Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232302e302f32342d3234203d3e203630393439.roa
File: 3138352e342e3232302e302f32342d3234203d3e203630393439.roa (raw, json)
Hash identifier: EGPBZ6KXJkaBph9jL61mP+OR5ShyTCpuVki8KuzUNMs=
Subject key identifier: 3D:80:9E:76:53:25:07:B9:09:30:2C:A5:63:CC:8F:89:BB:65:D6:60
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 5216E182B33F3EC0B46C68E64D33021DF31D1299
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232302e302f32342d3234203d3e203630393439.roa
Signing time: Wed 29 Jan 2025 13:39:17 +0000
ROA not before: Wed 29 Jan 2025 13:34:17 +0000
ROA not after: Wed 28 Jan 2026 13:39:17 +0000
asID: 60949
IP address blocks: 185.4.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:16:e1:82:b3:3f:3e:c0:b4:6c:68:e6:4d:33:02:1d:f3:1d:12:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 29 13:34:17 2025 GMT
Not After : Jan 28 13:39:17 2026 GMT
Subject: CN=3D809E76532507B909302CA563CC8F89BB65D660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:13:ab:3b:06:48:aa:68:bd:d7:3f:97:66:85:
19:81:ba:ea:41:ba:27:77:e8:48:34:5d:33:a2:4f:
33:36:37:18:8c:fa:ae:6f:66:a8:4b:90:03:20:64:
b5:9c:f2:4a:6f:16:d4:e1:d5:04:a3:71:23:07:3b:
72:fd:7d:6a:a3:df:11:6b:94:92:b3:b9:0c:11:aa:
b7:9b:f7:fb:99:d9:df:d3:25:3f:f3:93:50:f0:b1:
58:bc:52:c9:67:ac:89:62:24:3a:c1:14:f6:97:18:
bd:42:9c:8e:50:24:2d:91:03:57:65:a0:a1:64:7c:
69:9e:bd:e9:d0:61:fa:85:84:bf:e5:37:56:76:ca:
32:fc:52:8f:54:a3:05:87:3e:e1:f4:2d:36:fc:bb:
70:a4:b4:dd:74:35:78:67:34:79:f6:a3:5f:66:5c:
49:d0:14:ac:93:41:9f:ee:cb:d3:28:aa:56:c7:bb:
44:e6:48:4e:b9:b0:2c:a4:7b:79:d9:af:86:81:92:
18:82:5f:25:74:75:c7:71:f2:03:24:da:1a:48:82:
5b:51:59:b7:1d:fe:6f:19:b0:49:e6:f5:a8:7b:bf:
a5:66:fd:33:d8:75:05:75:46:d4:a5:9e:8c:68:06:
df:17:df:f7:bd:50:ee:ac:81:a4:fd:ee:fb:f5:89:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:80:9E:76:53:25:07:B9:09:30:2C:A5:63:CC:8F:89:BB:65:D6:60
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232302e302f32342d3234203d3e203630393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.220.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cb:74:d9:d1:d0:3f:97:dc:3a:93:e9:e6:93:39:40:0a:82:
ce:60:0c:a1:40:0a:d3:55:52:10:7d:5d:bc:b2:1c:71:73:b1:
25:88:87:d0:b9:ef:23:2b:2b:dd:88:b5:e9:0c:1a:39:05:e3:
44:ed:6f:fe:9b:71:e6:1b:14:00:4e:56:95:ff:99:cf:9d:90:
32:bd:8c:a4:33:08:eb:ab:42:bb:51:3e:ec:e5:7c:d6:cb:b4:
c8:22:3c:fd:a1:09:81:4e:b1:20:9a:74:5d:89:30:41:96:23:
ff:d6:1c:f5:b9:84:3d:58:cc:d8:8b:e9:22:68:ad:3e:ba:39:
e3:50:b5:3f:6c:a4:13:01:04:c5:18:ae:00:43:dd:bf:a9:e2:
c6:24:27:16:65:b5:00:2a:d6:41:39:9a:b5:66:47:79:26:89:
ed:77:e4:79:f3:64:80:22:d0:88:47:b2:00:73:75:e2:c0:6a:
fd:74:ae:0d:43:a6:51:f9:26:27:72:8b:08:cf:57:b6:f2:5e:
9b:d9:75:2d:ca:b9:ad:07:6b:36:42:03:24:e5:e3:aa:9f:06:
6c:8e:c7:e6:8e:e9:eb:51:e3:98:99:f3:06:06:eb:ef:73:0a:
b4:c9:42:a9:e2:30:c6:69:dd:1e:e9:a4:28:31:bf:c2:80:22:
45:da:67:5c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUhbhgrM/PsC0bGjmTTMCHfMdEpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAxMjkxMzM0MTdaFw0yNjAxMjgxMzM5MTdaMDMxMTAvBgNV
BAMTKDNEODA5RTc2NTMyNTA3QjkwOTMwMkNBNTYzQ0M4Rjg5QkI2NUQ2NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZE6s7BkiqaL3XP5dmhRmBuupB
uid36Eg0XTOiTzM2NxiM+q5vZqhLkAMgZLWc8kpvFtTh1QSjcSMHO3L9fWqj3xFr
lJKzuQwRqreb9/uZ2d/TJT/zk1DwsVi8UslnrIliJDrBFPaXGL1CnI5QJC2RA1dl
oKFkfGmevenQYfqFhL/lN1Z2yjL8Uo9UowWHPuH0LTb8u3CktN10NXhnNHn2o19m
XEnQFKyTQZ/uy9MoqlbHu0TmSE65sCyke3nZr4aBkhiCXyV0dcdx8gMk2hpIgltR
Wbcd/m8ZsEnm9ah7v6Vm/TPYdQV1RtSlnoxoBt8X3/e9UO6sgaT97vv1iWpxAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUPYCedlMlB7kJMCylY8yPibtl1mAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzNDJlMzIzMjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM5MzQzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkE
3DANBgkqhkiG9w0BAQsFAAOCAQEANMt02dHQP5fcOpPp5pM5QAqCzmAMoUAK01VS
EH1dvLIccXOxJYiH0LnvIysr3Yi16QwaOQXjRO1v/ptx5hsUAE5Wlf+Zz52QMr2M
pDMI66tCu1E+7OV81su0yCI8/aEJgU6xIJp0XYkwQZYj/9Yc9bmEPVjM2IvpImit
Pro541C1P2ykEwEExRiuAEPdv6nixiQnFmW1ACrWQTmatWZHeSaJ7XfkefNkgCLQ
iEeyAHN14sBq/XSuDUOmUfkmJ3KLCM9XtvJem9l1Lcq5rQdrNkIDJOXjqp8GbI7H
5o7p61HjmJnzBgbr73MKtMlCqeIwxmndHumkKDG/woAiRdpnXA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:17:39 2025 by rpki-client