Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
File: 3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: 039ywNabrQx9I0tZ+bhLbcvfXP2Crwwnk1x/1J0I+p4=
Subject key identifier: 40:34:11:AA:B2:1E:FE:A9:0B:F1:05:22:96:5E:64:28:BA:F3:12:4F
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 28BD68C9EC9F4002A945C17E984D82D714CD3039
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
Signing time: Tue 25 Mar 2025 13:53:58 +0000
ROA not before: Tue 25 Mar 2025 13:48:58 +0000
ROA not after: Tue 24 Mar 2026 13:53:58 +0000
asID: 209043
IP address blocks: 109.110.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:bd:68:c9:ec:9f:40:02:a9:45:c1:7e:98:4d:82:d7:14:cd:30:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 25 13:48:58 2025 GMT
Not After : Mar 24 13:53:58 2026 GMT
Subject: CN=403411AAB21EFEA90BF10522965E6428BAF3124F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:82:fe:2f:16:d9:7f:bd:99:fb:6d:fe:82:5d:
b7:b6:c1:8c:dc:dd:3f:68:8e:10:38:3d:51:b1:c7:
54:8a:64:72:6d:c7:9e:ce:bb:0e:59:aa:7a:59:2a:
fc:01:2c:03:64:b9:cd:9b:43:8f:49:1a:0d:e1:f5:
d3:81:83:45:38:7d:f5:31:0f:0e:77:2e:8e:ed:d5:
31:a9:d5:6f:62:25:e1:0f:3e:4c:a4:7d:f8:47:cf:
5c:50:e7:e5:9a:fe:d8:a6:3e:46:b9:67:d9:87:92:
1e:0f:0b:47:c6:97:dd:97:c1:ee:4e:86:4d:e9:99:
2f:a9:ed:0a:b3:02:2b:ed:73:c8:8b:55:33:2d:47:
f0:1d:b6:56:9e:58:14:b3:40:c2:e9:f9:61:21:d1:
3d:0d:3c:3d:64:e4:b2:89:56:64:a2:c7:c7:b4:fd:
d4:6a:e3:c1:50:a5:8d:f6:b1:34:39:00:a9:eb:17:
a5:b4:49:d3:bf:ee:cb:6c:aa:c3:93:97:b5:e5:fb:
0f:3f:0c:71:e8:ac:67:7a:2e:46:e4:0d:df:34:f7:
73:94:0c:44:b5:62:84:c0:8c:0e:a9:6c:dc:6c:5c:
22:2e:5c:f7:e5:ea:d2:55:63:bc:43:59:7e:c3:85:
a2:83:88:99:80:82:ec:43:12:b2:91:04:9d:44:11:
f8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:34:11:AA:B2:1E:FE:A9:0B:F1:05:22:96:5E:64:28:BA:F3:12:4F
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.186.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:8b:06:d7:f1:2b:f9:ab:4c:e0:b5:38:6a:b9:cc:56:50:6c:
b9:8b:ae:a6:5b:00:24:12:c2:e2:7e:af:1a:e7:da:5d:19:bb:
99:47:94:38:a8:0d:e8:c8:1c:0f:ae:12:8a:4c:4f:68:ae:27:
4c:c8:45:6a:ba:c8:3f:5c:85:97:63:d9:ee:99:90:9f:39:25:
65:63:84:0a:b9:ec:18:71:b3:ec:31:6c:96:4e:4b:c8:37:77:
ad:12:a0:ba:1d:43:4c:a5:1d:2d:ee:bd:bd:29:29:a0:3b:a7:
40:63:a2:bb:8e:d7:15:1b:e3:a7:75:07:0a:8d:72:46:1c:f0:
65:8b:9f:6c:77:3f:08:80:86:76:73:e9:60:1b:e1:c1:46:92:
ea:62:12:c1:d4:8c:7d:d2:9e:71:9b:fb:34:d8:15:1d:d5:f7:
52:71:81:6c:d2:af:91:92:2b:7c:ea:8a:85:e1:d6:4a:91:81:
7f:58:1a:92:c7:4d:c7:9a:83:c4:4a:95:4b:ed:4e:00:7a:4c:
98:19:55:99:86:e1:14:02:cb:6d:e3:39:6d:47:c4:af:e5:28:
27:12:fe:6b:90:0e:7d:e5:e7:0a:e9:26:15:00:22:af:d7:0b:
d2:31:f5:30:a2:2b:c0:1f:45:5d:b2:e4:08:c1:5b:a1:be:d2:
19:f8:fa:a5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKL1oyeyfQAKpRcF+mE2C1xTNMDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAzMjUxMzQ4NThaFw0yNjAzMjQxMzUzNThaMDMxMTAvBgNV
BAMTKDQwMzQxMUFBQjIxRUZFQTkwQkYxMDUyMjk2NUU2NDI4QkFGMzEyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkgv4vFtl/vZn7bf6CXbe2wYzc
3T9ojhA4PVGxx1SKZHJtx57Ouw5ZqnpZKvwBLANkuc2bQ49JGg3h9dOBg0U4ffUx
Dw53Lo7t1TGp1W9iJeEPPkykffhHz1xQ5+Wa/timPka5Z9mHkh4PC0fGl92Xwe5O
hk3pmS+p7QqzAivtc8iLVTMtR/AdtlaeWBSzQMLp+WEh0T0NPD1k5LKJVmSix8e0
/dRq48FQpY32sTQ5AKnrF6W0SdO/7stsqsOTl7Xl+w8/DHHorGd6LkbkDd8093OU
DES1YoTAjA6pbNxsXCIuXPfl6tJVY7xDWX7DhaKDiJmAguxDErKRBJ1EEfiZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQDQRqrIe/qkL8QUill5kKLrzEk8wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMwMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uujANBgkqhkiG9w0BAQsFAAOCAQEAH4sG1/Er+atM4LU4arnMVlBsuYuu
plsAJBLC4n6vGufaXRm7mUeUOKgN6MgcD64SikxPaK4nTMhFarrIP1yFl2PZ7pmQ
nzklZWOECrnsGHGz7DFslk5LyDd3rRKguh1DTKUdLe69vSkpoDunQGOiu47XFRvj
p3UHCo1yRhzwZYufbHc/CICGdnPpYBvhwUaS6mISwdSMfdKecZv7NNgVHdX3UnGB
bNKvkZIrfOqKheHWSpGBf1gaksdNx5qDxEqVS+1OAHpMmBlVmYbhFALLbeM5bUfE
r+UoJxL+a5AOfeXnCukmFQAir9cL0jH1MKIrwB9FXbLkCMFbob7SGfj6pQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:22:19 2025 by rpki-client