Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137372e302f32342d3234203d3e203438393235.roa
File: 3137382e3230382e3137372e302f32342d3234203d3e203438393235.roa (raw, json)
Hash identifier: BTd+dXr2MPcwTdORFS51zDghtcGxypmJ/3eydLu6Hp4=
Subject key identifier: 42:8C:81:DB:26:C0:65:AD:8C:62:61:E6:8E:D3:4D:CB:EE:27:3C:02
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 6EDDE6555ED6204CB4A7C30864BCFAF76EE1269C
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137372e302f32342d3234203d3e203438393235.roa
Signing time: Wed 12 Mar 2025 20:53:58 +0000
ROA not before: Wed 12 Mar 2025 20:48:58 +0000
ROA not after: Wed 11 Mar 2026 20:53:58 +0000
asID: 48925
IP address blocks: 178.208.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:dd:e6:55:5e:d6:20:4c:b4:a7:c3:08:64:bc:fa:f7:6e:e1:26:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Mar 12 20:48:58 2025 GMT
Not After : Mar 11 20:53:58 2026 GMT
Subject: CN=428C81DB26C065AD8C6261E68ED34DCBEE273C02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9f:96:60:32:a5:2b:5a:94:03:e7:5f:b2:37:
cd:63:b1:32:f4:27:a2:e9:49:65:70:64:17:f7:16:
41:fd:62:99:0a:8e:87:6b:7b:ae:36:80:47:bc:d3:
76:0e:42:ff:6a:08:37:30:9f:e8:c0:a5:53:0a:c7:
d5:49:da:f3:ee:51:68:e8:8a:2f:3e:ad:cc:e1:4c:
74:e4:df:10:c1:c6:da:98:a3:8f:63:e3:1e:7f:b1:
17:45:b1:3e:d8:37:94:94:d3:e9:e8:84:fd:34:4c:
67:8f:f7:fb:e9:10:36:b8:3b:66:9e:ea:47:b4:b9:
01:98:36:62:6f:b6:ec:a1:20:90:90:92:2b:5f:9b:
6b:d1:1a:42:45:65:48:f2:73:62:1a:f2:2e:e1:b1:
f2:82:b8:b5:c1:c9:b4:27:3e:e0:66:3b:3c:b2:7a:
fe:3b:c4:c9:cb:e5:10:63:9b:04:95:f4:25:5c:1f:
ac:09:57:28:df:48:33:c3:bf:04:77:95:3e:8a:9f:
38:38:b7:6d:a6:b9:10:73:0f:5e:d8:d9:03:45:6c:
c7:69:05:c0:af:60:8b:2c:5f:77:b8:51:a7:c4:d7:
7d:d3:40:2f:49:01:6d:61:2f:bc:f9:94:3e:b3:95:
50:c7:0a:f7:86:33:1b:2b:8f:dc:3c:94:1c:3b:22:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8C:81:DB:26:C0:65:AD:8C:62:61:E6:8E:D3:4D:CB:EE:27:3C:02
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3137372e302f32342d3234203d3e203438393235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.177.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:4e:ef:04:25:33:be:23:20:b7:31:3c:18:cf:4c:b8:ed:73:
c4:21:f2:95:80:37:2c:6b:1e:d9:3d:5a:ff:9a:57:b3:84:1e:
5d:ac:48:3a:e3:d0:75:05:9f:c6:46:4e:49:77:f5:75:3f:2e:
f7:1e:a7:f4:41:f5:4d:43:bf:4e:2b:b8:5c:07:1e:b0:9f:68:
6b:a6:57:c8:ea:48:46:1c:b0:f6:8f:92:00:3e:11:ae:ee:b8:
34:87:b0:a3:4e:b8:e9:a2:5f:eb:1b:1d:46:ed:32:af:b5:21:
4e:75:a6:cb:d4:f4:cb:a0:d0:1d:e8:08:71:2d:eb:fe:f0:20:
69:ee:d7:6b:10:8e:b3:f0:91:cc:0c:a7:66:35:ac:9b:46:3e:
8d:ba:46:0a:1b:e7:b2:fd:51:90:d7:5a:1a:73:8d:ea:46:cc:
ce:ed:00:81:0e:60:0a:4d:35:f7:97:9f:04:39:5a:0a:e8:46:
ee:85:3d:5a:18:a0:e7:50:61:17:3d:cc:bd:4c:07:f3:ea:db:
29:4a:19:ec:21:be:2d:ae:a5:1c:24:73:b1:8d:64:74:93:5d:
aa:f2:77:77:dd:1a:a6:bf:46:f6:1b:19:59:2c:a8:61:78:ef:
7b:16:c6:80:91:2a:de:f2:14:60:ab:73:6a:f9:bf:a8:e3:b2:
3f:bd:c9:b1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbt3mVV7WIEy0p8MIZLz6927hJpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTAzMTIyMDQ4NThaFw0yNjAzMTEyMDUzNThaMDMxMTAvBgNV
BAMTKDQyOEM4MURCMjZDMDY1QUQ4QzYyNjFFNjhFRDM0RENCRUUyNzNDMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZn5ZgMqUrWpQD51+yN81jsTL0
J6LpSWVwZBf3FkH9YpkKjodre642gEe803YOQv9qCDcwn+jApVMKx9VJ2vPuUWjo
ii8+rczhTHTk3xDBxtqYo49j4x5/sRdFsT7YN5SU0+nohP00TGeP9/vpEDa4O2ae
6ke0uQGYNmJvtuyhIJCQkitfm2vRGkJFZUjyc2Ia8i7hsfKCuLXBybQnPuBmOzyy
ev47xMnL5RBjmwSV9CVcH6wJVyjfSDPDvwR3lT6Knzg4t22muRBzD17Y2QNFbMdp
BcCvYIssX3e4UafE133TQC9JAW1hL7z5lD6zlVDHCveGMxsrj9w8lBw7Ii7jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQoyB2ybAZa2MYmHmjtNNy+4nPAIwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzOTMyMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy0LEwDQYJKoZIhvcNAQELBQADggEBAHxO7wQlM74jILcxPBjPTLjtc8Qh8pWA
NyxrHtk9Wv+aV7OEHl2sSDrj0HUFn8ZGTkl39XU/Lvcep/RB9U1Dv04ruFwHHrCf
aGumV8jqSEYcsPaPkgA+Ea7uuDSHsKNOuOmiX+sbHUbtMq+1IU51psvU9Mug0B3o
CHEt6/7wIGnu12sQjrPwkcwMp2Y1rJtGPo26Rgob57L9UZDXWhpzjepGzM7tAIEO
YApNNfeXnwQ5WgroRu6FPVoYoOdQYRc9zL1MB/Pq2ylKGewhvi2upRwkc7GNZHST
Xaryd3fdGqa/RvYbGVksqGF473sWxoCRKt7yFGCrc2r5v6jjsj+9ybE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:25:33 2025 by rpki-client