Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323132363039.roa
File: 3139332e33382e35332e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: ooOEdjEG5gMbm0bxvoDNUbs+tuGDApjRNmM4cVQdGcc=
Subject key identifier: FD:39:5E:50:91:E3:08:F9:48:43:38:C0:60:29:CA:C7:AC:43:92:76
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 740D48B81508252608262326F9C0AF981E7B44A3
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323132363039.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 212609
IP address blocks: 193.38.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:0d:48:b8:15:08:25:26:08:26:23:26:f9:c0:af:98:1e:7b:44:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=FD395E5091E308F9484338C06029CAC7AC439276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2c:2e:f5:4e:87:9a:76:1a:ce:ae:71:9b:e8:
b1:76:6a:6e:f5:79:c0:52:ee:b1:c9:bb:22:07:40:
03:db:78:23:b7:02:ef:e0:b1:21:f8:9c:af:8d:f3:
ca:14:24:11:46:08:e9:ce:9b:70:05:06:f8:a2:b3:
8d:fa:a6:54:88:1e:f0:8e:d1:54:71:a2:d7:20:1b:
c1:b8:5c:d8:64:c1:8d:23:24:00:8b:54:23:3d:99:
62:ed:61:a2:92:6e:0f:3f:59:6d:d5:38:f8:22:39:
1a:31:6a:ca:f0:4f:7e:da:91:5d:d5:cd:d1:41:1a:
eb:54:7e:91:d4:fb:5d:9c:6f:7c:17:bb:bd:fc:64:
53:22:6c:cc:ac:8f:b9:36:a2:2b:f7:c9:17:a7:b6:
31:39:d7:be:cf:a7:86:9a:42:cd:48:39:2d:81:9b:
2d:cf:1a:e2:d2:37:af:20:d7:d7:87:33:31:3c:2f:
50:9a:de:80:e1:89:b0:b8:15:03:26:75:58:39:6e:
3f:00:1f:c4:66:82:00:65:74:34:a6:25:7d:09:c8:
b1:f4:b6:11:d9:40:ae:36:0e:64:54:13:6e:da:9d:
d9:49:7c:5d:4d:cf:26:cb:09:ad:db:ea:4e:cc:91:
aa:db:95:d4:fa:cf:89:ec:be:e9:c6:18:32:d1:e9:
da:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:39:5E:50:91:E3:08:F9:48:43:38:C0:60:29:CA:C7:AC:43:92:76
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.53.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:bf:fb:fb:7d:2a:c7:11:57:b7:0a:13:ba:c3:67:e8:57:1b:
b5:70:1f:63:58:3f:2b:5f:e9:17:03:44:9c:61:2d:5c:5e:c3:
b4:f0:33:1d:e4:01:fa:d2:54:8e:ce:0a:65:18:1c:a3:e0:0d:
01:2a:89:f5:ba:3a:47:56:94:ac:8e:b5:18:46:e6:85:0b:10:
92:c6:e1:ce:70:eb:80:f0:ad:39:6d:bd:89:b8:8b:1a:3c:e9:
ac:b2:fb:d9:7d:57:c6:c0:4c:70:b0:fb:b3:63:7f:23:42:94:
18:14:d7:ec:66:24:e8:9c:55:e1:0a:be:8f:b8:02:56:30:b6:
8e:cd:e1:25:61:07:f6:8a:2e:1b:d8:9f:2c:7c:27:22:65:09:
9c:b5:9b:8e:30:d1:5d:ee:21:b0:74:dc:c2:e1:0a:fc:b5:4b:
2d:b8:b3:35:78:8d:d5:10:05:0f:f2:cd:54:9d:27:1b:16:7f:
e5:33:e8:c4:db:55:36:b4:a2:89:9c:6b:d3:99:86:d8:77:39:
e1:f2:5d:05:5d:e4:df:00:9c:a5:ce:a3:2e:53:c3:af:0b:38:
a3:6d:30:27:45:82:7b:3d:b3:1b:9a:ae:07:84:06:5f:b1:a6:
6a:d3:55:59:0f:3b:f3:e8:3c:02:ad:a5:60:49:eb:bf:5f:4a:
64:8b:10:04
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdA1IuBUIJSYIJiMm+cCvmB57RKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKEZEMzk1RTUwOTFFMzA4Rjk0ODQzMzhDMDYwMjlDQUM3QUM0MzkyNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjLC71ToeadhrOrnGb6LF2am71
ecBS7rHJuyIHQAPbeCO3Au/gsSH4nK+N88oUJBFGCOnOm3AFBviis436plSIHvCO
0VRxotcgG8G4XNhkwY0jJACLVCM9mWLtYaKSbg8/WW3VOPgiORoxasrwT37akV3V
zdFBGutUfpHU+12cb3wXu738ZFMibMysj7k2oiv3yRentjE5177Pp4aaQs1IOS2B
my3PGuLSN68g19eHMzE8L1Ca3oDhibC4FQMmdVg5bj8AH8RmggBldDSmJX0JyLH0
thHZQK42DmRUE27andlJfF1NzybLCa3b6k7MkarbldT6z4nsvunGGDLR6donAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/TleUJHjCPlIQzjAYCnKx6xDknYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM4MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzYzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSY1MA0GCSqGSIb3DQEBCwUAA4IBAQAPv/v7fSrHEVe3ChO6w2foVxu1cB9jWD8r
X+kXA0ScYS1cXsO08DMd5AH60lSOzgplGByj4A0BKon1ujpHVpSsjrUYRuaFCxCS
xuHOcOuA8K05bb2JuIsaPOmssvvZfVfGwExwsPuzY38jQpQYFNfsZiTonFXhCr6P
uAJWMLaOzeElYQf2ii4b2J8sfCciZQmctZuOMNFd7iGwdNzC4Qr8tUstuLM1eI3V
EAUP8s1UnScbFn/lM+jE21U2tKKJnGvTmYbYdznh8l0FXeTfAJylzqMuU8OvCzij
bTAnRYJ7PbMbmq4HhAZfsaZq01VZDzvz6DwCraVgSeu/X0pkixAE
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:44:01 2025 by rpki-client