Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
File: 3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: rGW7/8GB609/SHNrTEWoAaTI5dQHouhe15jjA9R2QwM=
Subject key identifier: 5A:23:5E:31:E2:B8:75:CC:A3:4C:B8:45:81:D3:24:D0:45:E4:7D:A2
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 199575D879ECF186BC39F4014033ACE2DB7B3281
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
Signing time: Mon 17 Mar 2025 08:53:58 +0000
ROA not before: Mon 17 Mar 2025 08:48:58 +0000
ROA not after: Mon 16 Mar 2026 08:53:58 +0000
asID: 211440
IP address blocks: 185.226.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:95:75:d8:79:ec:f1:86:bc:39:f4:01:40:33:ac:e2:db:7b:32:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Mar 17 08:48:58 2025 GMT
Not After : Mar 16 08:53:58 2026 GMT
Subject: CN=5A235E31E2B875CCA34CB84581D324D045E47DA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:39:1e:96:ac:82:23:60:fb:2b:38:13:d8:
83:96:ff:f3:fe:0f:92:1f:f0:85:7a:99:c3:b6:8c:
a0:fc:e1:06:50:c0:9d:a8:8f:9d:34:8b:0b:f6:d6:
53:44:d3:52:26:4c:d4:2c:84:f0:57:18:ab:12:82:
61:29:7d:3d:d9:d8:c1:25:fb:d9:03:db:85:d3:51:
0c:6c:54:98:d1:de:6d:69:18:8f:14:46:90:81:96:
fc:66:5c:61:74:33:45:b4:18:aa:e7:6a:e9:34:70:
80:c9:be:97:9f:76:c4:b5:5d:f8:5d:27:c3:9b:8c:
f9:0c:d8:51:0d:ed:7a:e0:a7:b1:51:28:8c:b7:cf:
25:ad:95:e5:bb:86:77:6d:2a:38:1e:86:9b:dc:13:
16:17:7b:06:c5:ef:14:f9:9e:9d:5c:c0:99:0a:f5:
d7:60:8c:a5:46:0d:4c:94:dd:66:2b:c1:e8:e1:ff:
70:20:78:ad:b3:05:ff:63:1d:74:a5:a9:e5:58:1a:
81:93:ba:e8:de:f0:c1:32:48:f2:fc:d4:4d:5b:3e:
40:82:87:a3:12:cc:e5:88:b0:03:10:11:1c:d1:ae:
fa:4d:0a:a0:9a:e1:e8:ce:d1:ef:de:7e:b8:90:5d:
2a:0c:e7:3e:9d:f5:0e:2a:c7:09:f2:1d:7a:98:ef:
4c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:23:5E:31:E2:B8:75:CC:A3:4C:B8:45:81:D3:24:D0:45:E4:7D:A2
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.153.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:4b:1f:e3:12:8d:56:cf:7d:6b:f6:1b:23:6b:8b:6f:0d:8c:
5d:77:93:e3:2b:cf:3a:13:cf:93:76:78:cb:fa:dd:0f:3e:54:
ba:0f:02:0a:c3:50:14:d6:ec:7d:90:5f:df:c5:f3:d1:47:0c:
fa:e3:fc:5d:b6:33:2f:cb:fe:70:00:7c:0f:51:a0:05:dc:b1:
2a:bd:8e:14:27:27:3f:1e:3f:12:54:25:5f:b3:97:7d:21:1f:
06:db:45:64:69:7c:8d:ba:c2:ad:46:2d:bc:65:44:c9:bc:5f:
8e:ce:90:56:14:ca:f3:3b:56:58:bb:4c:10:3e:42:87:74:6a:
05:b5:25:1d:35:e6:c4:99:03:a7:a4:1b:2d:f4:6f:19:59:f3:
b8:7d:fc:6c:1d:1d:d0:45:f3:c9:53:d1:0c:20:8f:83:e7:86:
38:ad:cd:1d:20:bf:2f:af:6f:16:21:5e:62:b9:3e:b9:36:10:
85:4e:b2:1a:e6:84:c0:5b:8c:4d:9f:2b:ff:bf:1d:45:05:4b:
27:ba:33:13:d5:6b:02:10:ce:f4:d4:bd:b4:98:b0:58:da:f0:
2e:3b:cd:c0:e0:1e:56:b9:08:98:d2:3e:b5:2a:a2:8a:1e:a3:
90:61:ab:e4:1a:ff:8b:67:82:c6:16:61:8b:8f:3c:b9:24:d6:
fa:3d:58:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGZV12Hns8Ya8OfQBQDOs4tt7MoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTAzMTcwODQ4NThaFw0yNjAzMTYwODUzNThaMDMxMTAvBgNV
BAMTKDVBMjM1RTMxRTJCODc1Q0NBMzRDQjg0NTgxRDMyNEQwNDVFNDdEQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0VzkelqyCI2D7KzgT2IOW//P+
D5If8IV6mcO2jKD84QZQwJ2oj500iwv21lNE01ImTNQshPBXGKsSgmEpfT3Z2MEl
+9kD24XTUQxsVJjR3m1pGI8URpCBlvxmXGF0M0W0GKrnauk0cIDJvpefdsS1Xfhd
J8ObjPkM2FEN7Xrgp7FRKIy3zyWtleW7hndtKjgehpvcExYXewbF7xT5np1cwJkK
9ddgjKVGDUyU3WYrwejh/3AgeK2zBf9jHXSlqeVYGoGTuuje8MEySPL81E1bPkCC
h6MSzOWIsAMQERzRrvpNCqCa4ejO0e/efriQXSoM5z6d9Q4qxwnyHXqY70x9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWiNeMeK4dcyjTLhFgdMk0EXkfaIwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnimTANBgkqhkiG9w0BAQsFAAOCAQEAwksf4xKNVs99a/YbI2uLbw2MXXeT
4yvPOhPPk3Z4y/rdDz5Uug8CCsNQFNbsfZBf38Xz0UcM+uP8XbYzL8v+cAB8D1Gg
BdyxKr2OFCcnPx4/ElQlX7OXfSEfBttFZGl8jbrCrUYtvGVEybxfjs6QVhTK8ztW
WLtMED5Ch3RqBbUlHTXmxJkDp6QbLfRvGVnzuH38bB0d0EXzyVPRDCCPg+eGOK3N
HSC/L69vFiFeYrk+uTYQhU6yGuaEwFuMTZ8r/78dRQVLJ7ozE9VrAhDO9NS9tJiw
WNrwLjvNwOAeVrkImNI+tSqiih6jkGGr5Br/i2eCxhZhi488uSTW+j1YqQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 20:30:06 2025 by rpki-client