Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132312e302f32342d3234203d3e203631333137.roa
File: 37382e32342e3132312e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: PNy4BBOReJ4B4LRwKHBjnzscIyK0n1F3JT7zrSI8uHw=
Subject key identifier: 78:17:8F:D7:41:F9:91:A3:EB:82:C2:47:AE:91:D1:C0:E1:98:D5:A4
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 701F1B97436EFDF4F6CAB2FB1682770DDAC8CA63
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132312e302f32342d3234203d3e203631333137.roa
Signing time: Thu 06 Mar 2025 12:53:56 +0000
ROA not before: Thu 06 Mar 2025 12:48:56 +0000
ROA not after: Thu 05 Mar 2026 12:53:56 +0000
asID: 61317
IP address blocks: 78.24.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:1f:1b:97:43:6e:fd:f4:f6:ca:b2:fb:16:82:77:0d:da:c8:ca:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Mar 6 12:48:56 2025 GMT
Not After : Mar 5 12:53:56 2026 GMT
Subject: CN=78178FD741F991A3EB82C247AE91D1C0E198D5A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3f:06:8a:d0:92:4e:9a:48:2b:a0:9a:1c:af:
2d:c9:1c:dd:40:cb:02:0c:01:1b:57:51:0b:59:d7:
23:b9:00:39:d6:03:66:28:7c:a4:6d:67:3a:82:7a:
20:99:65:23:df:68:a7:78:93:49:71:53:90:5f:44:
ed:4f:aa:2e:e1:5a:1e:17:f5:cd:b4:a7:ba:4e:63:
e8:92:9e:21:fc:5e:51:01:5c:26:a5:9a:0a:c0:eb:
a1:20:32:53:62:ec:4b:70:65:fe:08:e9:d7:f9:14:
1d:79:88:25:56:5b:95:45:78:ad:0f:78:c6:b4:e9:
33:9b:65:18:0c:4b:cf:59:a0:da:83:3a:f1:76:47:
cb:90:88:15:6c:c7:af:3f:36:9f:ae:0f:f9:c0:64:
d0:25:d7:01:14:d0:4e:7f:87:63:c8:e5:2b:35:7a:
a8:0c:0d:c2:fa:a7:76:33:dd:0f:86:ab:37:46:66:
3b:8e:4a:e0:e1:8b:20:99:b0:3b:e3:d1:10:9e:05:
29:24:23:b8:c5:42:6f:96:cf:c2:28:be:83:a3:4b:
bd:0f:29:a0:90:22:1d:23:cc:c2:7b:6f:ab:90:9e:
c1:b6:a1:fd:4c:90:7e:68:b4:7b:5f:56:0e:de:a4:
40:d8:d0:d4:e9:b9:c1:23:aa:e7:dc:0e:9f:e5:da:
cf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:17:8F:D7:41:F9:91:A3:EB:82:C2:47:AE:91:D1:C0:E1:98:D5:A4
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132312e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.121.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b9:c3:d1:df:02:aa:03:83:b0:a0:b8:c1:a8:44:83:8d:1f:
fc:47:4c:4d:cc:71:9b:87:89:d4:68:36:b8:f0:8d:c7:b2:1f:
ba:dd:b3:db:ca:66:b5:86:aa:82:5e:e1:5b:c0:f0:5a:d6:64:
e5:67:9f:b1:2e:0f:51:f7:90:2e:b6:4d:c6:8b:1b:21:30:67:
7d:ae:c3:df:f7:d8:35:ba:83:ff:64:7b:d5:88:b6:70:32:7a:
75:2d:27:11:aa:c0:de:d2:0e:30:51:d9:24:93:63:9d:f6:81:
f8:db:87:9c:1f:3e:58:3a:7d:60:cf:16:b8:44:cc:b0:fc:c5:
d1:39:4c:1a:b0:b4:91:63:74:55:52:29:8a:0b:81:da:b0:9f:
ae:f8:4a:4a:52:1e:80:fd:fc:32:82:43:67:d8:09:f7:77:0c:
27:6e:ff:be:04:24:59:25:a6:24:b6:1d:0e:dc:a6:16:3d:c9:
ba:c6:c6:6b:64:17:e7:6f:80:7b:9c:75:ce:64:69:64:0f:32:
93:42:31:dc:fd:68:fe:15:d2:99:29:62:79:f1:d4:8a:53:3a:
5c:ab:cb:53:29:27:2f:65:6f:e9:3e:6e:87:27:24:88:62:7f:
e9:90:0b:51:69:35:e7:e8:4f:8d:f8:a7:ec:1f:f0:5d:42:a0:
7f:6a:6b:53
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcB8bl0Nu/fT2yrL7FoJ3DdrIymMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTAzMDYxMjQ4NTZaFw0yNjAzMDUxMjUzNTZaMDMxMTAvBgNV
BAMTKDc4MTc4RkQ3NDFGOTkxQTNFQjgyQzI0N0FFOTFEMUMwRTE5OEQ1QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMPwaK0JJOmkgroJocry3JHN1A
ywIMARtXUQtZ1yO5ADnWA2YofKRtZzqCeiCZZSPfaKd4k0lxU5BfRO1Pqi7hWh4X
9c20p7pOY+iSniH8XlEBXCalmgrA66EgMlNi7EtwZf4I6df5FB15iCVWW5VFeK0P
eMa06TObZRgMS89ZoNqDOvF2R8uQiBVsx68/Np+uD/nAZNAl1wEU0E5/h2PI5Ss1
eqgMDcL6p3Yz3Q+GqzdGZjuOSuDhiyCZsDvj0RCeBSkkI7jFQm+Wz8IovoOjS70P
KaCQIh0jzMJ7b6uQnsG2of1MkH5otHtfVg7epEDY0NTpucEjqufcDp/l2s+5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUeBeP10H5kaPrgsJHrpHRwOGY1aQwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE4Y
eTANBgkqhkiG9w0BAQsFAAOCAQEAGrnD0d8CqgODsKC4wahEg40f/EdMTcxxm4eJ
1Gg2uPCNx7Ifut2z28pmtYaqgl7hW8DwWtZk5WefsS4PUfeQLrZNxosbITBnfa7D
3/fYNbqD/2R71Yi2cDJ6dS0nEarA3tIOMFHZJJNjnfaB+NuHnB8+WDp9YM8WuETM
sPzF0TlMGrC0kWN0VVIpiguB2rCfrvhKSlIegP38MoJDZ9gJ93cMJ27/vgQkWSWm
JLYdDtymFj3JusbGa2QX52+Ae5x1zmRpZA8yk0Ix3P1o/hXSmSliefHUilM6XKvL
UyknL2Vv6T5uhyckiGJ/6ZALUWk15+hPjfin7B/wXUKgf2prUw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:53 2025 by rpki-client