Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
File: AS395374.roa (raw, json)
Hash identifier: LG+jK6mqS0HGyH7Yp3xRDizEidqKleEgFckD/82ZTow=
Subject key identifier: 86:45:5C:DA:07:A1:2F:3C:0F:3D:2C:E4:DF:8C:58:F2:84:6B:A2:94
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0D3394ACFC0514328BC4DFAA93CC36B11A8615C5
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
Signing time: Wed 12 Feb 2025 12:58:59 +0000
ROA not before: Wed 12 Feb 2025 12:53:59 +0000
ROA not after: Wed 11 Feb 2026 12:58:59 +0000
asID: 395374
IP address blocks: 82.29.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:33:94:ac:fc:05:14:32:8b:c4:df:aa:93:cc:36:b1:1a:86:15:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 12 12:53:59 2025 GMT
Not After : Feb 11 12:58:59 2026 GMT
Subject: CN=86455CDA07A12F3C0F3D2CE4DF8C58F2846BA294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:d2:ba:e5:db:0d:50:83:df:71:46:a9:1a:
ec:31:a5:a6:73:60:13:72:e1:57:32:4a:75:05:15:
49:1d:36:ef:ca:f1:28:f4:07:5d:29:05:2b:7e:ec:
53:64:c3:30:b4:a1:ea:4e:87:a8:78:a1:8a:0f:e3:
1a:9a:db:c0:52:ab:76:2d:c0:0a:83:5b:13:0b:42:
ad:ef:d9:2c:46:7a:1c:84:67:28:12:4d:37:f0:f0:
ff:c6:4a:d0:77:fc:14:7a:e1:a7:da:6b:92:78:95:
5d:5e:03:08:ad:e8:5c:ec:39:27:1a:b8:25:5f:8c:
0f:a3:a7:69:7e:64:af:08:c9:af:53:25:c1:e0:dd:
ea:d7:96:43:2c:7e:ae:64:c0:ff:65:fe:d6:10:4c:
2d:2b:6e:af:fb:5e:b3:1c:da:f9:8c:b0:e1:a4:4f:
f7:69:32:b0:a0:bd:3b:99:4f:44:26:af:b9:8c:f7:
ae:1c:61:a1:44:81:1a:10:a8:ce:92:60:fd:f0:dd:
1d:2a:fc:61:87:cb:30:f8:60:35:e9:29:4c:a4:d6:
27:9f:34:49:91:02:a3:40:da:ef:21:92:32:4c:59:
c5:60:03:dc:f1:5e:92:8a:05:a1:a3:69:48:01:b8:
a0:cd:5a:d3:75:dc:a2:4d:37:de:01:f0:e2:13:9e:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:45:5C:DA:07:A1:2F:3C:0F:3D:2C:E4:DF:8C:58:F2:84:6B:A2:94
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS395374.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.127.0/24
Signature Algorithm: sha256WithRSAEncryption
04:74:60:53:b8:86:37:36:1f:da:65:e0:40:48:66:17:85:27:
df:2c:81:94:1f:a0:43:be:80:a9:f3:51:ec:9d:d1:bb:12:7f:
55:e4:cd:fa:fd:3a:8f:2b:a5:4e:69:f1:24:bf:8f:28:e9:bd:
34:ca:d5:df:01:39:f5:81:55:d7:1a:1a:79:9d:0f:cb:de:81:
11:68:e2:99:b7:4a:b7:c8:e1:d1:a8:8a:8c:1f:55:86:d5:15:
a6:3c:40:17:c9:49:38:66:5c:63:6a:a7:85:fb:91:21:db:d0:
a5:23:c8:be:60:75:78:04:46:e4:06:96:13:43:ad:b1:bf:57:
46:8d:25:ed:0a:2c:e5:76:36:d4:0f:56:f8:5a:ef:92:1e:12:
cf:f7:03:b3:63:ba:06:8f:77:f5:7e:da:cd:11:cc:5f:0d:5a:
c6:24:11:09:5a:ef:80:34:0e:6f:4f:55:f8:10:ae:24:10:7f:
0f:55:fe:cd:dc:56:69:85:6e:5f:88:de:89:3e:bb:82:98:e6:
54:bf:c4:ec:da:2f:15:14:fd:7e:ba:96:37:03:eb:5c:99:d7:
d3:b1:e3:68:d5:2c:95:68:77:11:a2:d8:57:f2:b9:09:05:32:
38:4b:eb:f3:e1:93:54:04:ed:c2:9c:91:69:22:fc:3d:64:97:
fa:7a:e3:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUDTOUrPwFFDKLxN+qk8w2sRqGFcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTIxMjUzNTlaFw0yNjAyMTExMjU4NTlaMDMxMTAvBgNV
BAMTKDg2NDU1Q0RBMDdBMTJGM0MwRjNEMkNFNERGOEM1OEYyODQ2QkEyOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt79K65dsNUIPfcUapGuwxpaZz
YBNy4VcySnUFFUkdNu/K8Sj0B10pBSt+7FNkwzC0oepOh6h4oYoP4xqa28BSq3Yt
wAqDWxMLQq3v2SxGehyEZygSTTfw8P/GStB3/BR64afaa5J4lV1eAwit6FzsOSca
uCVfjA+jp2l+ZK8Iya9TJcHg3erXlkMsfq5kwP9l/tYQTC0rbq/7XrMc2vmMsOGk
T/dpMrCgvTuZT0Qmr7mM964cYaFEgRoQqM6SYP3w3R0q/GGHyzD4YDXpKUyk1ief
NEmRAqNA2u8hkjJMWcVgA9zxXpKKBaGjaUgBuKDNWtN13KJNN94B8OITntH/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUhkVc2gehLzwPPSzk34xY8oRropQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh1/
MA0GCSqGSIb3DQEBCwUAA4IBAQAEdGBTuIY3Nh/aZeBASGYXhSffLIGUH6BDvoCp
81HsndG7En9V5M36/TqPK6VOafEkv48o6b00ytXfATn1gVXXGhp5nQ/L3oERaOKZ
t0q3yOHRqIqMH1WG1RWmPEAXyUk4ZlxjaqeF+5Eh29ClI8i+YHV4BEbkBpYTQ62x
v1dGjSXtCizldjbUD1b4Wu+SHhLP9wOzY7oGj3f1ftrNEcxfDVrGJBEJWu+ANA5v
T1X4EK4kEH8PVf7N3FZphW5fiN6JPruCmOZUv8Ts2i8VFP1+upY3A+tcmdfTseNo
1SyVaHcRothX8rkJBTI4S+vz4ZNUBO3CnJFpIvw9ZJf6euPo
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:44 2025 by rpki-client