Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20323132323338.roa
File: 38352e3131372e3232392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: qWG9h0hKE/+rc67V6b0QtNqJKNBV/dmrN+3owun/5GY=
Subject key identifier: D3:42:B3:23:01:62:58:4E:C2:05:74:0E:A1:AF:5D:26:79:30:B5:C1
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7DEDC0D4A9A10F2B677F7EB014EDBEF1EC9EA816
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 11 Feb 2025 23:21:57 +0000
ROA not before: Tue 11 Feb 2025 23:16:57 +0000
ROA not after: Tue 10 Feb 2026 23:21:57 +0000
asID: 212238
IP address blocks: 85.117.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:ed:c0:d4:a9:a1:0f:2b:67:7f:7e:b0:14:ed:be:f1:ec:9e:a8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 11 23:16:57 2025 GMT
Not After : Feb 10 23:21:57 2026 GMT
Subject: CN=D342B3230162584EC205740EA1AF5D267930B5C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:81:71:da:17:d6:81:17:90:7e:0f:40:03:fa:
be:e0:da:2b:87:c2:db:e0:16:e7:59:04:ab:7c:f3:
b3:28:27:36:cf:7c:62:b2:15:5b:1a:8d:43:c4:5e:
9b:b2:86:ee:29:18:c9:83:bb:e0:6b:21:4d:04:37:
23:05:1b:4d:b8:e7:eb:f7:f1:74:61:59:90:11:1b:
f9:f1:a1:90:e5:e6:37:4e:2f:f0:1f:97:a1:c7:28:
2f:b5:e6:90:2b:c7:e9:79:80:76:d2:97:1b:04:ec:
84:37:cb:25:52:4d:58:ff:21:f0:3d:2a:7e:56:5a:
d2:98:74:c3:82:b7:ca:d1:f0:44:05:b5:d8:c7:79:
d9:3e:60:b7:03:1f:d7:7c:4d:36:d9:87:5b:57:ed:
3c:47:b6:3c:ac:81:e0:58:1f:ac:bf:4b:3e:e2:b3:
07:e5:8d:11:19:e7:e5:f1:d4:91:b1:39:9d:17:cb:
ab:3a:59:b0:06:ed:f5:ad:79:2b:f1:15:fc:a2:51:
11:a9:71:a2:38:92:7a:71:39:b6:39:5d:25:4d:58:
c3:c3:bc:8f:75:7c:3f:69:83:04:da:1e:08:e7:91:
fd:e3:e8:3f:47:5b:26:46:e9:70:d8:22:68:fb:8f:
10:5d:af:60:2f:3b:bd:56:c8:34:a5:45:d3:75:c6:
a1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:42:B3:23:01:62:58:4E:C2:05:74:0E:A1:AF:5D:26:79:30:B5:C1
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.229.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:42:05:d3:10:5c:53:f1:8b:1c:e8:60:84:24:be:06:ac:a6:
8e:25:d3:b5:66:dd:b6:c8:45:29:e0:a1:59:e1:2c:a5:18:5f:
be:2e:0b:06:e9:ac:c6:9f:b9:de:9e:9d:71:60:9a:67:b3:8b:
25:2f:ad:22:05:53:e7:62:e1:d5:a2:60:97:3b:cf:e6:86:97:
92:1f:7d:98:61:95:e0:36:99:4c:df:a1:3a:03:c3:7f:cc:01:
e3:18:0b:4e:d3:71:ea:4e:6c:eb:ac:60:b7:30:3f:4c:da:89:
b5:58:95:71:7f:e7:81:f8:df:e1:1c:65:f6:d4:db:68:1b:7c:
6c:3b:e3:38:03:36:bc:35:63:1e:29:c3:99:87:35:a7:94:cd:
c4:76:90:4a:e4:fd:79:ad:f4:39:33:51:b8:36:c8:ff:fb:94:
7a:90:f9:57:cc:51:6b:70:91:ca:a7:e0:25:f8:83:84:c2:ad:
ee:81:a2:68:c2:2c:c7:1c:d2:ac:10:fd:7d:df:a3:35:8b:8d:
98:e6:6d:f3:a9:a8:1e:03:2a:cc:ce:02:b4:b2:0e:2b:a7:fb:
fa:5c:5e:82:fe:f0:15:02:f9:6c:05:bd:08:ea:98:a3:08:9e:
a7:79:f8:b4:fd:7d:c9:ee:53:d4:ed:73:f9:17:48:6d:eb:8d:
cb:36:96:84
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfe3A1KmhDytnf36wFO2+8eyeqBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTEyMzE2NTdaFw0yNjAyMTAyMzIxNTdaMDMxMTAvBgNV
BAMTKEQzNDJCMzIzMDE2MjU4NEVDMjA1NzQwRUExQUY1RDI2NzkzMEI1QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwgXHaF9aBF5B+D0AD+r7g2iuH
wtvgFudZBKt887MoJzbPfGKyFVsajUPEXpuyhu4pGMmDu+BrIU0ENyMFG0245+v3
8XRhWZARG/nxoZDl5jdOL/Afl6HHKC+15pArx+l5gHbSlxsE7IQ3yyVSTVj/IfA9
Kn5WWtKYdMOCt8rR8EQFtdjHedk+YLcDH9d8TTbZh1tX7TxHtjysgeBYH6y/Sz7i
swfljREZ5+Xx1JGxOZ0Xy6s6WbAG7fWteSvxFfyiURGpcaI4knpxObY5XSVNWMPD
vI91fD9pgwTaHgjnkf3j6D9HWyZG6XDYImj7jxBdr2AvO71WyDSlRdN1xqErAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU00KzIwFiWE7CBXQOoa9dJnkwtcEwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVdeUwDQYJKoZIhvcNAQELBQADggEBAAxCBdMQXFPxixzoYIQkvgaspo4l07Vm
3bbIRSngoVnhLKUYX74uCwbprMafud6enXFgmmeziyUvrSIFU+di4dWiYJc7z+aG
l5IffZhhleA2mUzfoToDw3/MAeMYC07TcepObOusYLcwP0zaibVYlXF/54H43+Ec
ZfbU22gbfGw74zgDNrw1Yx4pw5mHNaeUzcR2kErk/Xmt9DkzUbg2yP/7lHqQ+VfM
UWtwkcqn4CX4g4TCre6BomjCLMcc0qwQ/X3fozWLjZjmbfOpqB4DKszOArSyDiun
+/pcXoL+8BUC+WwFvQjqmKMInqd5+LT9fcnuU9Ttc/kXSG3rjcs2loQ=
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:52:55 2025 by rpki-client