Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203632323430.roa
File: 3138352e3231332e3235312e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: r8RD1SHQl6OybEgdZXTaDzaRDBKJoFWuS6Yc77FVHmo=
Subject key identifier: B8:D7:3D:3A:1F:05:8D:40:C4:E2:82:60:D1:8F:75:17:13:8F:C6:7F
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 44106B2342A01323E63E97BE01DC62546054610C
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203632323430.roa
Signing time: Thu 13 Feb 2025 09:15:37 +0000
ROA not before: Thu 13 Feb 2025 09:10:37 +0000
ROA not after: Thu 12 Feb 2026 09:15:37 +0000
asID: 62240
IP address blocks: 185.213.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:10:6b:23:42:a0:13:23:e6:3e:97:be:01:dc:62:54:60:54:61:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 13 09:10:37 2025 GMT
Not After : Feb 12 09:15:37 2026 GMT
Subject: CN=B8D73D3A1F058D40C4E28260D18F7517138FC67F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:c2:71:ef:cb:9b:ec:7d:e9:f7:dc:e5:b2:
c2:ad:52:13:49:8b:c6:9e:6f:32:30:ba:d5:76:97:
97:1d:6b:1a:5f:e4:cc:55:ae:35:44:45:72:bb:82:
aa:b0:61:9f:54:a9:8c:b3:c7:c1:b7:94:94:49:9d:
27:6c:70:2e:25:dd:68:52:7c:ac:36:91:04:fc:b4:
c2:6d:fa:b7:1e:a4:2e:9c:0d:b0:8b:00:75:25:e4:
f7:3f:64:d6:6e:cb:ae:94:37:55:5c:89:42:7c:eb:
ed:ba:9e:5c:0d:86:cf:99:de:6e:9c:72:49:07:2d:
6e:d1:d8:d9:17:c9:9c:bf:e8:01:de:fb:d3:9f:c2:
00:1a:eb:3c:10:7d:b5:40:e0:84:8a:9e:53:78:91:
93:fb:0e:f2:99:0c:d0:a0:ac:fc:e7:b5:e6:73:5f:
e2:7c:38:31:88:56:12:ce:76:4d:e2:04:ff:91:e8:
a0:c6:57:84:07:c8:9c:05:b9:8e:17:6e:51:e6:f0:
11:28:3e:a0:e7:c9:c7:ed:d4:74:74:61:e4:a3:e4:
d6:20:75:8e:ec:9d:21:f3:57:4f:4e:6a:5a:20:5b:
58:cb:3c:3b:29:42:9e:6b:52:19:51:23:77:3a:be:
ad:a8:c1:a5:e5:7e:20:21:e6:9b:1f:ee:2e:6f:7e:
5b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D7:3D:3A:1F:05:8D:40:C4:E2:82:60:D1:8F:75:17:13:8F:C6:7F
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.251.0/24
Signature Algorithm: sha256WithRSAEncryption
71:1e:88:33:b0:0a:78:2d:31:b5:eb:50:0f:6f:b9:41:d5:11:
15:8a:96:f9:f0:58:97:c0:81:5b:86:73:5a:66:34:0f:24:73:
9a:f4:5a:aa:09:74:06:5a:03:37:61:77:d4:7c:65:d2:f4:5b:
2f:c8:ee:79:81:a1:e4:7c:01:87:0c:96:98:d6:44:5b:4a:aa:
d1:d5:ba:c6:9c:35:28:39:d4:37:55:64:0e:a7:5e:16:5c:34:
44:7d:d8:5b:cc:96:4d:14:12:a5:38:1e:e0:ce:1e:54:49:79:
87:5b:59:1b:66:f5:57:46:b3:b9:54:3b:27:8d:b5:2e:7a:2e:
ff:b8:83:4f:6a:4a:5a:2d:43:d7:b4:91:35:91:ec:cd:d7:a6:
38:2b:9a:02:d6:cd:c7:a2:4d:b2:16:04:af:7e:2b:22:b2:57:
b4:c6:0e:a4:01:06:1b:07:06:dc:a5:10:66:7d:ef:74:52:fd:
d1:a7:88:cc:d3:75:7a:a2:4d:7e:e4:17:19:48:0c:ff:3c:a2:
da:18:7f:f1:34:e3:3c:34:48:ea:77:25:68:88:b4:f7:13:19:
31:39:0b:ff:97:f6:26:36:6a:dc:b4:d2:ab:6b:63:c7:90:95:
1a:2a:f3:e8:a7:df:56:bb:86:28:36:3c:68:ec:79:1c:57:35:
86:90:0c:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURBBrI0KgEyPmPpe+AdxiVGBUYQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTMwOTEwMzdaFw0yNjAyMTIwOTE1MzdaMDMxMTAvBgNV
BAMTKEI4RDczRDNBMUYwNThENDBDNEUyODI2MEQxOEY3NTE3MTM4RkM2N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsQ8Jx78ub7H3p99zlssKtUhNJ
i8aebzIwutV2l5cdaxpf5MxVrjVERXK7gqqwYZ9UqYyzx8G3lJRJnSdscC4l3WhS
fKw2kQT8tMJt+rcepC6cDbCLAHUl5Pc/ZNZuy66UN1VciUJ86+26nlwNhs+Z3m6c
ckkHLW7R2NkXyZy/6AHe+9OfwgAa6zwQfbVA4ISKnlN4kZP7DvKZDNCgrPznteZz
X+J8ODGIVhLOdk3iBP+R6KDGV4QHyJwFuY4XblHm8BEoPqDnycft1HR0YeSj5NYg
dY7snSHzV09OalogW1jLPDspQp5rUhlRI3c6vq2owaXlfiAh5psf7i5vflt7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuNc9Oh8FjUDE4oJg0Y91FxOPxn8wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fswDQYJKoZIhvcNAQELBQADggEBAHEeiDOwCngtMbXrUA9vuUHVERWKlvnw
WJfAgVuGc1pmNA8kc5r0WqoJdAZaAzdhd9R8ZdL0Wy/I7nmBoeR8AYcMlpjWRFtK
qtHVusacNSg51DdVZA6nXhZcNER92FvMlk0UEqU4HuDOHlRJeYdbWRtm9VdGs7lU
OyeNtS56Lv+4g09qSlotQ9e0kTWR7M3XpjgrmgLWzceiTbIWBK9+KyKyV7TGDqQB
BhsHBtylEGZ973RS/dGniMzTdXqiTX7kFxlIDP88otoYf/E04zw0SOp3JWiItPcT
GTE5C/+X9iY2aty00qtrY8eQlRoq8+in31a7hig2PGjseRxXNYaQDGo=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:20:20 2025 by rpki-client