0Q0QzMEY3QzRDQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2k1dXByZDZXTlhkNzlZYjlTVDRVelRE
M3hNby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAt
ZjZlMC00MTBjLWJjOTktYWYwOTIxZDFjM2E0LzAvMzEzODM4MmUzMTM2MzQyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC8pJ0wDQYJKoZIhvcNAQELBQADggEBAFondfYdGTmhhv3497Ro/13FiPVQMItB
5eBWqm/ahOsk88Uj6T1p1EsyCRaF+/G6LxjS8OQvUlpfkoY7mPAgG+tAs1oZ2ZIo
mh5VqSu6LnH7WX1jMcJMR1My3puTd6WSs7Q5d26Yy3/qqFVh7onJwvywZT6z7PJo
zUqMM/tpILFGRKSGHQn3TXKe6xdHS1KCX8xNnTu0Ta+n5+CsKlUCNJwaREKWux3k
7ZFpRiSBnqWz8d++ZjD5wxnlABYZwe35dptkCxaY8xi5N5dzLZjTGmdUWPVZ+FCZ
IlGsqysG+nYMI9AUrRfP+/TSHVAsPX+LOWaSBnSCnoBLqJbPMxKdI5Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:59:36 2025 by rpki-client